TL;DR Our installer allows Tailscale to be installed somewhere other than C:\Program Files. Since we add it to the PATH, maybe using the shell to query for its location might be better?

CC @rosszurowski

As of SDK v0.2.3, there are new Docker image labels we can use to customize our extension's display in the marketplace. This is a tracking issue to add support for these new labels: https://docker-desktop-extensions.netlify.app/extensions/labels/

How do we know which Tailscale version is running? How do we know which extension version is running? How can users contact support for issues? All this would be useful to add.

Currently when navigating to the Docker extension tab, we need to load the webpage, and then fetch the latest state from Tailscale before we can show anything to users. This means there's usually 300-600ms of loading before anything happens.

I timed it, and it takes 8ms to start up the React page's render, but ~300ms to reach out to the Tailscale service inside the VM. We can trim this down by saving the latest Tailscale state to localStorage so that on subsequent reloads, we have some initial state to show while we revalidate.

Things to consider:

• How does this work for users who don't have MagicDNS turned on?
• How do we inform people of which format (IP or DNS) to use?
• Are there situations where MagicDNS won't work and we'd want to defer to the IP?

Ubuntu22.04

After upgrading to Docker Desktop v4.15.0, Tailscale extension no longer connects. I tried a clean reinstall of Docker Desktop to no avail.

It may also worth mentioning that I have containerd feature enabled.

A few times in the past (eg. #48) we've forgotten to update the latest Docker image after making changes in this repository. We should set up proper CI to publish the latest image once we've tagged a release.

Someone had a bumpy experience where they were running a container and trying to access it over Tailscale, but it wasn't showing up in the list. It seems like the container didn't have publicly exposed ports, but without us telling them that, it seems hard to debug.

Let's update the container view to include information about containers which are running but don't have exposed ports, and give steps to resolve that.

Hello!

As in the title; would it be possible to enable Tailscale SSH when logging in, or modify the tailscale up options?

Thank you kindly for the help!

Setup

• Docker Desktop with Tailscale extension v0.0.13
• Start containers with docker-compose - no networking specified; each container has a name in docker-compose
• Each container shows a unique name in docker desktop as expected ✅

Expected

• Tailscale also gives each container a unique ip -> magic dns name

Actual

• Tailscale gives them all the same 100. IP address:

• Enabling MagicDNS shows they're all assigned to the same docker-desktop dns name (host networking is not enabled):

Installing this extension seems to have installed Tailscale in Docker Desktop somehow.

But the version is outdated. How can one upgrade Tailscale inside Docker for Windows?

Currently we deploy the image via manually managing tag versions and a script in the Makefile. We should move this to run entirely in CI.

I notice that the Tailscale docker extension code has been updated to version 1.32.2. However, in my Tailscale admin console the node running the docker extension shows that it only uses Tailscale 1.30.2. I installed the extension via Docker Hub and the last version of the extension available is 0.0.14.

Is there something I need to do to update my docker extension to 1.32.2?

Thanks,

Do I understand correctly that this can only work with docker desktop "extensions" ? If so, is there any way to achieve similar functionality using other means on products such as podman ?

Docker recently launched (or is about to launch) support for Docker Desktop on Linux desktops. We should test the extension to ensure it works on the platforms supported by Docker Desktop.

/cc @DentonGentry

Let me start with the most obvious: I'm a complete n00b, even more so when it comes to Tailscale. And English is not my mother tongue. The following might be my misinterpretation of something. Please excuse my errors.

Versions in use

• macOS 10.15.7, SecUpd 2022-004
• Docker Desktop 4.9.0 (80466)
• Tailscale macOS AppStore client 1.24.2
• Tailscale Docker-Extension 0.0.10
• Tailscale Docker-Extention tailscaled v1.22.1, Go 1.17.8, started with '--tun=userspace-networking'

Other info for completness' sake:

• Services [collection] enabled
• Global Nameserver enabled (as 100.106.200.48); Override local DNS _DIS_abled
• MagicDNS enabled (as always: 100.100.100.100)
• No ACLs set (other than defaults)
• Authentication for all tailscaled's using the same user ([email protected])

Observation

After upgrading the Docker Desktop.app from from 4.8.2,79419 to 4.9.0,80466 the Tailscale Docker-Extension claims Your host device is not running Tailscale and No containers are running.

Both is not really correct.

• The Tailscale AppStore client installed on the host is running just fine, and there are containers running as well.
• The log shows no errors.
• The web admin machines console (login.tailscale.com/admin/machines) shows the client, as well as the docker extension as connected.
• The web admin services console (login.tailscale.com/admin/services) shows the ssh service of the client, as well as the various tcp ports of the containers running as available.
• Testing connection to the client works.
• Testing connection to some container works as well. Both with the LAN IP as well as with the tailscale IP and the tailscale FQDN (hostname.mydomain.tld.beta.tailscale.net)

There seems to be no problem (except a "cosmetic" one?)

Some weird observation:

Docker Desktop.app > Dashboard should show the Tailscale extension in the left sidebar, unter the "Extensions beta" header.

Restarting the DD.app with the [macOS] menu bar Docker icon and choosing "Restart" will drop/hide the Tailscale extension in the Dashboard.
Restarting the DD.app by quitting and opening again, will show the Tailscale extension in the Dashboard again. O_-

The Tailscale extension container _ is _ running all the time, as can be seen in the DD.app > Dashboard > Containers > tailscale_docker-extension-desktop-extension, it's just the display in the Dashboard that is broken. Which somehow confirms my uneducated assumption that this is a cosmetic problem. It _ does _ say "beta" on the tin.

Some other peculiar observation:

Quitting and Opening (as opposed to "Restart") the Docker Desktop.app and waiting some, will eventually show the running containers in the Tailscale extension overview.
The error No containers are runningis then gone. The error Your host device is not running Tailscale is still shown.

To make it easier to test changes with a control server, it'd be nice to have a control server picker like our desktop clients. Maybe in the dropdown menu by holding option or something.

THIS IS NOT AN ISSUE - just a feature request.
Please delete, if this is not the correct way to bring it up.

The version of the Docker extension always seems to lag behind the current version of the standalone program and the apps published in the app stores (or for qpkg, as far as I can tell).

This is not a problem in itself, but could become one if security-related fixes are included in the updated version. In addition, the tailscale console always indicates that an update is available - which is not correct.

It would be great if it could be realized to update the Docker extension along with everything else.

Thank you. :)

Blocked on https://github.com/tailscale/corp/issues/3665

New builds of Docker Desktop support a new URL scheme (docker-desktop://dashboard/open), which opens the Docker Desktop app. It'd be nice to add this to the end of the login flow for Docker logins.

This Docker Desktop extension claims the host does not have tailscale installed, but I definitely have the Mac App Store version installed, authenticated, and operational.

We have a button that allows users to open a container directly in their browser. We also have a warning that appears when their host device and Docker extension aren't on the same Tailscale network.

However, it's easy to start to ignore the big warning and treat it as a header. Perhaps we can display it less prominently in most cases, and instead prompt them in contextually relevant places. For example, when pressing "open in browser," maybe we can have a dialog that warns them that they won't be able to open the link before we pop them off to their browser?