This commit changes the graph so that the WireGuard CIDR is used as the
title rather than the pod subnet assigned to a node in the cluster.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This ensures that Kilo will not select an IP assigned to the Kilo
interface when discovering public and private IPs.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit clarifies a few lines from the userspace doc and notes in
the README that Kilo works with userspace WireGuard.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
The PR to add support for cross-compilation to other OSs introduced a
bug in ARCH and OS variable detection. This commit fixes it.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit removes a code snippet that is specific to CoreOS Container
Linux. Including this in the installation instructions for WireGuard can
give the impression that this code works for any cluster.
Fixes: #89.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit adds a doc for `kg`, the Kilo agent that runs on every node
in the mesh. This includes: the doc itself, files needed for the
website, and tooling to generate the document using `embedmd`.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
If we tag a release for, e.g. 0.1.1, after we've already cut a 0.2.0
tag, then CI would tag the 0.1.1 image as `latest`, which is confusing.
This commit ensures that we only tag the `latest` image when building
from master.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
The current Alpine package CDN is timing out for aarch64. This commit
updates it to another mirror. This commit also changes the channel
Alpine channel from edge to v3.12. Note: the Dockerfile overrides the
Alpine CDN settings to ensure that a mirror with support for TLS is
used.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit introduces a new Prometheus metric to detect if the node is
a leader of its location, from its own point of view.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
Previously, when `deleteFromIndex` exited early due to an error, nil
rules would be left in the controller's list of rules, which could
provoke a panic on the next reconciliation. This commit ensures that nil
rules are removed before an early exit.
Fixes: #51
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
Previously, when udpdating the persistent keepalive of a node via
annotations, the node's WireGuard configuration was not updated. This
corrects the behavior.
Fixes: #54
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit adds support for defining preshared keys when declaring a
new Peer CRD. This preshared key will be used whenever the nodes in the
Kilo mesh communicate with that peer.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>