Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable WireGuard on Calico CNI #9753

Closed
mariusv opened this issue Aug 14, 2020 · 7 comments
Closed

Enable WireGuard on Calico CNI #9753

mariusv opened this issue Aug 14, 2020 · 7 comments
Assignees
@h3poteto
Labels
area/cni cni/calico good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. hacktoberfest Issues that are good to work on, or people are working on, for hacktoberfest kind/feature Categorizes issue or PR as related to a new feature. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@mariusv
Copy link
Contributor

mariusv commented Aug 14, 2020

Calico CNI now has built in WireGuard and to enable it one needs to run calicoctl patch felixconfiguration default --type='merge' -p '{"spec":{"wireguardEnabled":true}}' wondering how hard will it be to have it in the kops cluster spec file as something like:

  networking:
    calico:
      wireguardEnabled: true
@hakman
Copy link
Member

hakman commented Aug 14, 2020

Hey @mariusv, this should be pretty easy. This would require a few changes:

  1. add the new config option that will set FELIX_WIREGUARDENABLED = true in the manifest
  2. install the wireguard package for the supported distros
  3. test various scenarions
  4. add docs

What happens if wireguard is enabled and the package is not installed?

Example on how to add a new option: #8076
Add a task to install the Wireguard package here:

kops/nodeup/pkg/model/networking/calico.go

Line 34 in 4af83f3

func (b *CalicoBuilder) Build(c *fi.ModelBuilderContext) error {

@hakman hakman added area/cni cni/calico kind/feature Categorizes issue or PR as related to a new feature. labels Aug 14, 2020
@hakman hakman added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. hacktoberfest Issues that are good to work on, or people are working on, for hacktoberfest labels Oct 3, 2020
@h3poteto
Copy link
Contributor

h3poteto commented Oct 6, 2020

Hi, I will take this issue.

/assign

@h3poteto h3poteto mentioned this issue Oct 10, 2020
Merged
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 4, 2021
@h3poteto
Copy link
Contributor

h3poteto commented Jan 5, 2021

I added this option, so I will close this issue.

@h3poteto
Copy link
Contributor

h3poteto commented Jan 5, 2021

/close

@k8s-ci-robot
Copy link
Contributor

@h3poteto: Closing this issue.

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@hakman
Copy link
Member

hakman commented Jan 5, 2021

Thanks @h3poteto :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@h3poteto h3poteto

Labels
area/cni cni/calico good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. hacktoberfest Issues that are good to work on, or people are working on, for hacktoberfest kind/feature Categorizes issue or PR as related to a new feature. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mariusv @hakman @h3poteto @k8s-ci-robot @fejta-bot