Hey!

Does DO have any plans on releasing VPC-Native Kubernetes clusters like GCP’s VPC-Native clusters [1] or AWS’s CNI [2] where pods and services’ internal IPs are reserved in the VPC network and you can connect to them from any resource in the VPC? (A Droplet could connect to a pod’s IP).

The issue I’m having is: I have to connect a process running in an external VM (not on DO) to several ClusterIP services running in my K8s cluster on DO. Making them public isn’t really an option because connections wouldn’t be encrypted and some of them don’t even authenticate.

If I could create VPC-Native clusters, I could spin up a Droplet in the same VPC and host a VPN there. To access the k8s services from anywhere I’d just need to connect to that VPN and it would expose me the VPC interface.

I’ve tried running a VPN container in the cluster but it’d require extensions to be installed to the k8s nodes… I could ssh into them and install it but on updates or scaling, they’d be reset to the default image which doesn’t have the extension.

[1] https://cloud.google.com/kubernetes-engine/docs/how-to/alias-ips
[2] https://docs.aws.amazon.com/eks/latest/userguide/pod-networking.html

Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!