这是用户在 2024-7-27 6:04 为 https://tailscale.com/blog/new-internet 保存的双语快照页面,由 沉浸式翻译 提供双语支持。了解如何保存?
[Aug 6 Webinar] Scaling Tailscale programmatically with IaC [8 月 6 日网络研讨会] 使用 IaC 以编程方式扩展 Tailscale
Get started 开始使用
Login 登录
WireGuard is a registered trademark of Jason A. Donenfeld.
WireGuard 是 Jason A. Donenfeld 的注册商标。
© 2024 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.
© 2024 Tailscale Inc. 保留所有权利。Tailscale 是 Tailscale Inc. 的注册商标。
Go back 返回

The New Internet 新互联网

16 mins 16 分钟July 26 2024 2024 年 7 月 26 日
Avery Pennarun
Avery Pennarun
Share Article 分享文章

Avery Pennarun is the CEO and co-founder of Tailscale. A version of this post was originally presented at a company all-hands.
Avery Pennarun 是 Tailscale 的 CEO 和联合创始人。本文的版本最初是在公司全体员工大会上发布的。

We don’t talk a lot in public about the big vision for Tailscale, why we’re really here. Usually I prefer to focus on what exists right now, and what we’re going to do in the next few months. The future can be distracting.
我们很少在公开场合谈论 Tailscale 的宏伟愿景,以及我们存在的真正目的。我通常更喜欢关注现在已经存在的东西,以及我们未来几个月要做什么。未来可能会让人分心。

But increasingly, I’ve found companies are starting to buy Tailscale not just for what it does now, but for the big things they expect it’ll do in the future. They’re right! Let’s look at the biggest of big pictures for a change.
但我越来越发现,公司开始购买 Tailscale 不仅仅是为了它现在能做什么,而是为了他们期望它在未来能做的大事。他们是对的!让我们换个角度,看看最宏大的愿景。

But first, let’s go back to where we started.
但是首先,让我们回到起点。

Old 旧的

David Crawshaw’s first post that laid out what we were doing, long long ago in the late twenty-teens, was called Remembering the LAN, about his experience doing networking back in the 1990s.
David Crawshaw 很久以前,在二十一世纪十年代末,写了一篇名为《Remembering the LAN》的博文,阐述了我们正在做的事情,文章讲述了他 1990 年代做网络的经历。

I have bad news: if you remember doing LANs back in the 1990s, you are probably old. Quite a few of us here at Tailscale remember doing LANs in the 1990s. That’s an age gap compared to a lot of other startups. That age gap makes Tailscale unusual.
我有个坏消息:如果你还记得 1990 年代做局域网,那你可能老了。我们 Tailscale 的很多人还记得 1990 年代做局域网。这与许多其他初创公司相比,存在着年龄差距。这种年龄差距让 Tailscale 显得与众不同。

Anything unusual about a startup can be an advantage or a disadvantage, depending what you do with it.
初创公司中任何不寻常之处都可能成为优势或劣势,这取决于你如何利用它。

Mature 成熟的

Here’s another word for “old” but with different connotations.
这里有一个“老”的同义词,但含义不同。

I’m a person that likes looking on the bright side. There are disadvantages to being old, like I maybe can’t do a 40-hour coding binge like I used to when I wrote my first VPN, called Tunnel Vision, in 1997. But there are advantages, like maybe we have enough experience to do things right the first time, in fewer hours. Sometimes. If we’re lucky.
我是一个喜欢往好处想的人。变老确实有缺点,比如我可能无法像以前那样连续 40 小时写代码了,就像 1997 年我写第一个 VPN 程序“隧道视野”时那样。但也有优点,比如我们可能积累了足够的经验,可以第一次就把事情做对,而且用时更少。有时是这样。如果我们幸运的话。

And maybe, you know, if you’re old enough, you’ve seen the tech cycle go round a few times and you’re starting to see a few patterns.
也许,你知道,如果你年纪够大,你已经看到过科技周期几次循环,并且开始发现一些模式。

That was us, me and the Davids, when we started Tailscale. What we saw was, a lot of things have gotten better since the 1990s. Computers are literally millions of times faster. 100x as many people can be programmers now because they aren’t stuck with just C++ and assembly language, and many, many, many more people now have some kind of computer. Plus app stores, payment systems, graphics. All good stuff.
那正是我们,我和大卫们,在创办 Tailscale 时所看到的。我们发现,自 1990 年代以来,很多事情都变得更好了。计算机的速度快了数百万倍。现在有 100 倍的人可以成为程序员,因为他们不再局限于 C++ 和汇编语言,而且现在有更多、更多、更多的人拥有某种类型的计算机。再加上应用商店、支付系统、图形。所有这些都是好东西。

But, also things have gotten worse. A lot of day-to-day things that used to be easy for developers, are now hard. That was unexpected. I didn’t expect that. I expected I’d be out of a job by now because programming would be so easy.
但是,情况也变得更糟了。许多过去对开发者来说很容易的日常工作,现在变得很困难。这是意料之外的。我没想到会这样。我以为现在我已经失业了,因为编程会变得如此容易。

Instead, the tech industry has evolved into an absolute mess. And it’s getting worse instead of better! Our tower of complexity is now so tall that we seriously consider slathering LLMs on top to write the incomprehensible code in the incomprehensible frameworks so we don’t have to.
相反,科技行业已经演变成一团糟。而且情况越来越糟,而不是越来越好!我们复杂性的塔楼现在已经如此之高,以至于我们认真考虑在上面涂抹 LLMs 来编写难以理解的代码,使用难以理解的框架,这样我们就不必这样做。

And you know, we old people are the ones who have the context to see that.
你知道,我们这些老家伙才有足够的阅历来理解这一切。

It’s all fixable. It doesn’t have to be this way.
这一切都可以解决。 不必这样。

Before I can tell you a vision for the future I have to tell you what I think went wrong.
在我告诉你我对未来的愿景之前,我必须告诉你我认为哪里出了问题。

Not scaling 无法扩展

Programmers today are impatient for success. They start planning for a billion users before they write their first line of code. In fact, nowadays, we train them to do this without even knowing they’re doing it. Everything they’ve ever been taught revolves around scaling.
如今的程序员渴望成功。他们在写下第一行代码之前就开始计划着如何服务十亿用户。事实上,现在我们训练他们这样做,甚至他们自己都不知道。他们所接受的教育都围绕着扩展性。

We’ve been falling into this trap all the way back to when computer scientists started teaching big-O notation. In big-O notation, if you use it wrong, a hash table is supposedly faster than an array, for virtually anything you want to do. But in reality, that’s not always true. When you have a billion entries, maybe a hash table is faster. But when you have 10 entries, it almost never is.
我们一直掉进这个陷阱,一直追溯到计算机科学家开始教授大 O 表示法的时候。在大 O 表示法中,如果你使用不当,哈希表在几乎所有你想做的事情上都比数组快。但实际上,情况并非总是如此。当你有十亿个条目时,哈希表可能更快。但当你只有 10 个条目时,它几乎永远不会更快。

People have a hard time with this idea. They keep picking the algorithms and architectures that can scale up, even when if you don’t scale up, a different thing would be thousands of times faster, and also easier to build and run.
人们很难理解这个概念。他们总是选择那些可以扩展的算法和架构,即使你不扩展,另一种方法也会快上千倍,而且更容易构建和运行。

Even I can barely believe I just said thousands of times easier and I wasn’t exaggerating.
即使是我自己也几乎不敢相信我刚刚说了“容易了成千上万倍”,而且我并没有夸张。

I read a post recently where someone bragged about using kubernetes to scale all the way up to 500,000 page views per month. But that’s 0.2 requests per second. I could serve that from my phone, on battery power, and it would spend most of its time asleep.
我最近看到一篇帖子,有人吹嘘使用 Kubernetes 将流量扩展到每月 50 万次页面浏览量。但这只有每秒 0.2 个请求。我可以用手机,在电池供电的情况下,就能提供这样的服务,而且它大部分时间都在休眠状态。

In modern computing, we tolerate long builds, and then docker builds, and uploading to container stores, and multi-minute deploy times before the program runs, and even longer times before the log output gets uploaded to somewhere you can see it, all because we’ve been tricked into this idea that everything has to scale. People get excited about deploying to the latest upstart container hosting service because it only takes tens of seconds to roll out, instead of minutes. But on my slow computer in the 1990s, I could run a perl or python program that started in milliseconds and served way more than 0.2 requests per second, and printed logs to stderr right away so I could edit-run-debug over and over again, multiple times per minute.
在现代计算中,我们容忍漫长的构建过程,然后是 Docker 构建,上传到容器存储,以及多分钟的部署时间,直到程序运行,甚至更长时间才能将日志输出上传到某个地方供你查看,这一切都是因为我们被骗了,认为一切都必须扩展。人们对部署到最新的新兴容器托管服务感到兴奋,因为它只需要几十秒就能完成,而不是几分钟。但在 90 年代,在我的慢速电脑上,我可以运行一个 Perl 或 Python 程序,它在几毫秒内启动,每秒处理的请求远远超过 0.2 个,并将日志立即打印到 stderr,这样我就可以反复编辑、运行、调试,每分钟多次。

How did we get here?
我们是怎么走到这一步的?

