I've been doing some research these days about the state of the art for mesh VPN's / network overlays. I'm looking for secure options for a small company and even to update my home server.
Nebula, from the Slack team, looks like a really solid solution. All nodes having their own certificate, it doesn't even require to trust the coordination server. I love it!
But I'm surprised I can't find any big company claiming to use it (other than Slack themselves). I can only find 'Home-labbers' and smaller businesses, but no big guys looking into it. At least not publicly. Has anyone seen it deployed in a bigger corporation?
"Skupper is an over-the-top, multi-platform application interconnect. Skupper makes it easy to deploy private application networks that span multiples sites and platforms.
* Over-the-top - Skupper operates at the application layer, on top of existing IP networks. Services connect across network boundaries without VPNs or special firewall rules.
* Multi-platform - Skupper works on Kubernetes, Docker, Podman, and Linux. It scales up to multi-tenant clusters and down to edge devices.
* Application-centric - Skupper creates isolated application-focused networks with logical service addresses that enable application portability.
* Secure - Skupper uses mutual TLS authentication and encryption to protect all communication. Application services are never exposed on the public internet."
It's in use at several big orgs in production. For example, I know with 99.9% certainty it is still being used by the Dutch Railways to connect Kubernetes clusters running on Google Cloud, Microsoft Azure and AWS together.