Cilium Transparent Encryption with IPSec and WireGuard
Encryption is required for many compliance frameworks. Kubernetes doesn’t natively offer pod-to-pod encryption. To offer encryption capabilities, it’s often required to implement it directly into your applications or deploy a Service Mesh. Both options add complexity and operational headaches.
Cilium actually provides two options to encrypt traffic between Cilium-managed endpoints: IPsec and WireGuard. In this lab, you will be installing and testing both features and will get to experience how easy it is to encrypt data in transit with Cilium.
Main steps in the lab
Explore the lab's environment
Let's install Cilium on the cluster and set up IPsec for Transparent Encryption.
Now that we have installed IPSec, let's look at Day 2 Operations.
Let's encrypt pod-to-pod traffic using Cilium's Transparent Encryption WireGuard feature!