Painless deployment of wireguard on kubernetes
If you are facing any problems please open an issue or start a discussion
spec.enableIpForwardOnPodInit: true
spec.mtu: "1380"
spec.serviceType: "NodePort"
. DigitalOcean LoadBalancer does not support UDP. apiVersion: vpn.wireguard-operator.io/v1alpha1
kind: Wireguard
metadata:
name: "my-cool-vpn"
spec:
mtu: "1380"
apiVersion: vpn.wireguard-operator.io/v1alpha1
kind: WireguardPeer
metadata:
name: peer1
spec:
wireguardRef: "my-cool-vpn"
Peer configuration can be retrieved using the following command:
kubectl get wireguardpeer peer1 --template={{.status.config}} | bash
After executing it, something similar to the following will be shown. Use this config snippet to configure your preferred Wireguard client:
[Interface]
PrivateKey = WOhR7uTMAqmZamc1umzfwm8o4ZxLdR5LjDcUYaW/PH8=
Address = 10.8.0.3
DNS = 10.48.0.10, default.svc.cluster.local
MTU = 1380
[Peer]
PublicKey = sO3ZWhnIT8owcdsfwiMRu2D8LzKmae2gUAxAmhx5GTg=
AllowedIPs = 0.0.0.0/0
Endpoint = 32.121.45.102:51820
kubectl apply -f https://github.com/jodevsa/wireguard-operator/releases/download/v2.1.0/release.yaml
kubectl delete -f https://github.com/jodevsa/wireguard-operator/releases/download/v2.1.0/release.yaml
This project is done on top of Kubebuilder, so read about that project before collaborating. Of course, we are open to external collaborations for this project. For doing it you must fork the repository, make your changes to the code and open a PR. The code will be reviewed and tested (always)
We are developers and hate bad code. For that reason we ask you the highest quality on each line of code to improve this project on each iteration.