This message was deleted.
# generala
adamant-kite-43734
08/16/2022, 11:17 PMThis message was deleted.
b
bland-account-99790
08/17/2022, 12:13 PMAs far as I know, CNI plugins expect nodes to be in the same L2 network. Therefore, if you want to connect nodes that are not in the same L2 network, I suggest using a VPN solution that would make the CNI plugin believe that it is working in a L2 network
bland-account-99790
08/17/2022, 12:14 PMThe concept of external ip in kubernetes is very constrained
b
brainy-postman-1566
08/17/2022, 1:56 PMhmm, I can probably make an IPsec tunnel and test I guess, thanks for the tip.
s
square-engine-61315
08/18/2022, 7:12 AMVPN is a good idea. I'm using tinc VPN. My cluster is all over the internet. But even with a VPN, you need to tell K3s which interface to use. In config.yaml on my server / control plane node, I have something like:
Copy code
tls-san:
- "server1.tincvpn"
advertise-address: 10.x.y.z # The tinc VPN IP
node-ip: 10.x.y.z # The tinc VPN IP
node-external-ip: 156.x.y.z # The public IP
flannel-iface: tun1 # The tinc VPN interface Copy code
node-ip: 10.x.y.zz # The tinc VPN IP
flannel-iface: tun1 # The tinc VPN interface
token: asdf::server:foo
server: <https://server1.tincvpn:6443>5 Views