Are you deploying distributed applications in a public cloud environment – for example OpenShift or Kubernetes? Did you ever wonder how your network traffic can be better secured in foreign infrastructure? If yes, this post is for you! Summary of my diploma thesis, which continued the work on traffic encryption in the OpenShift cloud container platform.
Connecting nodes with masters is usually secured with TLS. But there's more traffic than just between nodes and masters. This article describes how to set up a WireGuard mesh network between all nodes in a cluster by using Ansible.
The aim of this work is the research of possibilities which allow automatic and transparent encryption of internal network traffic between applications of Tenants in a multi-tenant OpenShift infrastructure.