DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Calico WireGuard Support with Azure CNI

3 years ago thenewstack.io
Calico WireGuard Support with Azure CNI

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

Last June, Tigera announced a first for Kubernetes: supporting open source WireGuard for encrypting data in transit within your cluster. First, here’s a short recap about what WireGuard is and how we use it in Calico. WireGuard is a VPN technology available in the Linux kernel since version 5.6 and is positioned as an alternative to IPsec and OpenVPN.

While WireGuard is a VPN technology and is typically thought of as client/server, it can be configured and used equally effectively in a peer-to-peer mesh architecture, which is how we designed our solution at Tigera to work in Kubernetes.

We can solve this by auto-detecting AKS in Calico and setting the correct overhead and MTU for WireGuard.

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com