Skip to content

zerotohero-dev/strongswan-playground

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
hack
hack
 
 
k8s
k8s
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
strongswan.Dockerfile
strongswan.Dockerfile
 
 

Repository files navigation

     _.._
 __d'_, `.
  /    ) )    StrongSwan
      / /     Kubernetes
     / /      Proof of Concept
    / /_..-====-..__
   / Y           `_=
  ( (         _.-"
  (   `-===-'" `"=-
   `._________.-"

About

This is a proof of concept that demostrates how to establish pod-to-pod IPSec connections using StrongSwan in Kubernetes.

Quick Start

Make sure you have SecretStrongSwanCerts.yaml prefilled in the ./k8s directory. There is a sample file SecretStrongSwanCerts.yaml.sample that you can use as a template.

First create the PVC:

cd k8s
kubectl apply -f SharedVolumeClaim.yaml

Then deploy the rest of the cluster:

cd k8s
kubectl apply -f .

Shell into any of the pods, you will see several scripts.

root@strongswan-pod1-7666dbf567-z949g:/# ls / | grep .sh
load.sh
start.sh
status.sh
tunnel.sh

Then do these in order in both of the pods:

  • Execute sh start.sh to start IPSec.
  • Execute sh load.sh to load the configuration.
  • Execute sh tunnel.sh to connect to the other pod.
  • Execute sh status.sh to check the status of the connection.

About

A StrongSwan Proof of Concept

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages