Closed gawertm closed 2 weeks ago
Possible alternatives:
we need to define hard requirements first and and nice to have features
Headscale seems to be designed to only allow single Tailnet (Tailscale Network). This means that we need to run 1 headscale per cluster, cause we can't share tailnet across customer, as all nodes in single tailnet can communicate to each other.
Based on the exploration for alternatives, I couldn't spot any popular, and reliable open-source projects that's playing in this zero-trust access field.
The only open-source project that come close is Boundary by Hashicorp with it's BSL license. Additionally, Boundary's dependency on Vault may introduce further complexity.
What are you thoughts on this? @gawertm @teemow
Maybe, now with Teleport license change, there will be rise of open source projects to counter that. I also think, it's because Teleport community edition or Hashicorp Boundary fills the void, so nobody found the urge develop truely open-source version of it, like headscale
did for tailscale
(A closed source coordination server)
decided on Monday 10th June 2024, that for now we will continue with teleport as we are still under their given limits. Even if we reach the limits, we might be able to compile the binaries ourselves under the agpl license. but we will need to deal with that only once we hit the limit
Following the teleport license change https://gigantic.slack.com/archives/C02BM8B09/p1711526979809279
we want to check the alternatives, to be prepared for further changes. Maybe we will also need to take a decision to buy teleport eventually.