compliantkubernetes-apps icon indicating copy to clipboard operation
compliantkubernetes-apps copied to clipboard
verified publisher icon elastisys

Make connecting external networks via site-to-site VPN a feature

Open aarnq opened this issue 2 years ago • 1 comments

Is your feature request related to a problem? Please describe. We now have documentation on how to connect to an external network via site-to-site VPN, and we should add support for that in apps so we can simplify the management of it.

Describe the solution you'd like Either implement specific configuration for particular external networks, or make it more generic so you can set gateway with subnet and DNS forward for a particular domain in the config to enable this. (Gateway/VPN node not included).

I vote for the generic approach as it is more flexible, and it feels better than to having to hard code values for a particular external network.

Additional context Based on the work from this issue: https://github.com/elastisys/compliantkubernetes/issues/638

Definition of done: We can support external network via site-to-site VPN.

aarnq avatar Oct 17 '23 14:10 aarnq

Proposed API via wc-config.yaml:

sjunet:
  enabled: true
  gateway: 172.16.10.10
  sjunetDns:
    enabled: null  # default: true
    forward: null  # default: '81.89.151.40 81.89.151.12'

cristiklein avatar Oct 17 '23 19:10 cristiklein