You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Each nodes inside private VPC subnet can communicate with each other node without encryption and sets direct routes to all nodes outside of it's VPC via WireGuard.
Benefits:
Traffic between private VPC nodes is not encrypted.
No additional hop and encapsulation needed, should work with all CNI plugins.
Drawbacks:
Each node must have public IP with opened port for WireGuard.
Each node must know other clouds nodes (still better than full mesh).
@squat What is your opinion on such topology? If it make sense I could create PR with my changes.
The text was updated successfully, but these errors were encountered:
Hi, in my kilo fork I implemented such topology.
Each nodes inside private VPC subnet can communicate with each other node without encryption and sets direct routes to all nodes outside of it's VPC via WireGuard.
Benefits:
Drawbacks:
@squat What is your opinion on such topology? If it make sense I could create PR with my changes.
The text was updated successfully, but these errors were encountered: