Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add transparent encryption with cilium and wiregaurd #1130

Merged
merged 21 commits into from
Nov 4, 2022
Merged

feat: Add transparent encryption with cilium and wiregaurd #1130

merged 21 commits into from
Nov 4, 2022

Conversation

askulkarni2
Copy link
Contributor

What does this PR do?

  • Update Cilium add-on to provide a flag that enables Wireguard based transparent encryption for pod traffic.
  • Provides an example for how to use this feature and steps to validate encryption is working.

Motivation

More

  • Yes, I have tested the PR using my local account setup (Provide any test evidence report under Additional Notes)
  • Yes, I have added a new example under examples to support my PR
  • [N/A] Yes, I have created another PR for add-ons under add-ons repo (if applicable)
  • Yes, I have updated the docs for this feature
  • Yes, I ran pre-commit run -a with this PR

Note: Not all the PRs require a new example and/or doc page. In general:

  • Use an existing example when possible to demonstrate a new addons usage
  • A new docs page under docs/add-ons/* is required for new a new addon

For Moderators

  • E2E Test successfully complete before merge?

Additional Notes

@askulkarni2 askulkarni2 changed the title Wiregaurd example feat: Add transparent encryption with cilium and wiregaurd Nov 4, 2022
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 05:50 Inactive
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 05:56 Inactive
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 06:50 Inactive
bryantbiggs
bryantbiggs reviewed Nov 4, 2022
View reviewed changes
examples/wireguard-with-cilium/README.md Show resolved Hide resolved
examples/wireguard-with-cilium/README.md Outdated Show resolved Hide resolved
examples/wireguard-with-cilium/main.tf Outdated Show resolved Hide resolved
examples/wireguard-with-cilium/main.tf Show resolved Hide resolved
examples/wireguard-with-cilium/main.tf Show resolved Hide resolved
examples/wireguard-with-cilium/main.tf
# Sample App for Testing
#---------------------------------------------------------------

resource "kubectl_manifest" "server" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

future improvements: since these are all standard K8s resources, we could use the kubernetes provider resources since that provider is required by blueprints for aws-auth/etc., and remove the kubectl provider

examples/wireguard-with-cilium/versions.tf Outdated Show resolved Hide resolved
modules/kubernetes-addons/cilium/main.tf Show resolved Hide resolved
@askulkarni2 @bryantbiggs
Update examples/wireguard-with-cilium/README.md
ac193d6 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
@askulkarni2 @bryantbiggs
Apply suggestions from code review
2808d17 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 18:09 Inactive
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 19:42 Inactive
@askulkarni2 askulkarni2 temporarily deployed to EKS Blueprints Test November 4, 2022 20:08 Inactive
@askulkarni2 askulkarni2 merged commit 225ced1 into main Nov 4, 2022
@askulkarni2 askulkarni2 deleted the wiregaurd-example branch November 4, 2022 20:27
vara-bonthu pushed a commit that referenced this pull request Nov 11, 2022
@askulkarni2 @bryantbiggs @vara-bonthu
feat: Add transparent encryption with cilium and wiregaurd (#1130)
0efff99 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
allamand pushed a commit to allamand/terraform-aws-eks-blueprints that referenced this pull request Dec 15, 2022
@askulkarni2 @bryantbiggs @allamand
feat: Add transparent encryption with cilium and wiregaurd (aws-ia#1130)
4044e82 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
allamand pushed a commit to allamand/terraform-aws-eks-blueprints that referenced this pull request Jan 10, 2023
@askulkarni2 @bryantbiggs @allamand
feat: Add transparent encryption with cilium and wiregaurd (aws-ia#1130)
2f4b32b 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bryantbiggs bryantbiggs bryantbiggs approved these changes

@csantanapr csantanapr Awaiting requested review from csantanapr

@vara-bonthu vara-bonthu Awaiting requested review from vara-bonthu

@Zvikan Zvikan Awaiting requested review from Zvikan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cilium with wireguard
2 participants
@askulkarni2 @bryantbiggs