Comment by danudey
21 hours ago
If you use Kubernetes and Calico you can use Wireguard to transparently encrypt in-cluster traffic[1] (or across clusters if you have cluster mesh configured). I wonder if we'll see more "automatic SDN over Wireguard" stuff like this as time goes on and the technology gets more proven.
Problem is IIRC if you need FIPS compliance you can't use Wireguard, since it doesn't support the mandated FIPS ciphers or what-have-you.
[1]https://docs.tigera.io/calico/latest/network-policy/encrypt-...
sure, but I mean "road warrior" client. Typical, average company VPN users. Ironocally getting a technology like wireguard in k8s is easier than replacing an established vendor/product that serves normal users.