edgevpn
cert-manager
edgevpn | cert-manager | |
---|---|---|
4 | 8 | |
520 | 8,860 | |
- | - | |
9.0 | 9.9 | |
2 days ago | almost 2 years ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
edgevpn
-
Blockchain : Création de réseaux privés décentralisés avec EdgeVPN et application à l’opérateur…
EdgeVPN
-
I've created a Kubernetes/k3s Linux Derivative for creating "distributed" cluster, and would love feedback/help from community
I've been using a project of mine which creates VPN network via P2P without central servers, based on libp2p. It's this one: https://github.com/mudler/edgevpn it offers an API for coordinating nodes which is leveraged to setup automatically k3s. The heavy lifting is actually done there.
-
blockchain-based libp2p VPN
I've assembled https://github.com/mudler/edgevpn - it's a dead simple/no frill VPN based on libp2p, where the routing table is shared as a blockchain. The configuration is really straightforward, where you share the same config between nodes, or even just via token. (I find it extremely useful for CI and testing)
cert-manager
-
Getting Rancher to work with Calico - Web interface won't connect
curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=v1.25.8+k3s1 INSTALL_K3S_EXEC="--flannel-backend=none --disable-network-policy --disable=traefik --cluster-cidr=10.42.0.0/16" sh - Install kubectl from APT https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/ Install helm from APT https://helm.sh/docs/intro/install/ cp /etc/rancher/k3s/k3s.yaml .kube/config cp /etc/rancher/k3s/k3s.yaml /root/.kube/config kubectl create -f tigera-operator.yaml #Change ippools CIDR to 10.42.0.0/16 kubectl create -f custom-resources.yaml watch kubectl get pods --all-namespaces kubectl get nodes -o wide helm repo add rancher-stable https://releases.rancher.com/server-charts/stable kubectl create namespace cattle-system kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5.1/cert-manager.crds.yaml helm repo add jetstack https://charts.jetstack.io helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.5.1 helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=scrapper.todoroff.net --set global.cattle.psp.enabled=false kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{"\n"}}' xxxxxxxxxxxxxxv6h72ckxp2xz2fpgqrlw864s2wjxbw8mwcr75
- cert-manager on kubernetes without hairpin nat
-
Blockchain : Création de réseaux privés décentralisés avec EdgeVPN et application à l’opérateur…
root@edgevpn1:~# kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5.3/cert-manager.yaml customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created namespace/cert-manager created serviceaccount/cert-manager-cainjector created serviceaccount/cert-manager created serviceaccount/cert-manager-webhook created clusterrole.rbac.authorization.k8s.io/cert-manager-cainjector created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-issuers created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificates created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-orders created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-challenges created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created clusterrole.rbac.authorization.k8s.io/cert-manager-view created clusterrole.rbac.authorization.k8s.io/cert-manager-edit created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-cainjector created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-issuers created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificates created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-orders created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-challenges created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created role.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created role.rbac.authorization.k8s.io/cert-manager:leaderelection created role.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created rolebinding.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection created rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created service/cert-manager created service/cert-manager-webhook created deployment.apps/cert-manager-cainjector created deployment.apps/cert-manager created deployment.apps/cert-manager-webhook created mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
-
Kubernetes cert-manager not updating certificates after issuer change
I am using cert-manager 0.5.2 to manage Let's Encrypt certificates on our Kubernetes cluster.
- can't get certs working with cert-manager
-
help with rancher setup
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest helm repo add jetstack https://charts.jetstack.io kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml helm upgrade -i cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace helm upgrade -i rancher rancher-latest/rancher --version 2.5.4 --create-namespace --namespace cattle-system --set hostname=rancher.zbs.local --set bootstrapPassword=bootStrapAllTheThings --set replicas=1
-
CertManager Letsencrypt CertificateRequest "failed to perform self check GET request"
Waiting for http-01 challenge propagation: failed to perform self check GET request, it's similar to this bug https://github.com/jetstack/cert-manager/issues/656but all solutions from GitHub ticket comments didn't help.
-
Rancher 2.6 install via helm on a 3-node shared tenancy (worker/control/etcd) k8s cluster. No ingress created?
- name: Finalize cluster become: no hosts: control[0] remote_user: ansibleadmin vars: tfconfig: "{{ lookup('file', 'variables.auto.tfvars.json') }}" tasks: - name: Remove taint to allow workloads on masters command: kubectl taint nodes --all=true node-role.kubernetes.io/master:NoSchedule- - name: Install helm ansible.builtin.shell: creates: /usr/local/bin/helm cmd: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - name: Install Rancher Helm repo command: helm repo add rancher-stable https://releases.rancher.com/server-charts/stable - name: Install jetstack Helm repo command: helm repo add jetstack https://charts.jetstack.io - name: Update helm repos command: helm repo update - name: Create rancher namespace command: kubectl create namespace cattle-system - name: Install cert manager CRD command: kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml - name: Install cert manager Helm chart command: helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.7.1 - name: Install Rancher via Helm command: helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname={{ tfconfig['cluster-id'] }}-lb.{{ tfconfig['domain'] }} --set replicas=3 --set bootstrapPassword={{ tfconfig['rancher-password'] }} - name: Show boot pass debug: msg: "Visit this link in your browser to complete rancher setup: https://{{ tfconfig['cluster-id'] }}-lb.{{ tfconfig['domain'] }}/dashboard/?setup={{ tfconfig['rancher-password'] }}"
What are some alternatives?
kubevpn - KubeVPN is Cloud Native Dev Environment. Connect to kubernetes cluster network, you can access remote kubernetes cluster network via service name or Pod IP / Service IP. Intercept remote kubernetes cluster service inbound traffic to local PC with service mesh. You can run your k8s pod on local Docker container with same env、volume and network.
kotal - Blockchain Kubernetes Operator
kairos - :penguin: The immutable Linux meta-distribution for edge Kubernetes.
ipfs-cluster - Pinset orchestration for IPFS
cyber-acid - Liquid democracy political simulator based on the automated data feed from the moneyless economy simulator Cyber Stasis.
operator - Kubernetes operator for installing Calico and Calico Enterprise
ipfs-operator
cert-manager - Automatically provision and manage TLS certificates in Kubernetes
quic-go - A QUIC implementation in pure Go
stackset-controller - Opinionated StackSet resource for managing application life cycle and traffic switching in Kubernetes
lpweb - expose local http service using libp2p
k3s - Lightweight Kubernetes