From 2b2b065a96aecd73106d6546d12e316fb8d149e9 Mon Sep 17 00:00:00 2001 From: Adriano Sela Aviles Date: Sun, 15 Mar 2026 10:05:55 -0700 Subject: [PATCH] tailcfg: new node capability "service-details" --- tailcfg/tailcfg.go | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go index 04389faba..3302118ee 100644 --- a/tailcfg/tailcfg.go +++ b/tailcfg/tailcfg.go @@ -2693,6 +2693,13 @@ const ( // (replace conflicting keys). NodeAttrServiceHost NodeCapability = "service-host" + // NodeAttrServiceDetails carries the full details of VIP services that + // this node is approved to serve, including their names, assigned IP + // addresses, port requirements, and application-specific annotations + // (e.g. proxy service configuration). There is exactly one value for this + // key in [NodeCapMap], of type []*[ServiceDetail]. + NodeAttrServiceDetails NodeCapability = "service-details" + // NodeAttrMaxKeyDuration represents the MaxKeyDuration setting on the // tailnet. The value of this key in [NodeCapMap] will be only one entry of // type float64 representing the duration in seconds. This cap will be @@ -3310,6 +3317,26 @@ const LBHeader = "Ts-Lb" // this client is hosting can be ignored. type ServiceIPMappings map[ServiceName][]netip.Addr +// ServiceDetail describes a VIP service that the control plane has approved a +// node to serve. It is used as the element type of the []*[ServiceDetail] +// value sent via [NodeAttrServiceDetails]. +type ServiceDetail struct { + // Name is the name of the service, of the form "svc:dns-label". + Name ServiceName + + // Addrs are the IP addresses (IPv4 and IPv6) assigned to this service. + Addrs []netip.Addr `json:",omitempty"` + + // Ports are the protocol/port combinations the service is expected to + // accept. + Ports []ProtoPortRange `json:",omitempty"` + + // Annotations are application-specific key-value pairs associated with + // the service, e.g. proxy configuration stored under the key + // "proxy/service-configuration". + Annotations map[string]string `json:",omitempty"` +} + // ClientAuditAction represents an auditable action that a client can report to the // control plane. These actions must correspond to the supported actions // in the control plane.