Fixed tailscale node IP dualstack mode in case of IPv4 only node

[rbrtbnfgl]

Proposed Changes

Changed the IP used on tailscale always as dualstack keeping the node-ip configured ordering to keep #8020 fixed and fix #8459 regression

Types of Changes

Bugfix

Verification

Testing

Linked Issues

#8459

User-Facing Change

Further Comments

[codecov]

Codecov Report

Attention: 11 lines in your changes are missing coverage. Please review.

Comparison is base (00fc5a2) 19.71% compared to head (655235c) 51.52%.
Report is 6 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #8524       +/-   ##
===========================================
+ Coverage   19.71%   51.52%   +31.80%     
===========================================
  Files          84      143       +59     
  Lines        7840    14850     +7010     
===========================================
+ Hits         1546     7651     +6105     
+ Misses       6059     6003       -56     
- Partials      235     1196      +961     

Flag	Coverage Δ
e2etests	49.32% <0.00%> (?)
inttests	43.22% <0.00%> (?)
unittests	19.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
pkg/cli/server/server.go	62.33% <0.00%> (ø)
pkg/agent/config/config.go	52.59% <0.00%> (ø)

... and 117 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[manuelbuil]

This PR will allow dual-stack deployments on nodes that are not dual-stack when using tailscale, right? One thing I am missing is a check which verifies that both vpnInfo.IPv4Address and vpnInfo.IPv6Address exist when appending them to vpnIPs. In headscale you can configure singleStack mode for the tailscale interface

[manuelbuil]

If we are in a ipv4-only node and we deploy k3s-dualStack with tailscale, what happens to ipv6 traffic from pods? I guess if it stays internal to the cluster, it will work, right? If it is external to the cluster (internet) it will fail, right?

Same scenario but a different question: what if I want to access the pod from the node using its ipv6 address?

[brandond]

I think this will work if the node just doesn't have an IPv6 address assigned, but I am curious what will happen if the user has used sysctls or kernel args to disable ipv6 at a system-wide level. will it break?

[rbrtbnfgl]

If the node has no public IPv6 the pods can use IPv6 to communicate between them but have no IPv6 internet connection. If the IPv6 address is disabled on the kernel I think tailscale will not configure any IPv6 on the node and K3s will only use IPv4.

[manuelbuil]

Looking forward to see how people break this new tailscale patch. They are so wonderfully creative 🤣