This message was deleted.
# k3sa
adamant-kite-43734
09/06/2023, 10:33 PMThis message was deleted.
c
creamy-pencil-82913
09/07/2023, 2:17 AMI would recommend using --node-external-ip over --advertise-address
creamy-pencil-82913
09/07/2023, 2:17 AMm
magnificent-scooter-98714
09/07/2023, 2:28 AMwhat’s happening with the Embedded k3s multicloud solution? I don’t quite get it.
it’s basically relying on a wg network that underpins all the nodes?
magnificent-scooter-98714
09/07/2023, 2:29 AMI’ll try the -node-external-ip (as soon as I get this bug fixed 🙂 )
c
creamy-pencil-82913
09/07/2023, 3:17 AMyes, it tunnels everything through wg or tailscale in order to deal with the NAT between nodes. vxlan and other flannel backends are not secure and are meant to be used on relatively flat networks.
creamy-pencil-82913
09/07/2023, 3:18 AMtrying to run vxlan across the internet is a terrible idea, people can view and/or inject traffic
m
magnificent-scooter-98714
09/07/2023, 3:23 AMright on, that’s great
we’re struggling to connect the nodes w/ wireguard right now.
it’s not really nat, it’s a connection w/ a private link / private endpoint in azure. i think we should be able to set that up, but we’re having weird problems so far
b
brave-plumber-10994
09/07/2023, 9:24 AMHello, I'm working on same thing since yesterday, and have same problem. I made wg network between hosts with server and agent, connection works, but when I try to start agent it try to connect by external IP to server even I set server URL from wg network. Do you have any hints?