Commit Graph

20 Commits

Author SHA1 Message Date
leonnicolas
3a201ba0fa
Nodes without private IPs
Allow nodes to have no private IPs.
Nodes without private IPs will automatically be put into
their own location.
2021-01-24 22:37:24 +01:00
Tadeuš Varnas
849449890d
Apply suggestions from code review
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2020-12-14 10:20:53 +02:00
varnastadues
cb12666fc1 feat: add support for custom topology label 2020-12-11 16:44:20 +02:00
Lucas Servén Marín
116fb7337a
pkg/k8s: enable peers to use DNS names
This commit enables peers defined using the Peer CRD to declare their
endpoints using DNS names.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 14:48:38 +02:00
Lucas Servén Marín
0a10dc921c
pkg/k8s/apis: support for preshared keys in peers
This commit adds support for defining preshared keys when declaring a
new Peer CRD. This preshared key will be used whenever the nodes in the
Kilo mesh communicate with that peer.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-05-05 11:36:43 +02:00
Lucas Servén Marín
24d7c27901
pkg/mesh,docs: document and fix keepalive logic
This commit documents the use of the persistent-keepalive annotation and
corrects the implementation of keepalives.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-03-04 01:36:56 +01:00
Lucas Servén Marín
aa376ff0d1
pkg/mesh,pkg/wireguard: allow DNS name endpoints
This commit allows DNS names to be used when specifying the endpoint
for a node in the WireGuard mesh. This is useful in many scenarios, in
particular when operating an IoT device whose public IP is dynamic. This
change allows the administrator to use a dynamic DNS name in the node's
endpoint.

One of the side-effects of this change is that the WireGuard port can
now be specified individually for each node in the mesh, if the
administrator wishes to do so.

*Note*: this commit introduces a breaking change; the
`force-external-ip` node annotation has been removed; its functionality
has been ported over to the `force-endpoint` annotation. This annotation
is documented in the annotations.md file. The expected content of this
annotation is no longer a CIDR but rather a host:port. The host can be
either a DNS name or an IP.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-02-22 17:17:13 +01:00
Francis Nguyen
6de0f9805a
Define WireGuard PersistentKeepAlive via Annotation (#31)
* Add WireGuardPersistentKeepAlive to mesh.Node

* Connect to configuration

* Shorten keepalive key

* Fix casing on keepalive

* Add annotated keepalive value to peer functions
2020-02-13 10:16:55 +01:00
Lucas Servén Marín
63987713dd
pkg/k8s: update generated files 2020-01-09 00:15:36 +01:00
Lucas Servén Marín
5277ab5bad
docs,pkg: use new well-known region label
This commit updates the well-known label to determine the region of the
node to topology.kubernetes.io/region, which is the new standard as
defined by the Kubernetes documentation, now that
failure-domain.beta.kubernetes.io/region has been deprecated.
2020-01-07 18:41:55 +01:00
Lucas Servén Marín
8e755cf52e
pkg: allow overriding internal IP
This addresses the request for enhancement in
https://github.com/squat/kilo/issues/7.
2019-07-15 17:24:35 +02:00
Lucas Servén Marín
4d9c203603
pkg/mesh,cmd: add WireGuard IP to Nodes
This allows admins or users to have some easy visibility into the
configuration of the Kilo cluster.
2019-05-10 02:06:02 +02:00
Lucas Servén Marín
034c27ab78
pkg: fix reconciling peer updates 2019-05-08 17:13:24 +02:00
Lucas Servén Marín
90e68c7735
cmd/kgctl: add output options for showconf
This commit adds several output options to the `showconf` command of the
`kgctl` binary:
* `--as-peer`: this can be used to generate a peer configuration, which
can be used to configure the selected resource as a peer of another
WireGuard interface
* `--output`: this can be used to select the desired output format of
the peer resource, available options are: WireGuard, YAML, and JSON.
2019-05-08 01:31:36 +02:00
Lucas Servén Marín
b3a3c37e0a
*: add complete CNI support
This commit enables Kilo to work as an independent networking provider.
This is done by leveraging CNI. Kilo brings the necessary CNI plugins to
operate and takes care of all networking.

Add-on compatibility for Calico, Flannel, etc, will be re-introduced
shortly.
2019-05-07 01:49:59 +02:00
Lucas Servén Marín
85180a80cc
pkg/k8s/apis: make more fields optional 2019-05-03 14:08:13 +02:00
Lucas Servén Marín
160e0bb3e8
Makefile: fix go modules 2019-05-03 13:49:50 +02:00
Lucas Servén Marín
2425a06cd8
*: add peer VPN support
This commit adds support for defining arbitrary peers that should have
access to the VPN. In k8s, this is accomplished using the new Peer CRD.
2019-05-03 12:53:44 +02:00
Lucas Servén Marín
72bfb762b9
pkg/{k8s,mesh}: introduce liveness checks
This commit introduces liveness checks to Kilo. This allows the Kilo
daemons to take nodes with inactive or dead Kilo deamons out of the
topology until they are alive again.
2019-04-02 18:28:27 +02:00
Lucas Serven
e989f0a25f
init 2019-01-18 02:50:10 +01:00