How to connect to external SQL Server behind VPN from a DigitalOcean K8S Cluster?

Posted July 22, 2021 240 views
VPNKubernetesDigitalOcean Managed KubernetesSQL

I have a DOKS cluster running Kubernetes Jobs, and one of these jobs needs to query an external database from a client that seats behind a VPN. I couldn’t find any relevant information on how to be able to access the external database from the cluster. Any help or pointers to the right direction?
Thanks a lot!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

This isn’t really a problem of Kubernetes. It’s a problem of your SQL server and VPN settings. How would you access the database from a laptop without VPN access?

I don’t know the exact answer, but you could look into the following:

  • Can you grant access to the SQL server based on IP address? If so, you would need to add your DOKS cluster IP addresses to the allow list.
  • Can you programmatically connect to the VPN? Or, can you connect to the VPN from Linux? If so, you could embed the logic to connect to your VPN into your Kubernetes Job.
  • Hi @nabsul thanks for your answer. I understand this is not a k8s problem (actually it not a problem at all :)). But I wanted to understand how to do that.

    I’ve hear of two main alternatives: (1) having a “border” server running OpenVPN and route all of the cluster connection through this server and (2) having HAProxy behave as an egress controller, and then route the traffic through pfSense.

    Unfortunately I can’t find much information on how exactly to do those things. Any ideas?