Kubernetes network hub/router pod











up vote
0
down vote

favorite












I am looking for a way to be able to have a centralized pod for a namespace that all other pods connect to for their network routing. To clarify, the scenario I am looking to achieve is to have a container/pod that has an OpenVPN connection to a site and all the other pods/services in the namespace go through that OpenVPN pod for their external network communication/routing so that they can be accessible only via the VPN.



I have gone through a portion of the k8s documentation, but I have not yet found anything that can help me achieve this. Ideally I would like to be able to implement this in any k8s environment without having to rework the images for the already existing deployments. Any Kubernetes gurus here that might have some insight on the matter? :)






kubernetes vpn kubectl openvpn







share|improve this question
























  • For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
    – Artem Golenyaev
    15 hours ago












  • @ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
    – Martin Nikolaev Ivanov
    13 hours ago















up vote
0
down vote

favorite












I am looking for a way to be able to have a centralized pod for a namespace that all other pods connect to for their network routing. To clarify, the scenario I am looking to achieve is to have a container/pod that has an OpenVPN connection to a site and all the other pods/services in the namespace go through that OpenVPN pod for their external network communication/routing so that they can be accessible only via the VPN.



I have gone through a portion of the k8s documentation, but I have not yet found anything that can help me achieve this. Ideally I would like to be able to implement this in any k8s environment without having to rework the images for the already existing deployments. Any Kubernetes gurus here that might have some insight on the matter? :)






kubernetes vpn kubectl openvpn







share|improve this question
























  • For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
    – Artem Golenyaev
    15 hours ago












  • @ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
    – Martin Nikolaev Ivanov
    13 hours ago













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I am looking for a way to be able to have a centralized pod for a namespace that all other pods connect to for their network routing. To clarify, the scenario I am looking to achieve is to have a container/pod that has an OpenVPN connection to a site and all the other pods/services in the namespace go through that OpenVPN pod for their external network communication/routing so that they can be accessible only via the VPN.



I have gone through a portion of the k8s documentation, but I have not yet found anything that can help me achieve this. Ideally I would like to be able to implement this in any k8s environment without having to rework the images for the already existing deployments. Any Kubernetes gurus here that might have some insight on the matter? :)






kubernetes vpn kubectl openvpn







share|improve this question















I am looking for a way to be able to have a centralized pod for a namespace that all other pods connect to for their network routing. To clarify, the scenario I am looking to achieve is to have a container/pod that has an OpenVPN connection to a site and all the other pods/services in the namespace go through that OpenVPN pod for their external network communication/routing so that they can be accessible only via the VPN.



I have gone through a portion of the k8s documentation, but I have not yet found anything that can help me achieve this. Ideally I would like to be able to implement this in any k8s environment without having to rework the images for the already existing deployments. Any Kubernetes gurus here that might have some insight on the matter? :)






kubernetes vpn kubectl openvpn




kubernetes vpn kubectl openvpn






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 16 hours ago









Ivan Aracki

1,55432540




1,55432540










asked 18 hours ago









Martin Nikolaev Ivanov

153




153












  • For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
    – Artem Golenyaev
    15 hours ago












  • @ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
    – Martin Nikolaev Ivanov
    13 hours ago


















  • For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
    – Artem Golenyaev
    15 hours ago












  • @ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
    – Martin Nikolaev Ivanov
    13 hours ago
















For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
– Artem Golenyaev
15 hours ago






For what exact purposes do you want to use OpenVPN? Also, isn't it an option to configure it on Nodes, to let containers use these settings.
– Artem Golenyaev
15 hours ago














@ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
– Martin Nikolaev Ivanov
13 hours ago




@ArtemGolenyaev , OpenVPN is the chosen solution for the VPN tunnel based on the use case for the eventual solution. There are options to to run OpenVPN directly for the k8s cluster but then there would not be any room for diversity i.e. I want to achieve an environment where I can deploy certain applications in a namespace that communicates only via the VPN.
– Martin Nikolaev Ivanov
13 hours ago

















active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














 

draft saved


draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53370926%2fkubernetes-network-hub-router-pod%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes
















 

draft saved


draft discarded



















































 


draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53370926%2fkubernetes-network-hub-router-pod%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Saint-Aignan (Tarn-et-Garonne)

Image
Saint-Aignan Region Okzitanien Département Tarn-et-Garonne Arrondissement Castelsarrasin Kanton Beaumont-de-Lomagne Gemeindeverband Terres des Confluences Koordinaten 44° 1′  N , 1° 5′  O 44.019166666667 1.0752777777778 Koordinaten: 44° 1′  N , 1° 5′  O Höhe 67–138 m Fläche 4,85 km 2 Einwohner 414 (1. Januar 2015) Bevölkerungsdichte 85 Einw./km 2 Postleitzahl 82100 INSEE-Code 82152 Rathaus (Mairie) von Saint-Aignan Saint-Aignan ist eine französische Gemeinde mit 414 Einwohnern (Stand: 1. Januar 2015) im Département Tarn-et-Garonne in der Region Okzitanien (vor 2016: Midi-Pyrénées). Sie gehört zum Arrondissement Castelsarrasin und zum Kanton Beaumont-de-Lomagne (bis 2015: Kanton Saint-Nicolas-de-la-Grave). Die Einwohner werden Saint-Aignanois genannt. Inhaltsverzeichnis 1 Geografie 2 Bevölkerungsentwicklung 3 Sehenswürdigkeiten 4 Weblinks Geografie |
Read more

Volksrepublik China

Image
Dieser Artikel befasst sich mit der Volksrepublik China und ist nicht zu verwechseln mit der Republik China (Taiwan). Siehe auch China (Begriffsklärung). Dieser Artikel wurde aufgrund von inhaltlichen Mängeln auf der Qualitätssicherungsseite der Redaktion Ostasien eingetragen. Dies geschieht, um die Qualität der Artikel aus dem Themengebiet Ostasien auf ein akzeptables Niveau zu bringen. Dabei werden Artikel gelöscht, die nicht signifikant verbessert werden können. Bitte hilf mit, die inhaltlichen Mängel dieses Artikels zu beseitigen, und beteilige dich bitte an der Diskussion ! 中华人民共和国 Zhōnghuá Rénmín Gònghéguó Volksrepublik China Flagge Emblem Amtssprache Chinesisch (Hochchinesisch) und anerkannte Regionalsprachen 1 Hauptstadt Peking Staatsform Republik Regierungssystem Sozialistisches Einparteiensystem Staatsoberhaupt Staatspräsident Xi Jinping Regierungschef Ministerpräsident Li Keqiang Fläc
Read more

How to test boost logger output in unit testing?

Image
up vote 1 down vote favorite My application uses BOOST_LOG_TRIVIAL to log messages. I thought it's good to check in test (gtest) that correct messages are written there in given scenarios. Is there a way to somehow access what was written there after code was called? Or does it first have to be mocked in some way? I have googled a lot for this and haven't found any instructions, so either I am asking wrong questions or no one thinks it should be done. c++ logging boost googletest boost-log share | improve this question edited yesterday
Read more