|
|
|
|
|
|
by madjam002
1658 days ago
|
|
|
I too am interested in this. I long for the day where Kubernetes services, virtual machines, dedicated servers and developer machines can all securely talk to eachother in some kind of service mesh, where security and firewalls can be implemented with "tags". Tailscale seems to be pretty much this, but while it seems great for the dev/user facing side of things (developer machine connectivity), it doesn't seem like it's suited for the service to service communication side? It would be nice to have one unified connectivity solution with identity based security rather than e.g Consul Connect for services, Tailscale / Wireguard for dev machine connectivity, etc. |
|
|
That's exactly what Scalable Group Tags (SGTs) are -
https://tools.ietf.org/id/draft-smith-kandula-sxp-07.html
Cisco implements this as a part of TrustSec