Closed m-bers closed 2 years ago
DentonGentry
commented
2 years ago The ephemeral node is supposed to clear all of its state and disappear from the admin panel about an hour after it drops out of contact with the control server.
Could you send the name of the account you use with Tailscale and the IP address of one of the ephemeral nodes which hasn't disappeared to support@tailscale.com?
m-bers
commented
2 years ago The ephemeral node is supposed to clear all of its state and disappear from the admin panel about an hour after it drops out of contact with the control server.
I didn't leave any of them active in the tailnet for that long (I waited about 10 minutes before deleting them manually), so that's probably why I didn't encounter their eventual deletion. Sorry about that, I will close the issue.
For what it's worth, the account is tied to this GitHub account, and the tailnet ID is m-bers.github
DentonGentry
commented
2 years ago I think there really is a problem: an ephemeral node which runs for just a brief time and then shuts down is supposed to remain in the machine list for about an hour, then disappear. If you're having to manually delete nodes created using ephemeral keys, then something is definitely going wrong.
I checked the tailnet associated with m-bers.github and I don't currently see any nodes which look like this has happened. However if it happens again, sending the IP address of the ephemeral node and the URL of this issue to support@tailscale.com will let us look into it.
m-bers
commented
2 years ago I don't think this is an issue, since I was merely being impatient. I saw the ephemeral key was deleted the instant it was consumed and I assumed the node in the tailnet would also immediately delete itself when it disconnects (i.e. when the workflow completes). I did not leave any nodes in the tailnet in a disconnected state for an hour--if I had I'm sure they would have been deleted as you said.
Just to be sure I will do a few more workflows and not delete the tailnet nodes, then see how long it takes for them to disappear and get back to you. In any case I appreciate the feedback and I think you have a wonderful tool here! When I saw that Tailscale + GitHub actions exists, it blew my mind.
Referenced here: https://github.com/tailscale/github-action/pull/31
If I understand the intended behavior of this action based on @DentonGentry's comment, once a user supplies an ephemeral auth key (generated in the Tailscale admin portal) via GitHub secrets, the machine should delete itself from the tailnet when the workflow completes.
This is NOT what it does at least in my experience. When an ephemeral auth key is used, the key does delete itself when it is consumed but the node remains in my tailnet until I delete it manually.