tailscale
k8s-operator: Error Parsing TS_LOCAL_ADDR_PORT with IPv6 Address in IPV6 cluster
What is the issue?
While deploying a subnet router connector in an IPv6-only Kubernetes cluster, Tailscale fails to start due to an error parsing the TS_LOCAL_ADDR_PORT environment variable.
Error Message:
tailscale boot: 2025/04/22 14:27:09 Using tailscaled config file "/etc/tsconfig/cap-107.hujson" to match current capability version 113
tailscale boot: 2025/04/22 14:27:09 invalid configuration: invalid configuration: error parsing TS_LOCAL_ADDR_PORT value "2600:1f10:4bdf:e001:f0bd::8:9002": invalid ip:port "2600:1f10:4bdf:e001:f0bd::8:9002", IPv6 addresses must be surrounded by square brackets
Workaround: Enclosing the IPv6 address in square brackets, like [2600:1f10:4bdf:e001:f0bd::8]:9002, resolves the issue.
Steps to reproduce
Set up an IPv6-only Kubernetes cluster.
Deploy a Tailscale connector pod.
apiVersion: tailscale.com/v1alpha1
kind: Connector
metadata:
name: example
spec:
tags:
- tag:k8s
exitNode: true
---
apiVersion: tailscale.com/v1alpha1
kind: ProxyClass
metadata:
name: prod
spec:
tailscale:
acceptRoutes: true
metrics:
enable: true
serviceMonitor:
enable: true
Are there any recent changes that introduced the issue?
No response
OS
No response
OS version
Linux (5.10.234-225.921.amzn2.x86_64)
Tailscale version
1.82.0
Other software
No response
Bug report
No response
This is a bit tricky to resolve cleanly given the environment variables we already support. It's a bit ugly, but off the top of my head... given we don't explicitly set the IP family on any Pods the operator creates, we could have the operator read its own Pod's status to find the primary IP family and then use that to set the IP:port env vars correctly with the expectation that their primary IP family will match the operator's. Any holes in that logic, or better solutions?