We got here because sometimes, someone really does need to write a program that has to scale to thousands or millions of backends, so it needs all that… stuff. And wishful thinking makes people imagine even the lowliest dashboard could be that popular one day.
我们之所以走到今天,是因为有时候,确实有人需要编写一个能够扩展到数千或数百万后端的程序,所以它需要所有这些……东西。而美好的愿望让人们想象,即使是最不起眼的仪表板有一天也会变得如此受欢迎。

The truth is, most things don’t scale, and never need to. We made Tailscale for those things, so you can spend your time scaling the things that really need it. The long tail of jobs that are 90% of what every developer spends their time on. Even developers at companies that make stuff that scales to billions of users, spend most of their time on stuff that doesn’t, like dashboards and meme generators.
事实上,大多数东西都不会扩展,也不需要扩展。我们创建了 Tailscale 来处理这些事情,这样你就可以把时间花在真正需要扩展的事情上。那些占开发人员 90% 时间的“长尾”工作。即使是在开发面向数十亿用户的产品的公司,开发人员也把大部分时间花在那些不需要扩展的事情上,比如仪表板和表情包生成器。

As an industry, we’ve spent all our time making the hard things possible, and none of our time making the easy things easy.
作为一个行业,我们把所有时间都花在了让困难的事情变得可能上,却没有花任何时间让简单的事情变得容易。

Programmers are all stuck in the mud. Just listen to any professional developer, and ask what percentage of their time is spent actually solving the problem they set out to work on, and how much is spent on junky overhead.
程序员都陷入了泥潭。只要问问任何专业开发者,他们有多少时间真正花在解决他们着手解决的问题上,又有多少时间花在垃圾的额外工作上。

It’s true here too. Our developer experience at Tailscale is better than average. But even we have largely the same experience. Modern software development is mostly junky overhead.
这里也是如此。我们在 Tailscale 的开发者体验比平均水平要好。但即使是我们,也基本上拥有相同的体验。现代软件开发大多是垃圾开销。

The Internet 互联网

In fact, we didn’t found Tailscale to be a networking company. Networking didn’t come into it much at all at first.
事实上,我们并没有将 Tailscale 看作一家网络公司。一开始,网络方面并没有太多涉及。

What really happened was, me and the Davids got together and we said, look. The problem is developers keep scaling things they don’t need to scale, and their lives suck as a result. (For most programmers you can imagine the “wiping your tears with a handful of dollar bills” meme here.) We need to fix that. But how?
实际上,我和几个 David 聚在一起,我们说,听着。问题是,开发人员总是把不需要扩展的东西扩展,结果他们的生活很糟糕。(对于大多数程序员来说,你可以想象一下“用一叠钞票擦眼泪”的表情包。)我们需要解决这个问题。但是怎么做呢?

We looked at a lot of options, and talked to a lot of people, and there was an underlying cause for all the problems. The Internet. Things used to be simple. Remember the LAN? But then we connected our LANs to the Internet, and there’s been more and more firewalls and attackers everywhere, and things have slowly been degrading ever since.
我们考虑了很多方案,也和很多人谈过,发现所有问题的根源都是互联网。以前事情很简单。还记得局域网吗?但后来我们把局域网连接到互联网,结果到处都是防火墙和攻击者,情况也越来越糟糕。

When we explore the world of over-complexity, most of it has what we might call, no essential complexity. That is, the problems can be solved without complexity, but for some reason the solutions we use are complicated anyway. For example, logging systems. They just stream text from one place to another, but somehow it takes 5 minutes to show up. Or orchestration systems: they’re programs whose only job is to run other programs, which Unix kernels have done just fine, within milliseconds, for decades. People layer on piles of goop. But the goop can be removed.
当我们探索过度复杂的世界时,大部分问题其实并不本质复杂。也就是说,这些问题可以不借助复杂性来解决,但出于某种原因,我们使用的解决方案却很复杂。例如,日志系统。它们只是将文本从一个地方流到另一个地方,但不知何故,需要 5 分钟才能显示出来。或者编排系统:它们只是运行其他程序的程序,而 Unix 内核几十年来一直在毫秒内出色地完成这项工作。人们在上面堆积了一堆粘稠的东西。但这些粘稠的东西是可以去除的。

Except networking. 除了网络。

You can’t build modern software without networking. But the Internet makes everything hard. Is it because networking has essential complexity?
你无法在没有网络的情况下构建现代软件。但互联网让一切都变得困难。这是因为网络本身就具有本质上的复杂性吗?

