• This repository has been archived on 01/Jul/2023
  • Stars
    star
    517
  • Rank 85,558 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created about 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Wireguard based overlay network CNI plugin for kubernetes

Support Notice

The Wormhole project is no longer under active development. The project's development has been limited to maintenance and support for our commercial customers until maintenance agreements expire.

Please see our blog post for more information: https://goteleport.com/blog/gravitational-is-teleport/

Gravitational Wormhole

Wormhole is a simple CNI plugin designed to create an encrypted overlay network for kubernetes clusters.

WireGuard is a fascinating Fast, Modern, Secure VPN tunnel, that has been gaining significant praise from security experts, and is currently proposed for inclusion within the linux kernel.

Wormhole uses WireGuard to create a simple and secure high performance encrypted overlay network for kubernetes clusters, that is easy to manage and troubleshoot.

Wormhole does not implement network policy, instead we recommend to use calico or kube-router as network policy controllers.

Notice

The Gravitational Wormhole project is currently considered experimental, and has not undergone any external security audits. Use at your own risk.

Getting Started

System Requirements

  1. WireGuard is installed on each node in you're cluster.
  2. A Kubernetes cluster with IPAM enabled (--pod-network-cidr= when using kubeadm based install)

Install (Kubeadm Cluster)

kubectl apply -f https://raw.githubusercontent.com/gravitational/wormhole/master/docs/kube-wormhole.yaml

Note: The kubeadm cluster must be initialized with (--pod-network-cidr / --service-cidr) to enable IPAM

Install (Generic)

kubectl apply -f https://raw.githubusercontent.com/gravitational/wormhole/master/docs/generic-wormhole.yaml

Note: Replace the --overlay-cidr flag in the daemonset with the overlay-cidr that matches you're network Note: Kubernetes IPAM must be enabled (--cluster-cidr / --allocate-node-cidrs on kube-controller-manager)

Troubleshooting

See troubleshooting.md

Build and Publish to a docker registry

WORM_REGISTRY_IMAGE="quay.io/gravitational/wormhole" go run mage.go build:publish

Test

go run mage.go test:all

More Information

Contributing

The best way to contribute is to create issues or pull requests right here on Github. You can also reach the Gravitational team through their website

Resources

Project Links Description
Blog Our blog, where we publish gravitational news
Security and Release Updates Subscribe to our discourse for security and news updates
Community Forum Gravitational Community Forum

Who Built Wormhole?

Wormhole was created by Gravitational Inc. We have built wormhole by leveraging our experience automating and supporting hundreds of kubernetes clusters with Gravity, our Kubernetes distribution optimized for deploying and remotely controlling complex applications into multiple environments at the same time:

  • Multiple cloud regions
  • Colocation
  • Private enterprise clouds located behind firewalls

More Repositories

1

teleport

The easiest, and most secure way to access and protect all of your infrastructure.
Go
17,127
star
2

teleconsole

Command line tool to share your UNIX terminal and forward local TCP ports to people you trust.
Go
2,780
star
3

workshop

Docker, Kubernetes and Gravity Trainings by Gravitational
Go
2,025
star
4

gravity

Kubernetes application deployments for restricted, regulated, or remote environments
Go
1,082
star
5

satellite

Simple and extensible monitoring agent / library for Kubernetes: https://gravitational.com/blog/monitoring_kubernetes_satellite/
Go
198
star
6

cve-2018-1002105

Test utility for cve-2018-1002105
Go
195
star
7

teleport-plugins

Set of plugins for Teleport
HTML
83
star
8

careers

Apply at https://jobs.lever.co/teleport
TeX
83
star
9

trace

Package for error handling and error reporting
Go
66
star
10

planet

Installable Kubernetes delivered in containers
Go
51
star
11

webapps

Mono-repository of Gravitational Web Applications
TypeScript
46
star
12

configure

Configure is a golang library that populates a struct from environment variables, command line arugments and YAML files.
Go
45
star
13

rigging

Kubernetes resources change management
Go
40
star
14

monitoring-app

Gravity application that provides a Kapacitor/Alertmanager/Grafana based monitoring system.
Go
34
star
15

force

A new programming language for cloud native workflows
Go
31
star
16

rbac-linter

Python
28
star
17

teleport-cluster-terraform

Archived - see the Terraform in gravitational/teleport instead
HCL
23
star
18

console-demo

Simplest possible implementation of web-based terminal for Golang backend
JavaScript
23
star
19

protoc-gen-terraform

Generates Terraform provider schemas and unmarshallers from protobuf definitions
Go
16
star
20

version

version is a library that automates the task of adding build version information to any Go package
Go
16
star
21

udpbeat

ELK beat that collects the structured inputs via UDP and emits them to ELK
Go
15
star
22

