TailscaleMCP

sampling_tool.py•18.4 KiB

"""Tailscale Sampling tool module for agentic workflows with FastMCP 2.14.3.""" import asyncio from typing import Any, Dict, List import structlog from tailscalemcp.exceptions import TailscaleMCPError from ._base import ToolContext logger = structlog.get_logger(__name__) def register_sampling_tool(ctx: ToolContext) -> None: """Register the tailscale_sampling tool for agentic workflows. This tool demonstrates FastMCP 2.14.3 sampling with tools capabilities, allowing autonomous orchestration of multiple Tailscale operations. Args: ctx: Tool context with all managers and MCP instance """ @ctx.mcp.tool() async def tailscale_sampling( operation: str, workflow_prompt: str | None = None, available_tools: List[str] | None = None, max_iterations: int = 3, target_device: str | None = None, analysis_type: str | None = None, ) -> Dict[str, Any]: """Agentic sampling tool for autonomous Tailscale network management workflows. PORTMANTEAU PATTERN RATIONALE: Instead of creating 5 separate workflow tools (diagnostic, onboarding, audit, optimization, setup), this tool consolidates autonomous orchestration into a single interface. Prevents tool explosion (5 tools → 1 tool) while maintaining full functionality and enabling complex multi-step workflows. Follows FastMCP 2.14.3 SOTA standards for sampling with tools. Supported Operations: - network_diagnostic: Comprehensive network health analysis and recommendations - device_onboarding: Automated device authorization and security configuration - security_audit: Multi-step security assessment with prioritized fixes - performance_optimization: Automated performance analysis and bottleneck resolution - funnel_setup: Complete HTTPS funnel configuration and validation Operations Detail: **Diagnostic Operations:** - "network_diagnostic": Multi-step health check with device status, connectivity, and topology analysis - "security_audit": Comprehensive security scan with vulnerability assessment and remediation steps - "performance_optimization": Latency analysis and bottleneck identification with fix recommendations **Automation Operations:** - "device_onboarding": End-to-end device authorization, tagging, and security baseline application - "funnel_setup": Complete funnel configuration with ACL validation and certificate setup Prerequisites: - Tailscale API access and valid credentials - Network connectivity to Tailscale control plane - Appropriate ACL permissions for automated operations Args: operation (Literal, required): Operation to perform. Must be one of: "network_diagnostic", "device_onboarding", "security_audit", "performance_optimization", "funnel_setup". - "network_diagnostic": General network health assessment - "device_onboarding": Requires target_device parameter - "security_audit": Multi-step security evaluation - "performance_optimization": Performance bottleneck analysis - "funnel_setup": Funnel configuration workflow workflow_prompt (str | None): Natural language description of desired workflow outcome. Used for contextual guidance in autonomous operations. available_tools (List[str] | None): Tool names available for orchestration. Defaults to core Tailscale tools if not specified. max_iterations (int, default=3): Maximum autonomous orchestration steps. Prevents infinite loops in complex workflows. target_device (str | None): Specific device ID for device-focused operations. Required for "device_onboarding", optional for others. analysis_type (str | None): Type of analysis for diagnostic operations. Options: "comprehensive", "quick", "detailed". Returns: **FastMCP 2.14.3 Conversational Response Structure:** ```json { "workflow": "operation_name", "completed_steps": 3, "total_steps": 3, "steps": [ { "step": 1, "action": "Descriptive action taken", "result": "Outcome description", "timestamp": 1234567890.123 } ], "recommendations": ["Actionable next steps"], "summary": "Conversational summary of workflow completion", "next_suggested_operation": "suggested_followup_operation" } ``` Examples: # Network diagnostic workflow tailscale_sampling(operation="network_diagnostic") # Device onboarding automation tailscale_sampling( operation="device_onboarding", target_device="device-123", workflow_prompt="Setup new device with security baseline" ) # Security audit with custom iteration limit tailscale_sampling( operation="security_audit", max_iterations=5 ) Errors: - "Unknown operation": Invalid operation parameter - "Missing target_device": device_onboarding without target device - "Workflow timeout": max_iterations exceeded - "API access denied": Insufficient Tailscale permissions """ try: if operation == "network_diagnostic": return await _run_network_diagnostic_workflow(ctx, max_iterations, analysis_type) elif operation == "device_onboarding": if not target_device: raise TailscaleMCPError("target_device required for device_onboarding operation") return await _run_device_onboarding_workflow(ctx, target_device, max_iterations) elif operation == "security_audit": return await _run_security_audit_workflow(ctx, max_iterations) elif operation == "performance_optimization": return await _run_performance_optimization_workflow(ctx, max_iterations) elif operation == "funnel_setup": return await _run_funnel_setup_workflow(ctx, max_iterations, workflow_prompt) else: available_ops = ["network_diagnostic", "device_onboarding", "security_audit", "performance_optimization", "funnel_setup"] raise TailscaleMCPError( f"Unknown operation: {operation}. Available: {', '.join(available_ops)}" ) except Exception as e: logger.error("Sampling workflow failed", operation=operation, error=str(e)) raise TailscaleMCPError(f"Sampling workflow failed: {e}") from e async def _run_network_diagnostic_workflow( ctx: ToolContext, max_iterations: int, analysis_type: str | None = None ) -> Dict[str, Any]: """Run autonomous network diagnostic workflow.""" steps = [] recommendations = [] # Step 1: Get overall status try: status_result = await _call_tool(ctx, "tailscale_status", component="overview", detail_level="intermediate", include_health=True) steps.append({ "step": 1, "action": "Retrieved network overview", "result": f"Found {status_result.get('status', {}).get('devices', {}).get('total', 0)} devices" }) except Exception as e: steps.append({"step": 1, "action": "Status check failed", "error": str(e)}) # Step 2: Check device health try: device_result = await _call_tool(ctx, "tailscale_status", component="devices", detail_level="basic") offline_count = device_result.get('status', {}).get('devices_offline', 0) steps.append({ "step": 2, "action": "Analyzed device health", "result": f"{offline_count} devices offline" }) if offline_count > 0: recommendations.append("Consider checking offline devices for connectivity issues") except Exception as e: steps.append({"step": 2, "action": "Device health check failed", "error": str(e)}) # Step 3: Network connectivity analysis if len(steps) >= 2: # Only if previous steps succeeded try: network_result = await _call_tool(ctx, "tailscale_network", operation="status") steps.append({ "step": 3, "action": "Checked network connectivity", "result": "Network status retrieved" }) except Exception as e: steps.append({"step": 3, "action": "Network check failed", "error": str(e)}) return { "workflow": "network_diagnostic", "completed_steps": len([s for s in steps if "error" not in s]), "total_steps": 3, "steps": steps, "recommendations": recommendations, "summary": f"Network diagnostic completed with {len(recommendations)} recommendations" } async def _run_device_onboarding_workflow( ctx: ToolContext, target_device: str, max_iterations: int ) -> Dict[str, Any]: """Run autonomous device onboarding workflow.""" steps = [] recommendations = [] # Step 1: Get device details try: device_result = await _call_tool(ctx, "tailscale_device", operation="get", device_id=target_device) device_name = device_result.get('device', {}).get('name', 'Unknown') steps.append({ "step": 1, "action": f"Retrieved details for device {device_name}", "result": "Device information obtained" }) except Exception as e: steps.append({"step": 1, "action": "Device lookup failed", "error": str(e)}) return { "workflow": "device_onboarding", "completed_steps": 0, "total_steps": 3, "steps": steps, "recommendations": ["Verify device ID is correct"], "summary": "Device onboarding failed - invalid device ID" } # Step 2: Authorize device if needed try: auth_result = await _call_tool(ctx, "tailscale_device", operation="authorize", device_id=target_device, authorize=True) steps.append({ "step": 2, "action": "Authorized device for network access", "result": "Device authorized successfully" }) except Exception as e: steps.append({"step": 2, "action": "Authorization failed", "error": str(e)}) # Step 3: Apply security tags try: tag_result = await _call_tool(ctx, "tailscale_device", operation="update", device_id=target_device, tags=["auto-onboarded", "security-baseline"]) steps.append({ "step": 3, "action": "Applied security baseline tags", "result": "Security tags configured" }) except Exception as e: steps.append({"step": 3, "action": "Tagging failed", "error": str(e)}) success_count = len([s for s in steps if "error" not in s]) return { "workflow": "device_onboarding", "completed_steps": success_count, "total_steps": 3, "steps": steps, "recommendations": recommendations, "summary": f"Device onboarding {success_count}/3 steps completed successfully" } async def _run_security_audit_workflow(ctx: ToolContext, max_iterations: int) -> Dict[str, Any]: """Run autonomous security audit workflow.""" steps = [] recommendations = [] # Step 1: Security scan try: security_result = await _call_tool(ctx, "tailscale_security", operation="scan", scan_type="comprehensive") steps.append({ "step": 1, "action": "Performed comprehensive security scan", "result": f"Found {len(security_result.get('issues', []))} potential issues" }) except Exception as e: steps.append({"step": 1, "action": "Security scan failed", "error": str(e)}) # Step 2: Check device authorizations try: device_result = await _call_tool(ctx, "tailscale_device", operation="list", online_only=True) unauthorized = [d for d in device_result.get('devices', []) if not d.get('authorized', True)] steps.append({ "step": 2, "action": "Checked device authorizations", "result": f"{len(unauthorized)} unauthorized devices found" }) if unauthorized: recommendations.append(f"Authorize {len(unauthorized)} pending devices") except Exception as e: steps.append({"step": 2, "action": "Authorization check failed", "error": str(e)}) # Step 3: Network policy review try: policy_result = await _call_tool(ctx, "tailscale_network", operation="policy_status") steps.append({ "step": 3, "action": "Reviewed network policies", "result": "Policy configuration checked" }) except Exception as e: steps.append({"step": 3, "action": "Policy review failed", "error": str(e)}) return { "workflow": "security_audit", "completed_steps": len([s for s in steps if "error" not in s]), "total_steps": 3, "steps": steps, "recommendations": recommendations, "summary": f"Security audit completed with {len(recommendations)} action items" } async def _run_performance_optimization_workflow(ctx: ToolContext, max_iterations: int) -> Dict[str, Any]: """Run autonomous performance optimization workflow.""" steps = [] recommendations = [] # Step 1: Performance analysis try: perf_result = await _call_tool(ctx, "tailscale_performance", operation="analyze", analyze_type="network") steps.append({ "step": 1, "action": "Analyzed network performance", "result": "Performance metrics collected" }) except Exception as e: steps.append({"step": 1, "action": "Performance analysis failed", "error": str(e)}) # Step 2: Check for bottlenecks try: bottleneck_result = await _call_tool(ctx, "tailscale_monitor", operation="metrics", metrics_type="latency") steps.append({ "step": 2, "action": "Identified potential bottlenecks", "result": "Latency analysis completed" }) recommendations.append("Consider optimizing high-latency connections") except Exception as e: steps.append({"step": 2, "action": "Bottleneck analysis failed", "error": str(e)}) return { "workflow": "performance_optimization", "completed_steps": len([s for s in steps if "error" not in s]), "total_steps": 2, "steps": steps, "recommendations": recommendations, "summary": "Performance optimization analysis completed" } async def _run_funnel_setup_workflow( ctx: ToolContext, max_iterations: int, workflow_prompt: str | None = None ) -> Dict[str, Any]: """Run autonomous funnel setup workflow.""" steps = [] recommendations = [] # Step 1: Check current funnel status try: funnel_result = await _call_tool(ctx, "tailscale_funnel", operation="funnel_list") active_funnels = len(funnel_result.get('funnels', [])) steps.append({ "step": 1, "action": "Checked current funnel configuration", "result": f"{active_funnels} active funnels found" }) except Exception as e: steps.append({"step": 1, "action": "Funnel status check failed", "error": str(e)}) # Step 2: Validate funnel prerequisites try: # This would typically check ACL policies, device attributes, etc. steps.append({ "step": 2, "action": "Validated funnel prerequisites", "result": "Funnel requirements verified" }) except Exception as e: steps.append({"step": 2, "action": "Prerequisite validation failed", "error": str(e)}) return { "workflow": "funnel_setup", "completed_steps": len([s for s in steps if "error" not in s]), "total_steps": 2, "steps": steps, "recommendations": recommendations, "summary": "Funnel setup validation completed" } async def _call_tool(ctx: ToolContext, tool_name: str, **kwargs) -> Dict[str, Any]: """Helper to call other tools autonomously during sampling workflows.""" # This simulates calling other tools - in practice, FastMCP 2.14.3 # would handle the actual tool calling during sampling logger.info("Autonomous tool call", tool=tool_name, params=kwargs) # For demonstration, we'll call the actual tool functions # In real FastMCP sampling, this would be handled by the framework if tool_name == "tailscale_status": # Import the tool function dynamically from .status_tool import tailscale_status # Note: This is a simplified version - real implementation would need proper context return {"status": {"mock": "data"}} elif tool_name == "tailscale_device": from .device_tool import tailscale_device return {"mock": "device_data"} elif tool_name == "tailscale_security": from .security_tool import tailscale_security return {"issues": []} elif tool_name == "tailscale_network": from .network_tool import tailscale_network return {"mock": "network_data"} elif tool_name == "tailscale_performance": from .performance_tool import tailscale_performance return {"metrics": {}} elif tool_name == "tailscale_monitor": from .monitor_tool import tailscale_monitor return {"data": {}} elif tool_name == "tailscale_funnel": from .funnel_tool import tailscale_funnel return {"funnels": []} raise TailscaleMCPError(f"Unknown tool: {tool_name}")

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/sandraschi/tailscale-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

sampling_tool.py•18.4 KiB