Well, maybe. But maybe it’s only complex when you built it on top of the wrong assumptions, that result in the wrong problems, that you then have to paper over. That’s the Old Internet.
好吧,也许吧。但也许它只有在你建立在错误的假设之上时才变得复杂,这些错误的假设导致了错误的问题,然后你不得不掩盖它们。这就是旧互联网。

Instead of adding more layers at the very top of the OSI stack to try to hide the problems, Tailscale is building a new OSI layer 3 — a New Internet — on top of new assumptions that avoid the problems in the first place.
Tailscale 并没有在 OSI 模型的最顶层添加更多层来试图掩盖问题,而是基于新的假设构建了一个新的 OSI 第 3 层——一个新的互联网——从根本上避免了这些问题。

Dominoes 多米诺骨牌

If we fix the Internet, a whole chain of dominoes can come falling down, and we reach the next stage of technology evolution.
如果我们修复了互联网,一系列多米诺骨牌就会倒下,我们也将进入科技进化的下一个阶段。

If you want to know the bottleneck in any particular economic system, look for who gets to charge rent. In the tech world, that’s AWS. Sure, Apple’s there selling popular laptops, but you could buy a different laptop or a different phone. And Microsoft was the gatekeeper for everything, once, but you don’t have Windows lock-in anymore, unless you choose to. All those “the web is the new operating system” people of the early 2000s finally won, we just forgot to celebrate.
如果你想知道任何特定经济体系的瓶颈,看看谁有权收取租金。在科技界,那就是 AWS。当然,苹果也在那里销售流行的笔记本电脑,但你可以购买不同的笔记本电脑或不同的手机。微软曾经是所有事物的守门人,但你不再受 Windows 的锁定,除非你选择这样做。所有那些在 2000 年代初说“网络是新的操作系统”的人最终赢了,我们只是忘记庆祝了。

But the liberation didn’t last long. If you deploy software, you probably pay rent to AWS.
但这种解放并没有持续太久。如果你部署软件,你可能要向 AWS 支付租金。

Why is that? Compute, right? AWS provides scalable computing resources.
为什么呢?计算,对吧?AWS 提供可扩展的计算资源。

Well, you’d think so. But lots of people sell computing resources way cheaper. Even a mid-range Macbook can do 10x or 100x more transactions per second on its SSD than a supposedly fast cloud local disk, because cloud providers sell that disk to 10 or 100 people at once while charging you full price. Why would you pay exorbitant fees instead of hosting your mission-critical website on your super fast Macbook?
嗯,你可能会这么想。但很多公司以更便宜的价格出售计算资源。即使是中档的 Macbook,其 SSD 每秒的交易量也比所谓的快速云本地磁盘高 10 倍或 100 倍,因为云提供商将该磁盘同时出售给 10 或 100 人,同时向你收取全额费用。为什么你要支付过高的费用,而不是将你的关键网站托管在你超快的 Macbook 上?

We all know why: 我们都知道为什么:

IPv4

Location, location, location. You pay exorbitant rents to cloud providers for their computing power because your own computer isn’t in the right place to be a decent server.
位置、位置、位置。你为云提供商的计算能力支付了过高的租金,因为你自己的电脑不在合适的位置,无法成为一个像样的服务器。

It’s behind a firewall and a NAT and a dynamic IP address and probably an asymmetric network link that drops out just often enough to make you nervous.
它位于防火墙、NAT 和动态 IP 地址之后,可能还存在一个非对称网络连接,该连接经常断开,足以让你感到紧张。

You could fix the network link. You could reconfigure the firewall, and port forward through the NAT, I guess, and if you’re lucky you could pay your ISP an exorbitant rate for a static IP, and maybe get a redundant Internet link, and I know some of my coworkers actually did do all that stuff on a rack in their garage. But it’s all a lot of work, and requires expertise, and it’s far away from building the stupid dashboard or blog or cat video website you wanted to build in the first place. It’s so much easier to just pay a hosting provider who has all the IP addresses and network bandwidth money can buy.
你可以修复网络连接。你可以重新配置防火墙,并通过 NAT 进行端口转发,我想,如果你幸运的话,你可以向你的 ISP 支付高昂的费用来获得一个静态 IP,也许还能获得一个冗余的互联网连接,我知道我的一些同事实际上在他们车库里的机架上做了所有这些事情。但这一切都需要很多工作,而且需要专业知识,这与你最初想要构建的愚蠢的仪表板、博客或猫视频网站相去甚远。仅仅支付一个拥有所有 IP 地址和网络带宽的托管服务商,要容易得多。