stolon-app

Opinionated stolon gravity/kubernetes app.
Go
13
star
23

kube2sky

A bridge between Kubernetes and SkyDNS.
Go
13
star
24

sync-controller

Controller that synchronizes Kubernetes custom resources between clusters
Go
12
star
25

roundtrip

Library for HTTP request/response workflow
Go
12
star
26

logging-app

This gravity app provides an rsyslog-based log collection system to gravity sites.
Go
12
star
27

robotest

Automated provisioning and install testing
Go
11
star
28

docs

Source code backing goteleport.com/docs
TypeScript
11
star
29

next

Doc and website engine using next
TypeScript
11
star
30

etcd-backup

For handling backup/restore of etcd database from userspace
Go
9
star
31

jenkins-pipelines

Go
9
star
32

provisioner

[DEPRECATED] Terraform based provisioners for ops center
Go
7
star
33

bandwagon

Sample custom post-installation application for Gravity
JavaScript
7
star
34

teleport-agent-terraform

Terraform module which sets up a Teleport agent in AWS
HCL
7
star
35

terraform-gravity

Public terraform scripts for deploying Gravity
HCL
6
star
36

keygen

OSS tool for easy SSH key generation
Go
6
star
37

license

CA and licensing tools
Go
6
star
38

docker-debian

Customized Debian Docker images
Shell
6
star
39

gha-exporter

GitHub Actions metrics exporter for Prometheus
Go
6
star
40

protobuf-as

Protobuf AssemblyScript compiler
WebAssembly
5
star
41

slackbot

Gravitational support bot
Go
5
star
42

mm

Auto discovery and export Prometheus metrics into InfluxDB
Go
5
star
43

licensinator

Python
4
star
44

gamma

An open source tool to compile a monorepo of GitHub actions into individual repos
Go
4
star
45

webassets

HTML
4
star
46

healthz

Version of SkyDNS healthz that is simply Go
Go
4
star
47

cloud-native-hackathon

Teleport Challenge
4
star
48

quickstart

Getting started with Gravity. Sample application
HCL
4
star
49

shared-workflows

GitHub Actions shared within the organization
Go
3
star
50

docker-ubuntu

Customized Ubuntu Docker images
Shell
3
star
51

fakeiot

Fake IOT test cluster used for Full Stack Coding challenge
Go
3
star
52

predicate-lang

Predicate - Access Control System
3
star
53

pithos-app

Pithos object store for Kubernetes + Gravity
Go
3
star
54

storage-app

Gravity system application that provides OpenEBS-based persistent storage for clusters
Makefile
3
star
55

coordinate

Set of utilities for ETCD and BoltDB
Go
3
star
56

reporting

gRPC based client/server usage reporting module
Go
2
star
57

httplib

HTTP Library utils
Go
2
star
58

oom

Reproduce problems with missing backpressure when using grpc ServeHTTP and a solution
Go
2
star
59

selinux

SELinux support for Gravity
Shell
2
star
60

cluster-ssl-app

cluster ssl system application
Shell
2
star
61

form

Package for handling HTTP web forms input
Go
2
star
62

session

Secure session IDs encrypted by lemma
Go
2
star
63

log

backport of logging facility we are using for compatibility purposes
Go
2
star
64

hackernews-challenge

Frontend Developer Challenge
2
star
65

it-onboarding

IT Onboarding
1
star
66

teleport-actions

Mono-repository of GitHub Actions for Teleport
1
star
67

.github

Teleport GitHub Organization Repository
1
star
68

aws-teleport-workshop

Teleport AWS Workshop
1
star
69

lf

LF is a on disk log format key value data store. Never use it anywhere
1
star
70

downtime

TypeScript
1
star
71

hello

Tiny web app skeleton to show the basic Gravitational project structure and development workflow
Go
1
star
72

aws-ecr-helper

Amazon ECR Credential Helper for kubernetes cronjobs
Go
1
star
73

challenge-user-management

User Management Coding Challenge
CSS
1
star
74

django-app

Gravity django-app
Go
1
star
75

gh-actions-poc

Go
1
star
76

ingress-app

Ingress App
Mustache
1
star
77

robotest-triage

Tools for triaging bulk Robotest runs
Python
1
star
78

magnet

Experimental library for working with mage as a build system
Go
1
star
79

patroni-app

Gravity application that provides installation of Patroni(a template for PostgreSQL HA)
HTML
1
star
80

godl

Go
1
star
81

packer-manifests

This repository contains manifests for Hashicorp Packer
Shell
1
star
82

teleport-github-actions-provisioning

An example of using Teleport Machine ID with Github Actions
HCL
1
star
83

sw

Star Wars Frontend Challenge
CSS
1
star
84

it-prod-public-test

a testing repo
1
star
85

influxdata-webinar

Files for Influxdata Webinar
JavaScript
1
star
86

test-it-public-repo

Testing repo
1
star
87

tpl

Render static text template from a configuration file
Go
1
star