Nebula, from the Slack team, looks like a really solid solution. All nodes having their own certificate, it doesn't even require to trust the coordination server. I love it!
But I'm surprised I can't find any big company claiming to use it (other than Slack themselves). I can only find 'Home-labbers' and smaller businesses, but no big guys looking into it. At least not publicly. Has anyone seen it deployed in a bigger corporation?
"Skupper is an over-the-top, multi-platform application interconnect. Skupper makes it easy to deploy private application networks that span multiples sites and platforms.
* Over-the-top - Skupper operates at the application layer, on top of existing IP networks. Services connect across network boundaries without VPNs or special firewall rules.
* Multi-platform - Skupper works on Kubernetes, Docker, Podman, and Linux. It scales up to multi-tenant clusters and down to edge devices.
* Application-centric - Skupper creates isolated application-focused networks with logical service addresses that enable application portability.
* Secure - Skupper uses mutual TLS authentication and encryption to protect all communication. Application services are never exposed on the public internet."
It's in use at several big orgs in production. For example, I know with 99.9% certainty it is still being used by the Dutch Railways to connect Kubernetes clusters running on Google Cloud, Microsoft Azure and AWS together.
Other than that, I mostly stopped using it because it forces you to regularly rotate all certificates, and for my personal purposes it was too much of a hassle.
I still like the project a lot and wish it would be more prominent. Nowadays everyone immediately seems to recommend Tailscale.
I'm planning to replace the traditional network architecture in my homelab with it to practice Zero Trust.