You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: tutorials/enabling-encryption-in-kapsule-with-cilium/index.mdx
+5-7Lines changed: 5 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,17 +1,16 @@
1
1
---
2
2
meta:
3
-
title: Enabling Encryption in Kapsule (Kubernetes 1.31) with Cilium
3
+
title: Enabling encryption in Kapsule (Kubernetes 1.31) with Cilium
4
4
description: Learn how to enable WireGuard encryption in Scaleway’s Kapsule Managed Kubernetes service using Cilium. This guide covers configuration steps, verification, and testing encryption for secure network traffic.
5
5
content:
6
-
h1: Enabling Encryption in Kapsule (Kubernetes 1.31) with Cilium
6
+
h1: Enabling encryption in Kapsule (Kubernetes 1.31) with Cilium
7
7
paragraph: Learn how to enable WireGuard encryption in Scaleway’s Kapsule Managed Kubernetes service using Cilium. This guide covers configuration steps, verification, and testing encryption for secure network traffic.
8
-
tags: hashicorp vault kubernetes k8s easy deploy
8
+
tags: encryption cilium kapsule wireguard
9
9
categories:
10
10
- containers
11
11
dates:
12
12
validation: 2024-12-31
13
13
posted: 2024-12-31
14
-
validation_frequency: 24
15
14
---
16
15
17
16
@@ -25,7 +24,7 @@ By default, Cilium is selected as the CNI when creating a cluster. We will confi
25
24
-`kubectl` installed and configured for your cluster.
26
25
- Cilium is selected as the [CNI](/containers/kubernetes/concepts/#container-network-interface-cni) in your cluster (default in Kapsule).
27
26
28
-
## Creating a `CiliumNodeConfig` resource for encryption
27
+
## Creating a CiliumNodeConfig resource for encryption
29
28
30
29
The `CiliumNodeConfig` resource defines encryption settings for Cilium. It enables **WireGuard encryption** across all nodes in your Kapsule cluster.
31
30
@@ -78,7 +77,7 @@ After creating the `CiliumNodeConfig`, you must restart Cilium to apply these en
78
77
79
78
In this step, you will deploy test applications along with a `tcpdump` DaemonSet to observe network traffic before and after enabling encryption.
80
79
81
-
### 3.1 Deploying test applications and `tcpdump`
80
+
### Deploying test applications and tcpdump
82
81
83
82
Below is an example YAML manifest that deploys:
84
83
@@ -265,4 +264,3 @@ You should now see traffic matching **port 51871**, indicating the packets are e
265
264
Enabling encryption may slightly increase CPU usage on the nodes. Monitor resource utilization to ensure adequate capacity.
266
265
267
266
For more details, refer to [Cilium’s WireGuard Encryption Documentation](https://docs.cilium.io/en/stable/security/network/encryption-wireguard/).
0 commit comments