I am setting a openvpn service inside my kubernetes cluster, the issue is that i've done this before and saved the chart configuration, but now i can't really pin the problem of this issue:
i've tried everything i could think of but can't really figure out what is causing this, tiller and everything already has permissions in the cluster.
mknod: /dev/net/tun: Operation not permitted
Mon Oct 21 11:24:12 2019 OpenVPN 2.3.14 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 18 2016
Mon Oct 21 11:24:12 2019 library versions: LibreSSL 2.4.4, LZO 2.09
Mon Oct 21 11:24:12 2019 Diffie-Hellman initialized with 2048 bit key
Mon Oct 21 11:24:12 2019 Socket Buffers: R=[87380->87380] S=[16384->16384]
Mon Oct 21 11:24:12 2019 ROUTE_GATEWAY 172.31.248.0/255.255.0.0 IFACE=eth0 HWADDR=22:15:8b:7a:8d:53
Mon Oct 21 11:24:12 2019 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)LE: works on containerd and docker, looks like it's an issue with crio
Right now I can only guess that the issue is because you are missing NET_ADMIN capabilities.
You can try fixing this by adding the capabilities, your pod might look like this:
apiVersion: v1
kind: Pod
metadata:
name: context-demo
spec:
containers:
- name: ctx
image: gcr.io/google-samples/node-hello:1.0
securityContext:
capabilities:
add: ["NET_ADMIN"]Just copy the securityContext part to your pod or deployment and test it.
Unfortunately there isn't enough information posted by you so I can provide a better answer. Please edit the question and provide more details like which image are you using and how are you deploying the openvpn.