
Weave Net 1.9 Released: Encrypted Fast Datapath and ARM - weitzj
https://www.weave.works/weave-net-1-9-released-encrypted-fast-datapath-arm/
======
weitzj
As far as I understood that means it will be getting even easier launching a
self-hosted, __secure __Kubernetes cluster on DigitalOcean or Scaleway using
DigitalOcean 's or Scaleways's datacenter private network.

If you are hosting on AWS you have the luxury of AWS-VPC, whereas the when
hosting on Scaleway, the private Scaleway network is not really private for
your account but for all Scaleway users in their datacenter. So here you have
to think about encryption a bit more. Either you encrypt all transports
between your services at the service-layer, or install a VPN (tinc, PeerVPN,
ZeroTier). And on top of this for Kubernetes to work you need some SDN, e.g.
flannel,Calico, which does not do any encryption.

So using Weave you get both worlds. Ready to use SDN for Kubernetes as well as
transport security.

My goto feature would be ZeroTier 6PLANE IPv6 Addressing
([https://www.zerotier.com/community/topic/67/zerotier-6plane-...](https://www.zerotier.com/community/topic/67/zerotier-6plane-
ipv6-addressing)) from Zerotier.com, once I have figured out how to use this
with Kubernetes.

But right now Weave seems to be in the sweetspot for this.

