Hey!

Does DO have any plans on releasing VPC-Native Kubernetes clusters like GCP’s VPC-Native clusters [1] or AWS’s CNI [2] where pods and services’ internal IPs are reserved in the VPC network and you can connect to them from any resource in the VPC? (A Droplet could connect to a pod’s IP).

The issue I’m having is: I have to connect a process running in an external VM (not on DO) to several ClusterIP services running in my K8s cluster on DO. Making them public isn’t really an option because connections wouldn’t be encrypted and some of them don’t even authenticate.

If I could create VPC-Native clusters, I could spin up a Droplet in the same VPC and host a VPN there. To access the k8s services from anywhere I’d just need to connect to that VPN and it would expose me the VPC interface.

I’ve tried running a VPN container in the cluster but it’d require extensions to be installed to the k8s nodes… I could ssh into them and install it but on updates or scaling, they’d be reset to the default image which doesn’t have the extension.

[1] https://cloud.google.com/kubernetes-engine/docs/how-to/alias-ips
[2] https://docs.aws.amazon.com/eks/latest/userguide/pod-networking.html

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi,

This actually sounds like a great idea, though we have released VPC’s and Kubernetes supporting VPC’s the pod IP addresses are not allocated within the VPC as a whole.

Would you be able to submit this to ideas.digitalocean.com? This sounds like a great feature to add to the product in the future.

Regards,

John Kwiatkoski
Senior Developer Support Engineer - Kubernetes

Submit an Answer