Zero-Trust for DevOps! Twingate + Terraform + Kubernetes
Vložit
- čas přidán 24. 06. 2024
- Check out Twingate, start making your network more secure and safe: twingate.com
In this video, I will explore the integration of Twingate with DevOps, focusing on its new Kubernetes operator and managing resources via Terraform. Discover how these tools enhance security and simplify access management in a HomeLab environment, making Twingate a potentially ideal Zero-Trust Networking solution for DevOps professionals. Let's dive into setting up and automating secure access to IT resources.
References
- Twingate Tutorial: • STOP using VPN, embrac...
________________
💜 Support me and become a Fan!
→ christianlempa.de/patreon
💬 Join our Community!
→ christianlempa.de/discord
👉 Follow me everywhere
→ christianlempa.de
________________
Read my Tech Documentation
christianlempa.de/docs
My Gear and Equipment
christianlempa.de/kit
________________
Timestamps:
00:00 Introduction
01:05 What is Twingate?
03:22 Kubernetes Operator
22:15 Terraform Plugin
39:34 Final thoughts
________________
Links can include affiliate links. - Věda a technologie
Eeehy cease and desist! You are using Terraform, you can't use an open source tool for things. That's copyright infringement! You can't even look at it.
Open Source drama aside: I'm reall interested in this one, I've been doing some research in this space. Excited to compare my notes to yours.
I was really hoping you'd explain what you are *not* using Twingate for.
What other multi-network are actively in your toolbox? OpenVPN? WireGuard? Tailscale? ZeroTier? Netbird? Firezone? Do you combine any of these?
The goal of the video is to show what I'm using it for, but of course, I'm using other tools as well for testing ;) Maybe I'll do a comparison video at some point, that would be a great idea!
if you add --create-namespace to the helm upgrade command you don't have to create the NS manually
if -n twingate exists, helm will use it. If it doesn't helm will create it first
So you don’t need to do the resource access per resource, you can just have the resourceRef match “owner:TeamA” and it will allow to attach to all pods in the namespace, right?
@christianlempa you asked for suggestions of other Zero Trust Tools you might cover. How about OpenZiti, Pritunl or Hashicorp Boundary?
Anyone else steer clear of anything related to Kubernetes? I just find it too difficult to use and I always have problems.
no problems if you’ve never started it 🤔😅
Yeah pretty much the same mentality here. It's a good concept, but just a very poorly polished product/ecosystem IMO. Recently worked on a project that involved 3 servers that were running as VM's and was tasked with hosting them on a Kubernetes cluster in the cloud. Took a good 6 months and couple engineers to get to a reasonable state.
It's not easy! It took me a long time to learn as well, but no worries, you gonna get there if you dedicate some time into your kubernetes homelab. it's absolutely worth it!
🎉🎉🎉
✌️
Hello can you suggest me any tool that can help me easy to manage terraform codes and easy deploy and configuration
I'm honestly just using terraform cli, and terraform cloud. There's nothing I'm missing, maybe just one thing, visualization of projects, but I haven't found a great tool or feature for that in TF cloud.
@@christianlempa thankyou 🙏
the difference between 1:32 and 1:33 my eyes left
😁