tking/kedge
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Inter-cluster CNI + DaemonSet (Go)
3 commits 1 branch 0 tags 115 KiB
Go 66.3%
Python 20.6%
HCL 7.1%
Shell 2.8%
Makefile 2.1%
Other 1.1%
Find a file
Tyler King 3db2f3b0c7 feat: kedge_tunnel Ansible role 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 15:55:19 -04:00
.claude Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
ansible feat: kedge_tunnel Ansible role 2026-03-18 15:55:19 -04:00
docs Add three-model CNI adapter pattern to HFL-Kedge integration doc 2026-02-26 19:38:12 -05:00
internal Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
k8s Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
monitoring Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
proto/quartermaster/v1 Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
scripts Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
terraform Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
yang Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
.gitignore Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
buf.gen.yaml Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
buf.yaml Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
CLAUDE.md Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
compose.yaml Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
Containerfile.build Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
Containerfile.dev Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
go.mod Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
Makefile Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00
README.md Initial commit: Kedge network automation platform 2026-02-26 12:09:30 -05:00

README.md

Kedge

Dual-mode Kubernetes CNI plugin and node-level DaemonSet for attested connectivity between clusters and managed infrastructure. Part of the Guildhouse ecosystem.

Modes

  • Overlay: Tunnels over networks Kedge doesn't control (WireGuard/VXLAN). For cloud anchors, remote sites, MSP-managed customer environments.
  • Underlay: Programs the actual physical network fabric via vendor SDK dispatch through Bascule. For sites where you own the iron.

Both modes coexist at the same site. The capability token in a Shellstream handshake determines whether a session gets tunnel access (overlay) or infrastructure mutation authority (underlay).

Components

Component Language Description
CNI Plugin Go Multus secondary network attachment (net1), route programming
DaemonSet Go WireGuard mesh, Shellstream termination, QM notarization, VLAN management
YANG Compiler Python Device-agnostic policy → vendor-specific config (FortiOS, VyOS, UniFi)

Build

make build          # Build both binaries
make test           # Run Go tests
make lint           # golangci-lint
make proto-gen      # Generate gRPC client code from protos
make yang-validate  # Validate YANG models with pyang
make python-test    # Run YANG compiler tests

Project Structure

cmd/                 # Binary entry points (kedge-cni, kedge-daemon)
internal/            # Go internal packages
  cni/               # CNI plugin logic
  mesh/              # WireGuard tunnel lifecycle (overlay)
  vlan/              # VLAN interface management (underlay)
  shellstream/       # Handshake termination, SAT validation
  quartermaster/     # QM gRPC client, artifact types
  underlay/          # YANG watch, compilation trigger
  health/            # Prometheus metrics
  headscale/         # Peer discovery
  topology/          # Shared topology state
  config/            # Configuration types
yang/                # YANG models, site configs, Python compiler
k8s/                 # Kubernetes manifests
ansible/             # Bootstrap provisioning roles
terraform/           # Cloud anchor, mesh topology IaC
monitoring/          # Prometheus, Grafana dashboards

Current Status

Phase 1 (active): Two-cluster connectivity (homelab k3s + cloud anchor k3s). Overlay: WireGuard mesh, Shellstream handshake, SessionTransitArtifact. Underlay: VLAN bridges, YANG model, FortiOS + VyOS compiler targets, NetworkMutationArtifact.