constellation/dev-docs/howto/vpn/helm/values.yaml


# Constellation Pod IP range to expose via VPN. The default is for GCP.
podCIDR: "10.10.0.0/16"

# Constellation Service IPs to expose via VPN. The default is for GCP.
serviceCIDR: "10.96.0.0/12"

# on-prem IP ranges to expose to Constellation. Must contain at least one CIDR.
peerCIDRs: []

# IPSec configuration
ipsec:
  # pre-shared key used for authentication
  psk: ""
  # Address of the peer's gateway router.
  peer: ""

# required tools:  sh    nsenter    ip       pidof  jq kubectl    charon
image: "nixery.dev/shell/util-linux/iproute2/procps/jq/kubernetes/strongswan"
docs: add Helm chart for VPN connectivity (#2577) Co-authored-by: 3u13r <lc@edgeless.systems> 2023-11-22 09:08:11 -05:00
			`# Constellation Pod IP range to expose via VPN. The default is for GCP.`
			`podCIDR: "10.10.0.0/16"`

			`# Constellation Service IPs to expose via VPN. The default is for GCP.`
			`serviceCIDR: "10.96.0.0/12"`

			`# on-prem IP ranges to expose to Constellation. Must contain at least one CIDR.`
			`peerCIDRs: []`

			`# IPSec configuration`
			`ipsec:`
			`# pre-shared key used for authentication`
			`psk: ""`
			`# Address of the peer's gateway router.`
			`peer: ""`

dev-docs: Helm chart for full L3 VPN connectivity (#2620) * dev-docs: add 'things to try' section to VPN howto * dev-docs: full L3 connectivity in VPN chart 2024-01-16 07:59:33 -05:00			`# required tools: sh nsenter ip pidof jq kubectl charon`
			`image: "nixery.dev/shell/util-linux/iproute2/procps/jq/kubernetes/strongswan"`