On my machine it's consuming about 0.5% - 1.0% of cpu time, which is higher than zerotier in the same machine (almost zero).
Tailscale does a lot more things than just tunneling though. For example, on default installation it'll catch all outbound dns request on the machine and route them through MagicDNS (100.100.100.100).
That's weird. I closed the docker on that specific machine (ryzen 5), copied the docker-compose directory (=same config) on an i5-6500T and now it's using just 0.1% of CPU time.
I just checked my AMD box and tailscale there can consume ~15% of cpu time when the tunnel is under active use. When it's not used it's ~1.5%. But it's a low power old AMD cpu though (AMD G-T56N), so I'm not use if it compares to Ryzen 5. On my intel machine, it's ~5% when under active use, and idle at ~0.5%.
One thing you could try doing if you feel up to it is to build Tailscale from source code. Often when built for your specific machine, performance improves.