Skip to main content

WireGuard

Overview

WireGuard is available as an add-on within Ankra's platform, providing a simple, fast, and secure VPN using state-of-the-art cryptography. WireGuard ensures high performance and easy configuration for secure networking.

Configuration Options

The WireGuard add-on offers configurable inputs that allow you to customize the deployment for your networking needs. Below are the available inputs:

Inputs

  • Namespace
    This input sets the Kubernetes namespace for deploying WireGuard.

    • Default: wireguard

    Example:

    namespace: "wireguard"

  • Helm Release Name
    This input specifies the Helm release name for WireGuard.

    • Default: wireguard

    Example:

    helm_release_name: "wireguard"

  • Helm Chart Version
    This input sets the version of the WireGuard Helm chart to deploy.

    • Default: 0.25.0
    • Options:
      • 0.25.0 (default)

    Example:

    helm_chart_version: "0.25.0"

  • Server Address
    This input defines the WireGuard server address.

    • Default: 192.168.100.1/24

    Example:

    server_address: "192.168.100.1/24"

  • Server CIDR
    This input specifies the server CIDR for WireGuard.

    • Default: 192.168.100.0/24

    Example:

    server_cidr: "192.168.100.0/24"

  • Allow WAN Access
    This input enables or disables WAN access for WireGuard.

    • Default: true
    • Options:
      • true (default)
      • false

    Example:

    allow_wan: "true"

  • Use ELB for Load Balancer
    This input determines whether to use an ELB (Elastic Load Balancer) for WireGuard's service.

    • Default: false
    • Options:
      • true
      • false (default)

    Example:

    loadbalancer_elb: "false"

  • Number of Users
    This input defines the number of users to create for WireGuard.

    • Default: 1

    Example:

    users: "1"

Usage

Deploying WireGuard

To deploy WireGuard in your Kubernetes cluster using Ankra, follow these steps:

  1. Access the Add-ons Section
    In Ankra's platform, navigate to the Add-ons section and select WireGuard from the list of available add-ons.

  2. Configure Inputs
    You will be prompted to configure the following inputs:

    • Namespace: Define the namespace for WireGuard.
    • Helm Release Name: Set the release name for WireGuard.
    • Helm Chart Version: Set the version of the Helm chart to install.
    • Server Address: Define the WireGuard server address.
    • Server CIDR: Specify the server CIDR for WireGuard.
    • Allow WAN Access: Enable or disable WAN access.
    • Use ELB for Load Balancer: Decide whether to use ELB for WireGuard's service.
    • Number of Users: Set the number of users to create.

    Example configuration:

    namespace: "wireguard"
    helm_release_name: "wireguard"
    helm_chart_version: "0.25.0"
    server_address: "192.168.100.1/24"
    server_cidr: "192.168.100.0/24"
    allow_wan: "true"
    loadbalancer_elb: "false"
    users: "1"

  3. Access
    You can download the wireguard config files directly from the generated one in the secrets. decode the secret from base64 and and create a file wg0.conf. Now import this config file into your Wireguard Client on your desktop/device.