And then, if you’re going to pay someone, and you’re a serious company, you’d better buy it from someone serious, because now you have to host your stuff on their equipment which means they have access to… everything, so you need to trust them not to misuse that access.
然后,如果你要付钱给别人,而且你是一家正经的公司,你最好从一个正经的人那里购买,因为现在你必须将你的东西托管在他们的设备上,这意味着他们可以访问……所有东西,所以你需要相信他们不会滥用这种访问权限。

You know what, nobody ever got fired for buying AWS.
你知道吗,没有人因为购买 AWS 而被解雇。

That’s an IBM analogy. We used to say, nobody ever got fired for buying IBM. I doubt that’s true anymore. Why not?
那是 IBM 的一个比喻。我们过去常说,没有人因为购买 IBM 而被解雇。我怀疑现在是否还成立。为什么不呢?

Pendulums 摆钟

I refuse to say pendula.
我拒绝说 pendula。

IBM mainframes still exist, and they probably always will, but IBM used to be able to charge rent on every aspect of business computing, and now they can’t. They started losing influence when Microsoft arrived, stealing fire from the gods of centralized computing and bringing it back to individuals using comparatively tiny underpowered PCs on every desk, in every home, running Microsoft software.
IBM 大型机仍然存在,而且可能永远都会存在,但 IBM 曾经能够对商业计算的各个方面收取租金,而现在他们不能了。当微软出现时,他们开始失去影响力,从集中式计算之神的火中偷走了火,并将它带回使用相对较小的低功率 PC 的个人手中,这些 PC 放在每个办公桌、每个家庭中,运行着微软软件。

I credit Microsoft with building the first widespread distributed computing systems, even though all the early networks were some variant of sneakernet.
我将微软视为首个构建广泛分布式计算系统的公司,尽管早期所有的网络都属于“sneakernet”的变种。

I think we can agree that we’re now in a post-Microsoft, web-first world. Neat. Is this world a centralized one like IBM, or a distributed one like Microsoft?
我认为我们可以同意,我们现在正处于一个后微软、以网络为先的世界。不错。这个世界是像 IBM 那样集中化的,还是像微软那样分布式的?

[When I did this as a talk, I took a poll: it was about 50/50]
[当我以演讲的形式做这件事时,我做了一个调查:结果大约是 50/50]

So, bad news. The pendulum has swung back the other way. IBM was centralized, then Microsoft was distributed, and now the cloud+phone world is centralized again.
所以,坏消息是,钟摆又摆回去了。IBM 曾经是集中式的,然后微软是分布式的,现在云+手机的世界又回到了集中式。

We’ve built a giant centralized computer system, with a few megaproviders in the middle, and a bunch of dumb terminals on our desks and in our pockets. The dumb terminals, even our smart watches, are all supercomputers by the standards of 20 years ago, if we used them that way. But they’re not much better than a VT100. Turn off AWS, and they’re all bricks.
我们构建了一个巨大的集中式计算机系统,中间只有几个大型供应商,而我们的办公桌上和口袋里则是一堆哑终端。这些哑终端,甚至包括我们的智能手表,按照 20 年前的标准来说都是超级计算机,如果我们那样使用它们的话。但它们并没有比 VT100 好多少。关闭 AWS,它们就都成了砖头。

It’s easy to fool ourselves into thinking the overall system is distributed. Yes, we build fancy distributed consensus systems and our servers have multiple instances. But all that runs centrally on cloud providers.
很容易让我们自己误以为整个系统是分布式的。没错,我们构建了花哨的分布式共识系统,我们的服务器也有多个实例。但所有这些都在云提供商的中心运行。

This isn’t new. IBM was doing multi-core computing and virtual machines back in the 1960s. It’s the same thing over again now, just with 50 years of Moore’s Law on top. We still have a big monopoly that gets to charge everyone rent because they’re the gatekeeper over the only thing that really matters.
这并不新鲜。早在 20 世纪 60 年代,IBM 就已经开始进行多核计算和虚拟机。现在只是重蹈覆辙,只不过叠加了 50 年的摩尔定律。我们仍然有一个巨大的垄断企业,可以向所有人收取租金,因为他们是唯一真正重要的东西的守门人。

Operating Systems 操作系统

Sorry, just kidding. 抱歉,只是开玩笑。

Connectivity. 连接性。

Everyone’s attitude is still stuck in the 1990s, when operating systems mattered. That’s how Microsoft stole the fire from IBM and ruled the world, because writing portable software was so hard that if you wanted to… interconnect… one program to another, if you wanted things to be compatible at all, you had to run them on the same computer, which meant you had to standardize the operating system, and that operating system was DOS, and then Windows.
大家对事物的态度还停留在 90 年代,那时操作系统至关重要。微软就是通过这种方式从 IBM 手中夺走了火种,并统治了世界,因为编写可移植软件非常困难,如果你想……互连……一个程序到另一个程序,如果你想让它们兼容,你就必须在同一台计算机上运行它们,这意味着你必须标准化操作系统,而那个操作系统就是 DOS,然后是 Windows。

The web undid that monopoly. Now javascript matters more than all the operating systems put together, and there’s a new element that controls whether two programs can talk to each other: HTTPS. If you can HTTPS from one thing to another, you can interconnect. If you can’t, forget it.
网络打破了这种垄断。现在,JavaScript 比所有操作系统加起来都重要,并且出现了一个新的元素来控制两个程序是否可以相互通信:HTTPS。如果你能从一个东西到另一个东西使用 HTTPS,你就可以互连。如果你不能,就别想了。

Certificates 证书

And HTTPS is fundamentally a centralized system. It has a client, and a server. A dumb terminal, and a thing that does the work. The server has a static IP address, a DNS name, a TLS certificate, and an open port. A client has none of those things. A server can keep doing whatever it wants if all the clients go away, but if the servers go away, a client does nothing.
而且 HTTPS 本质上是一个中心化的系统。它有客户端和服务器。一个哑终端,以及一个做实际工作的东西。服务器有静态 IP 地址、DNS 名称、TLS 证书和开放端口。客户端没有这些东西。如果所有客户端都消失了,服务器可以继续做它想做的事情,但如果服务器消失了,客户端什么也做不了。

We didn’t get here on purpose, mostly. It was just path dependence. We had security problems and an IPv4 address shortage, so we added firewalls and NATs, so connections became one way from client machines to server machines, and so there was no point putting certificates on clients, and nowadays there are 10 different reasons a client can’t be a server, and everyone is used to it, so we design everything around it. Dumb terminals and centralized servers.
我们并没有刻意走到这一步,大部分都是路径依赖的结果。我们遇到了安全问题和 IPv4 地址短缺,所以我们添加了防火墙和 NAT,导致连接变成了从客户端机器到服务器机器的单向连接,因此在客户端上安装证书就毫无意义。如今,客户端无法成为服务器的原因有十多种,每个人都习以为常,所以我们围绕它设计一切。哑终端和集中式服务器。

Once that happened, of course some company popped up to own the center of the hub-and-spoke network. AWS does that center better than everyone else, fair and square. Someone had to. They won.
当然,一旦这种情况发生,就会有公司出现,来掌控这个中心辐射式网络的中心。AWS 比其他任何公司都做得更好,公平公正。总得有人来做。他们赢了。

Taildrop

Okay, fast forward. We’ve spent the last 5 years making Tailscale the solution to that problem. Every device gets a cert. Every device gets an IP address and a DNS name and end-to-end encryption and an identity, and safely bypasses firewalls. Every device can be a peer. And we do it all without adding any latency or overhead.
好的,快进。我们过去五年一直在努力将 Tailscale 打造成解决这个问题的方案。每台设备都获得证书。每台设备都获得 IP 地址和 DNS 名称,以及端到端加密和身份,并安全地绕过防火墙。每台设备都可以成为对等节点。而且我们做到这一切都没有增加任何延迟或开销。

That’s the New Internet. We built it! It’s the future, it’s just unevenly distributed, so far. For people with Tailscale, we’ve already sliced out 10 layers of nonsense. That’s why developers react so viscerally once they get it. Tailscale makes the Internet work how you thought the Internet worked, before you learned how the Internet works.
这就是新互联网。我们创造了它!它是未来,只是目前分布不均。对于使用 Tailscale 的人来说,我们已经去掉了 10 层无用信息。这就是为什么开发者在理解它后会如此强烈地反应。Tailscale 使互联网按照你最初认为的方式运作,在你了解互联网运作方式之前。

I like to use Taildrop as an example of what that makes possible. Taildrop is a little feature we spent a few months on back when we were tiny. We should spend more time polishing to make it even easier to use. But at its core, it’s a demo app. As long as you have Tailscale already, Taildrop is just one HTTP PUT operation. The sender makes an HTTP request to the receiver, says “here’s a file named X”, and sends the file. That’s it. It’s the most obvious thing in the world. Why would you do it any other way?
我喜欢用 Taildrop 作为例子来说明它能实现什么。Taildrop 是我们团队在规模很小的时候花几个月时间开发的一个小功能。我们应该花更多时间打磨它,让它更易于使用。但本质上,它只是一个演示应用程序。只要你已经安装了 Tailscale,Taildrop 就只是一个 HTTP PUT 操作。发送方向接收方发出一个 HTTP 请求,说“这里有一个名为 X 的文件”,然后发送文件。就是这样。这是世界上最显而易见的事情。你为什么要用其他方式呢?

