Awesome
Gravitational Wormhole
Warning
Wormhole was archived 2023-07-01, as Teleport no longer supports Gravity.
Please see our Gravitational is Teleport blog post for more information.
Wormhole is a CNI plugin that creates an encrypted overlay network for kubernetes clusters.
WireGuard is a Fast, Modern, Secure VPN tunnel.
Wormhole uses WireGuard to create a simple and secure high performance encrypted overlay network for kubernetes clusters, that is easy to manage and troubleshoot.
Wormhole does not implement network policy, instead we recommend to use calico or kube-router as network policy controllers.
Getting Started
System Requirements
- WireGuard is installed on each node in you're cluster.
- A Kubernetes cluster with IPAM enabled (--pod-network-cidr= when using kubeadm based install)
Install (Kubeadm Cluster)
kubectl apply -f https://raw.githubusercontent.com/gravitational/wormhole/master/docs/kube-wormhole.yaml
Note: The kubeadm cluster must be initialized with (--pod-network-cidr / --service-cidr) to enable IPAM
Install (Generic)
kubectl apply -f https://raw.githubusercontent.com/gravitational/wormhole/master/docs/generic-wormhole.yaml
Note: Replace the --overlay-cidr flag in the daemonset with the overlay-cidr that matches you're network Note: Kubernetes IPAM must be enabled (--cluster-cidr / --allocate-node-cidrs on kube-controller-manager)
Troubleshooting
Test
go run mage.go test:all