K
Q

How should be VPN tunneling established to connect to eureka outside kubernetes cluster

4/16/2019

I have spring-boot microservices deployed to kubernetes cluster. Outside cluster there is netflix eureka discovery service on AWS. I want to register my services on this eureka. Gateway is also on AWS. On my localmachine I need to create vpn connection via openvpn to get access to eureka, Kubernetes cluster is also outside aws and vpn is needed. I have *.ovpn, I guess that I have to create some vpn tunneling on kubernetes but I don't know the proper tool for that

In the past I looked for something like openvpn client for kubernetes but I got only openvpn servers

I expect that when I set a proper host as Eureka url, my services will register properly over vpn

-- Dawid Macura
java
kubernetes
netflix-eureka
openvpn
spring-boot

Similar Questions

how to assign hostname for rabbitmq cluster on Azure Kubernetes Service
how to explicitly remove cpu limits for a container?
Istio Ingress Gateway using SDS failing due to credential Name
systemd service inside kubernetes is unable to get the env
ambassador says "no healthy upstream" after redirect
Application deployment over EKS cluster

1 Answer

4/24/2019

It is possible to put every Kubernetes pod on the OpenVPN network so that they would be able to access the Eureka instance. However, since you want Eureka to do service discovery, it also needs to know the "real" IP of every pod instead of just seeing their VPN IP. If Eureka advertises VPN IPs for everything, all traffic will be routed through OpenVPN connection, which introduces extra latency. Such a setup is also hard to debug and monitor.

It is a better idea to use the network bridging solution of your cloud provider. If you're on AWS, Site-to-Site VPN should do the trick. Azure also has an offering of the same name. Google has Cloud VPN and also several enterprise options.

-- Shnatsel
Source: StackOverflow