Full Mesh Encryption in Kubernetes with WireGuard and Calico - Peter Kelly, Tigera
Abstract
Encrypting data-in-transit is an important feature for many Kubernetes users especially for compliance and a zero-trust model. There are several ways this can be achieved, including using WireGuard, an exciting new lightweight VPN in the Linux kernel. This talk explains why you would choose WireGuard for this task and how it can work in a dynamic platform such as Kubernetes using Project Calico to provide a full host-to-host encrypted mesh at a layer below your application workloads. WireGuard is popular for good reason; lightweight, fast, scalable and easy. We’ll show you how easy it is to make it work but also dig in to the implementation details for those who love to sweat the details.Click here to view captioning/translation in the MeetingPlay platform!