Gitpod Workspace Networking

Gitpod workspaces are Kubernetes pods that maintain their own network namespace for isolation of system resources associated with networking. Previously, enabling rootless Docker in workspaces required a network namespace using slirp4netns to create the necessary networking devices and iptables entries. However, this approach had performance drawbacks due to forwarding all traffic through user-space. To address these issues, Gitpod recently made it standard for all workspaces to have a network namespace, which has improved performance and resolved other networking-related problems. This change also allows Tailscale to work out of the box in Gitpod workspaces.