Well, before Tailscale, you didn’t have a choice. The receiver is another client device, not a server. So it was behind a firewall, with no open ports and no identity. Your only option was to upload the file to the cloud and then download it again, even if the sender and receiver are side by side on the same wifi. But that means you pay cloud fees for network egress, and storage, and the CPU time for running whatever server program is managing all that stuff. And if you upload the file and nobody downloads it, you need a rule for when to delete it from storage. And also you pay fees just in case to keep the server online, even when you’re not using it at all. Also, cloud employees can theoretically access the file unless you encrypt it. But you can’t encrypt it without exchanging encryption keys somehow between sender and recipient. And how does the receiver even know a file is there waiting to be received in the first place? Do we need a push notification system? For every client platform? And so on. Layers, and layers, and layers of gunk.
嗯,在 Tailscale 出现之前,你没有选择。接收方是另一个客户端设备,而不是服务器。所以它位于防火墙后面,没有开放端口,也没有身份。你唯一的选择是将文件上传到云端,然后再次下载,即使发送方和接收方并排位于同一个 Wi-Fi 网络上。但这意味着你需要为网络出站流量、存储以及运行管理所有这些内容的服务器程序的 CPU 时间支付云费用。如果你上传了文件,但没有人下载,你需要制定一个规则来决定何时从存储中删除它。而且,即使你根本没有使用它,你也要支付费用来保证服务器在线。此外,云员工理论上可以访问该文件,除非你对其进行加密。但你无法在没有以某种方式在发送方和接收方之间交换加密密钥的情况下对其进行加密。接收方如何知道有一个文件正在等待接收呢?我们需要一个推送通知系统吗?针对每个客户端平台?等等。层层叠叠的垃圾。

And all that gunk means rent to cloud providers. Transferring files — one of the first things people did on the Internet, for no extra charge, via FTP — now has to cost money, because somebody has got to pay that rent.
而所有这些垃圾意味着要向云提供商支付租金。传输文件——人们在互联网上做的第一件事之一,而且是免费的,通过 FTP——现在必须付费,因为有人必须支付这笔租金。

With Taildrop, it doesn’t cost money. Not because we’re generously draining our bank accounts to make file transfers free. It’s because the cost overhead is gone altogether, because it’s not built on the same devolved Internet everyone else has been using.
使用 Taildrop,你无需付费。这并非因为我们慷慨地掏空自己的账户来免费提供文件传输服务。而是因为成本开销完全消失了,因为 Taildrop 不是建立在与其他所有人使用的相同落后的互联网基础之上的。

The New Internet 新互联网

Taildrop is just an example, a trivial one, but it’s an existence proof for a whole class of programs that can be 10x easier just because Tailscale exists.
Taildrop 只是一个例子,一个微不足道的例子,但它证明了存在一类程序,由于 Tailscale 的存在,它们可以轻松 10 倍。

The chain of dominoes starts with connectivity. Lack of connectivity is why we get centralization, and centralization is why we pay rent for every tiny little program we want to run and why everything is slow and tedious and complicated and hard to debug like an IBM batch job. And we’re about to start those dominoes falling.
多米诺骨牌的连锁反应始于连接性。缺乏连接性是导致我们集中化的原因,而集中化是导致我们为想要运行的每一个微不足道的程序支付租金的原因,也是导致一切变得缓慢、繁琐、复杂、难以调试的原因,就像 IBM 批处理作业一样。我们即将开始让这些多米诺骨牌倒下。

The glimpse at these possibilities is why our users get excited about Tailscale, more than they’ve ever been excited about some VPN or proxy, because there’s something underneath our kind of VPN that you can’t get anywhere else. We’re removing layers, and layers, and layers of complexity, and making it easier to work on what you wanted to work on in the first place. Not everybody sees it yet, but they will. And when they do, they’re going to be able to invent things we could never imagine in the old centralized world, just like the Windows era of distributed computing made things possible that were unthinkable on a mainframe.
正是这些可能性的一瞥,让我们的用户对 Tailscale 感到兴奋,比他们对任何 VPN 或代理都更加兴奋,因为在我们这种 VPN 的背后,有着其他地方无法获得的东西。我们正在剥离一层又一层复杂性,让您更容易专注于最初想要做的事情。并非所有人都能看到这一点,但他们终将看到。而当他们看到时,他们将能够创造出我们在旧的集中式世界中无法想象的东西,就像 Windows 时代的分布式计算使人们能够实现大型机上无法想象的事情一样。

