Source: thenewstack.io
Calico WireGuard Support with Azure CNICategory: Kubernetes, encryption
Last June, Tigera announced a first for Kubernetes: supporting open source WireGuard for encrypting data in transit within your cluster. First, here’s a short recap about what WireGuard is and how we use it in Calico. WireGuard is a VPN technology available in the Linux kernel since version 5.6 and is positioned as an alternative to IPsec and OpenVPN.
While WireGuard is a VPN technology and is typically thought of as client/server, it can be configured and used equally effectively in a peer-to-peer mesh architecture, which is how we designed our solution at Tigera to work in Kubernetes.
We can solve this by auto-detecting AKS in Calico and setting the correct overhead and MTU for WireGuard.
While WireGuard is a VPN technology and is typically thought of as client/server, it can be configured and used equally effectively in a peer-to-peer mesh architecture, which is how we designed our solution at Tigera to work in Kubernetes.
We can solve this by auto-detecting AKS in Calico and setting the correct overhead and MTU for WireGuard.
Related Articles
Community Partners
DevOps Careers