diff --git a/tutorials/enabling-encryption-in-kapsule-with-cilium/index.mdx b/tutorials/enabling-encryption-in-kapsule-with-cilium/index.mdx index 466243819b..cd002ed0f1 100644 --- a/tutorials/enabling-encryption-in-kapsule-with-cilium/index.mdx +++ b/tutorials/enabling-encryption-in-kapsule-with-cilium/index.mdx @@ -1,17 +1,16 @@ --- meta: - title: Enabling Encryption in Kapsule (Kubernetes 1.31) with Cilium + title: Enabling encryption in Kapsule (Kubernetes 1.31) with Cilium description: Learn how to enable WireGuard encryption in Scaleway’s Kapsule Managed Kubernetes service using Cilium. This guide covers configuration steps, verification, and testing encryption for secure network traffic. content: - h1: Enabling Encryption in Kapsule (Kubernetes 1.31) with Cilium + h1: Enabling encryption in Kapsule (Kubernetes 1.31) with Cilium paragraph: Learn how to enable WireGuard encryption in Scaleway’s Kapsule Managed Kubernetes service using Cilium. This guide covers configuration steps, verification, and testing encryption for secure network traffic. -tags: hashicorp vault kubernetes k8s easy deploy +tags: encryption cilium kapsule wireguard categories: - containers dates: validation: 2024-12-31 posted: 2024-12-31 - validation_frequency: 24 --- @@ -25,7 +24,7 @@ By default, Cilium is selected as the CNI when creating a cluster. We will confi - `kubectl` installed and configured for your cluster. - Cilium is selected as the [CNI](/containers/kubernetes/concepts/#container-network-interface-cni) in your cluster (default in Kapsule). -## Creating a `CiliumNodeConfig` resource for encryption +## Creating a CiliumNodeConfig resource for encryption The `CiliumNodeConfig` resource defines encryption settings for Cilium. It enables **WireGuard encryption** across all nodes in your Kapsule cluster. @@ -78,7 +77,7 @@ After creating the `CiliumNodeConfig`, you must restart Cilium to apply these en In this step, you will deploy test applications along with a `tcpdump` DaemonSet to observe network traffic before and after enabling encryption. -### 3.1 Deploying test applications and `tcpdump` +### Deploying test applications and tcpdump Below is an example YAML manifest that deploys: @@ -265,4 +264,3 @@ You should now see traffic matching **port 51871**, indicating the packets are e Enabling encryption may slightly increase CPU usage on the nodes. Monitor resource utilization to ensure adequate capacity. For more details, refer to [Cilium’s WireGuard Encryption Documentation](https://docs.cilium.io/en/stable/security/network/encryption-wireguard/). -