Comment by jcollins
Tailscale Operator for Kubernetes sounds like it'd fit your second bullet point. It's has a really good experience. I've only used for my person homelab but I've been more than impressed by it.
Tailscale Operator for Kubernetes sounds like it'd fit your second bullet point. It's has a really good experience. I've only used for my person homelab but I've been more than impressed by it.
Instead of mDNS, they could update a DNS record for a subdomain (techno00.dev.thecompany.com, preferably under a different domain than your real one) to their local IP address and then do the DNS-01 challenge on LetsEncrypt to get a valid TLS cert for the subdomain. Then the only problem is some routers block DNS responses with RFC-1918 IP addresses, but everyone is using DoT/DoH by now, right? ... right?
It could however I specified mDNS so other developers won't be required to use tailscale (or to run a dns server)