To start off with I just want to setup a client (phone) to VPN through my cluster. I do this with wireguard directly today so I understand how it works, but I'm not seeing a clear path with Netmaker.

The first Helm chart has me with 3 netclients (nodes). Making any of those an Ingress and adding an External Client locks the client to that node. If the node is down the VPN is donw. I don't see a way to make this work, and the use of hostpaths for storage doesn't seem to ever allow failover. Am I missing something, can I have a client that can access all 3 ingress gateways? Can I have a Gateway that can be rescheduled or runs as multiple pods which all report as the same node?

I can't figure out what good the netmaker-wireguard Service is with the out of box configuraiton. The 3 replicas are all selected, so your packets can end up at any of them, but Netmaker sees them as 3 different nodes. In what situation do you have 3 nodes and not care which one your talking to, especially if external clients have to talk to specific nodes. I can't make heads or tails of the stateful set or the service I just don't see it's utility.