Feature Request: Kubernetes Networking and Encryption

[michaelsixfeetup]

📋 User requirements

Below are the requirements based on the DevOps Guild Standup on 01/23/2024:

• Evaluation of Cilium and Calico for pod-to-pod communication and encryption
• Evaluation of Istio and Linkerd for service-to-service encryption.
• Network Policy implementation.
• Best practice architecture/guide on which layers should be encrypted

The overall goal is to implement proper network security within scaf at both the Pod layer and the Service layer.

✅ Acceptance criteria

• Cilium evaluation
• Calico evaluation
• Istio evaluation
• Linkerd evaluation

The goal of the evaluations are to test each tool to see which one fits best for SixFeetUp client needs. Ideally, the evaluation can be done on an existing or previous client need to make it as real-world as possible.

• Architecture
• Best practice implementation

The goal of the architecture and best practice evaluation is to ensure that whatever portions of this project are implemented with currently known client needs. If there aren't any current client needs for this particular project, the architecture and best practices should be built out based on a combination of both previous clients needs for similar projects and SixFeetUp best practices.