Kubernetes: VPN server and DNS issues
finally my config looks like this:
docker run -v /etc/openvpn:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig \-u udp://192.168.10.152:1194 \-n 10.3.0.10 \-n 192.168.10.1 \-n 8.8.8.8 \-n 75.75.75.75 \-n 75.75.75.76 \-s 10.8.0.0/24 \-N \-p "route 10.2.0.0 255.255.0.0" \-p "route 10.3.0.0 255.255.0.0" \-p "dhcp-option DOMAIN-SEARCH cluster.local" \-p "dhcp-option DOMAIN-SEARCH svc.cluster.local" \-p "dhcp-option DOMAIN-SEARCH default.svc.cluster.local"
-u
for the VPN server address and port
-n
for all the DNS servers to use
-s
to define the VPN subnet (as it defaults to 10.2.0.0 which is used by Kubernetes already)
-d
to disable NAT
-p
to push options to the client
-N
to enable NAT: it seems critical for this setup on Kubernetes
the last part, pushing the search domains to the client, was the key to getting nslookup
etc.. to work.
note that curl didn't work at first, but seems to start working after a few seconds. So it does work but it takes a bit of time for curl to be able to resolve.