This message was deleted.
# harvestera
adamant-kite-43734
10/11/2023, 6:46 PMThis message was deleted.
a
ancient-pizza-13099
10/12/2023, 7:08 AMCould you tell more details.
run the VPN agent in Harvester so that Harvester is a VPN gateway ?
g
great-carpenter-56581
10/12/2023, 7:09 AMYeah, I want to run the management network in Tailscale
great-carpenter-56581
10/12/2023, 7:26 AM@ancient-pizza-13099 Do you have any idea on how to do this?
a
ancient-pizza-13099
10/12/2023, 12:48 PMBasically, an indepedent VPN gateway is the better practice, thus Harvester has no knowledge of VPN.
g
great-carpenter-56581
10/12/2023, 12:49 PMThat's not possible, especially when one of the sellingpoints is "hybrid".
a
ancient-pizza-13099
10/12/2023, 12:49 PMWhen you wanna Harvester to be part of the VPN network, namely, Harvester VIP needs to add anohter component to encode/decode VPN related stuff
ancient-pizza-13099
10/12/2023, 12:50 PMAt the moment, I don't know a simple solution yet.
g
great-carpenter-56581
10/12/2023, 12:50 PMSo I need a NIC dedicated to the cluster which is impossible when on multi regions without a VPN
great-carpenter-56581
10/12/2023, 12:51 PMcannot setup a virtualmachine either
a
ancient-pizza-13099
10/12/2023, 12:52 PMThat is still difficult, Harvester VIP can float on a couple of (Let's say three) management NODE, and the VPN gateway needs to float as well, indeed, it should sit in front of kubeVIP
ancient-pizza-13099
10/12/2023, 12:53 PMthe disk size is not matching
ancient-pizza-13099
10/12/2023, 12:54 PMmanybe certain kind of side-car to KubeVIP can have VPN feature, but needs more investigation
g
great-bear-19718
10/16/2023, 11:21 PMi have not tried this myself but what about this? https://tailscale.com/kb/1236/kubernetes-operator/
👍 1
great-bear-19718
10/16/2023, 11:22 PMyou could leverage 1.2.0+ and new baremetal workload feature capability to deploy this..
3 Views