One way Calico is used to secure container workloads in Kubernetes is through Network Policies, which allow you to restrict the flow of traffic to and from trusted sources—but this can leave the traffic itself unprotected. One common solution to this is to encrypt traffic at the application level, but Calico gives you another choice: using Wireguard to encrypt data in transit.
In this webinar, we’ll explore the details of how Wireguard works, and the advances it makes over previous kernel VPN technologies. We’ll also look at and how we make use of Wireguard in Calico—what Calico does behind the scenes to set up the encrypted mesh, and how packets flow through the system.
Finally, deploying Wireguard with Calico in AKS has a few unique considerations, so we’ll discuss what it takes to enable Wireguard with Calico using Microsoft’s hosted Kubernetes service.