Install wireguard and sets it up as CNI for kubernetes.
It has integration with wg-operator for generating it's custom resource manifest.
defaults/main.yml for all variable and their meaning.
Installed CNI plugins on the target host if you're using it as CNI plugin for k8s
See defaults/main.yml for documented variables description
All hosts should be in
wg_public_ip is set for all the server nodes, that's how the server is marked as such
CNI plugins need to be installed on the target machine. Tested with version 0.6.0 and bridge + loopback plugins
# kube_pods_subnet: 10.101.0.0/16 # wg_listen_port = 5555 by default [all] ub18-k8s-1 wg_public_ip=188.8.131.52 wg_private_ip=10.100.0.1 pod_cidr=10.101.1.0/24 ub18-k8s-2 wg_public_ip=184.108.40.206 wg_private_ip=10.100.0.2 pod_cidr=10.101.2.0/24 ub18-k8s-3 wg_public_ip=220.127.116.11 wg_private_ip=10.100.0.3 pod_cidr=10.101.3.0/24 [bbb] ads0901 wg_private_ip=10.100.0.4 pod_cidr=10.101.4.0/24 [kube-master] ub18-k8s-1 ub18-k8s-2 ub18-k8s-3 [etcd] ub18-k8s-1 ub18-k8s-2 ub18-k8s-3 [kube-node] ub18-k8s-1 ub18-k8s-2 ub18-k8s-3 [kube-node:children] bbb [k8s-cluster:children] kube-node kube-master [wireguard:children] bbb kube-master [python3:children] k8s-cluster [python3:vars] ansible_python_interpreter=/usr/bin/python3
Feel free to reach out via Issues, PRs or email