Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Internal Air-gap with Istio, MetalLB and CoreDNS #45

Open
justinthelaw opened this issue Jul 15, 2024 · 0 comments
Open

Internal Air-gap with Istio, MetalLB and CoreDNS #45

justinthelaw opened this issue Jul 15, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@justinthelaw
Copy link
Owner

Is your feature request related to a problem? Please describe

Although we have the IP Tables scripts for air-gapping the entire machine that is being used to test air-gap installation of UDS RKE2 and its components, we still want to be able to restrict the entire cluster's resources from contacting services outside of the cluster and/or on the internet (e.g., error reports, Docker, analytics endpoints, etc.).

Describe the solution you'd like

Internal cluster policies, using Istio ad CoreDNS, can enable a strong pseudo-airgap that will enable air-gap testing within a pre-bootstrapped RKE2 cluster.

Describe alternatives you've considered

N/A

Additional context

N/A
@justinthelaw justinthelaw added the enhancement New feature or request label Jul 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@justinthelaw