ActivityPub and Mastodon brought new incentives into the world of decentralised communication platforms, even so far as I would call it a serious alternative to platforms like Twitter. But all efforts made by hundreds of individuals every day – administrating servers, developing software and moderating communities – have a weak spot which needs to be addressed in the near future: who has control over the underlying computing infrastructure of the Fediverse? And are users aware of the conditions?
Are you deploying distributed applications in a public cloud environment – for example OpenShift or Kubernetes? Did you ever wonder how your network traffic can be better secured in foreign infrastructure? If yes, this post is for you! Summary of my diploma thesis, which continued the work on traffic encryption in the OpenShift cloud container platform.
Connecting nodes with masters is usually secured with TLS. But there's more traffic than just between nodes and masters. This article describes how to set up a WireGuard mesh network between all nodes in a cluster by using Ansible.
The aim of this work is the research of possibilities which allow automatic and transparent encryption of internal network traffic between applications of Tenants in a multi-tenant OpenShift infrastructure.