mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-04-15 21:23:12 -04:00
7318f605e1
When enabling node-to-node encryption, Cilium does not encrypt control-plane to control-plane traffic by default since they say that they cannot gurantee that the generated private key for a node is persisted across reboots. In Constellation we use stateful VMs which when rebooted still have the cilium_wg0 interface containing the private key. Therefore, we can enable this type of encryption.