Kilo connects nodes in a cluster by providing an encrypted layer 3 network that can span across data centers and public clouds. By allowing pools of nodes in different locations to communicate securely, Kilo enables the operation of multi-cloud clusters. Kilo's design allows clients to VPN to a cluster in order to securely access services running on the cluster. In addition to creating multi-cloud clusters, Kilo enables the creation of multi-cluster services, i.e. services that span across different Kubernetes clusters.
Wormhole is a simple CNI plugin designed to create an encrypted overlay network for kubernetes clusters.
WireGuard is a fascinating Fast, Modern, Secure VPN tunnel, that has been gaining significant praise from security experts, and is currently proposed for inclusion within the linux kernel.
kube-iptables-tailer is a service that gives you better visibility on networking issues in your Kubernetes cluster by detecting the traffic denied by iptables and surfacing corresponding information to the affected Pods via Kubernetes events.
Cross-Cluster Network Connectivity for Kubernetes
Submariner enables direct networking between pods in different Kubernetes clusters on prem or in the cloud.
Ever needed a copy/paste clipboard that works over the network?
Piknik seamlessly and securely transfers URLs, code snippets, documents, virtually anything between arbitrary hosts.
No SSH needed, and hosts can sit behind NAT gateways, on different networks.
Fill in the clipboard ("copy") with whatever comes in to the standard input
Goldpinger makes calls between its instances for visibility and alerting. It runs as a DaemonSet on Kubernetes and produces Prometheus metrics that can be scraped, visualised and alerted on.
Bulk port forwarding Kubernetes services for local development. - txn2/kubefwd
kubefwd helps to enable a seamless and efficient way to develop applications and services on a local workstation
Kube-router is a distributed load balancer, firewall and router designed for Kubernetes networking with aim to provide operational simplicity and high performance.
With all features enabled, kube-router is a lean yet powerful alternative to several network components used in typical Kubernetes clusters. All this from a single DaemonSet/Binary. It doesn't get any easier.
connbeat - Agent exposing connection-related information, based on the Elastic Beats framework
Guidance on BGP Filtering
Have you ever wanted the quick development cycle of local code while still having your code run within a remote Kubernetes cluster? Telepresence allows you to develop locally, running your code on your machine, while still making your code appear as if it is running in Kubernetes.
That includes transparent access to the remote network, environment variables that match the remote Pod, and even access to Kubernetes volumes
A friend once told me that his university has an HTTP(S)-only proxy, and thus he is unable to SSH to hosts outside. 5 hours of intensive coding later using code borrowed from my course assignment, here’s HOP.
HOP is a tool meant to tunnel any sort of traffic over a standard HTTP channel.
Hey! Listen! This post is part of a series on the Ubiquiti EdgeRouter Lite. Check them all out! Introduction As much as I love my C7 running OpenWrt, I’ve been hearing a lot of good things about Ubiquiti devices. In particular, the EdgeRouter Lite, which is touted as being the world’s first router under $100 capable …