bryopsida
bryopsida
Introducing client connection test in: https://github.com/bryopsida/wireguard-chart/pull/55 Once that is integrated this will just need a test case added with the appropriate values toggled on to use the key mgr sidecar.
> Another things I note, is that the pod is very hard to debug, I can't get to any shell and kubectl exec gives errors in reading /etc/wireguard What kubernetes...
Looks to be related to this: https://github.com/argoproj/argo-cd/issues/7536 Normally the hooks only run on initial install but with Argo pre-install hooks are run on every sync. Have you tried setting the...
If that doesn't work for you I can adjust the job to check if the secret already exists and exit without modifying it if it does.
@syphernl I've started working on this over here: https://github.com/bryopsida/k8s-wireguard-mgr when I roll it into the chart it will be an opt in value toggle to replace the current hook behavior...
I started on a PR here: https://github.com/bryopsida/wireguard-chart/pull/51 but need to do some more testing etc before integrating it. It does seem like there a few ways to work with argo...
@dro-sh @syphernl this should be resolved in version 0.25.0 If you enable this flag `keygenJob.useWireguardManager` = `true` The key gen job will succeed even if the key already exists.
I haven't used this chart for cluster initiated traffic to a WG peer/client before. I think it's technically possible, but would require making the cluster pods aware that they need...
The stateless nature of UDP does not always lend itself to desirable behavior at the LB level, each cloud provider's LB implementation for UDP can vary and it may not...
Looks like there's overlap between this and https://github.com/cloudflare/helm-charts/pull/65.