But there’s one catch. If we’re going to untangle the hairball of connectivity, that connectivity has to apply to…
但有一个问题。如果我们要解开连接的乱麻,那么这种连接必须适用于……

Everyone 每个人

There’s going to be a new world of haves and have-nots. Where in 1970 you had or didn’t have a mainframe, and in 1995 you had or didn’t have the Internet, and today you have or don’t have a TLS cert, tomorrow you’ll have or not have Tailscale. And if you don’t, you won’t be able to run apps that only work in a post-Tailscale world.
未来将出现一个新的“有”和“无”的世界。就像 1970 年你拥有或没有大型机,1995 年你拥有或没有互联网,今天你拥有或没有 TLS 证书一样,明天你将拥有或没有 Tailscale。如果你没有,你就无法运行那些只在后 Tailscale 世界中才能运行的应用程序。

And if not enough people have Tailscale, nobody will build those apps. That’s called a chicken-and-egg problem.
如果没有足够多的人拥有 Tailscale,就没有人会开发这些应用程序。这就是所谓的“先有鸡还是先有蛋”的问题。

This is why our company strategy sounds so odd at first glance. It's why we spend so much effort giving Tailscale away for free, but also so much effort getting people to bring it to work, and so much effort doing tangential enterprise features so executives can easily roll it out to whole Fortune 500 companies.
这就是为什么我们的公司战略乍一看如此奇怪。这也是为什么我们花大力气免费提供 Tailscale,但也花大力气让人们把它带到工作中,以及花大力气做一些与企业相关的功能,以便高管可以轻松地将其推广到整个财富 500 强公司。

The Internet is for everyone. You know, there were internetworks (lowercase) before the Internet (capitalized). They all lost, because the Internet was the most diverse and inclusive of all. To the people building the Internet, nothing mattered but getting everyone connected. Adoption was slow at first, then fast, then really fast, and today, if I buy a wristwatch and it doesn’t have an Internet link, it’s broken.
互联网是为所有人服务的。你知道,在互联网(大写)之前,存在着互联网(小写)。它们都失败了,因为互联网是最多样化和包容性的。对于那些构建互联网的人来说,除了让每个人都连接起来,其他什么都不重要。最初的采用速度很慢,然后很快,然后非常快,如今,如果我买了一块手表,它没有互联网连接,那就是坏了。

We won’t have built a New Internet if nerds at home can’t play with it. Or nerds at universities. Or employees at enterprises. Or, you know, eventually every person everywhere.
如果宅在家的极客们、大学里的极客们、企业里的员工们,甚至最终是世界上每个人都无法使用它,我们就无法构建一个新的互联网。

Vision 愿景

There remain a lot of steps between here and there. But, let’s save those details for another time. Meanwhile, how are we doing?
从这里到那里还有很多步骤要走。不过,我们把这些细节留到下次再说吧。与此同时,我们进展如何?

Well, about 1 in 20,000 people in the world uses the New Internet (that’s Tailscale). We’re not going to stop until it’s all of them.
嗯,全世界大约有 20,000 人使用新互联网(也就是 Tailscale)。我们不会停止,直到所有人都使用它。

I’m old enough to remember when people made fun of Microsoft for their thing about putting a computer on every desk. Or when TCP/IP was an optional add-on you had to buy from a third party.
我年纪大了,还记得人们嘲笑微软要把电脑放到每张桌子上。或者 TCP/IP 还是一个需要从第三方购买的可选附加组件。

You know, all that was less than 30 years ago. I’m old, but come to think of it, I’m not that old. The tech world changes fast. It can change for the better. We’re just getting started.
你知道,所有这些都发生在不到 30 年前。我老了,但仔细想想,我还没那么老。科技世界变化很快。它可以变得更好。我们才刚刚开始。

Subscribe to Tailscale’s blog
订阅 Tailscale 博客

We have a deep commitment to keeping your data safe.
我们致力于保护您的数据安全。

Too much email? 邮件太多? RSSX

Try Tailscale for free 免费试用 Tailscale

Schedule a demo 预约演示
Contact sales 联系销售
cta phone
mercury
instacrt
Retool
duolingo
Hugging Face
normal 正常