Search code examples
kubernetesvpnopenvpnk3s

K3S OpenVPN install (Raspberry Pi)

I started using K3S, so I'm an absolute noob. Now I'm wondering how I can create the .yaml Files for pods by my own or use a docker image. (Couldn't find detailed infos about that)

I want a OpenVPN or any other suggested VPN Server running, so I can access my home devices from anywhere. It would safe a lot of headache and time, if someone could be so nice and help me a little.

Before, I've had a OpenVPN Server running, when I only had 1 Raspi. But it looks like everything from the install to the config changed with my k3s Kubernetes Cluster.

How I Made my k3s Cluster with Rancher: https://youtu.be/X9fSMGkjtug

Tried for 3hrs to figure it out, found no real step by step guide for beginners...

I already have a Cloudflare ddns script running to update my Domain with correct IP.

Thank you very much!

Solution

  • here is ther example of Open VPN client YAML

    apiVersion: apps/v1
kind: Deployment
metadata:
  name: openvpn-client
spec:
  selector:
    matchLabels:
      app: openvpn-client
      vpn: vpn-id
  replicas: 1
  template:
    metadata:
      labels:
        app: openvpn-client
        vpn: vpn-id
    spec:
      volumes:
        - name: vpn-config
          secret:
            secretName: vpn-config
            items:
                - key: client.ovpn
                  path: client.ovpn
        - name: vpn-auth
          secret:
            secretName: vpn-auth
            items:
                - key: auth.txt
                  path: auth.txt
        - name: route-script
          configMap:
            name: route-script
            items:
              - key: route-override.sh
                path: route-override.sh
        - name: tmp
          emptyDir: {}
      initContainers:
      - name: vpn-route-init
        image: busybox
        command: ['/bin/sh', '-c', 'cp /vpn/route-override.sh /tmp/route/route-override.sh; chown root:root /tmp/route/route-override.sh; chmod o+x /tmp/route/route-override.sh;']
        volumeMounts:
          - name: tmp
            mountPath: /tmp/route
          - name: route-script
            mountPath: /vpn/route-override.sh
            subPath: route-override.sh
      containers:
        - name: vpn
          image: dperson/openvpn-client
          command: ["/bin/sh","-c"]
          args: ["openvpn --config 'vpn/client.ovpn' --auth-user-pass 'vpn/auth.txt' --script-security 3 --route-up /tmp/route/route-override.sh;"]
          stdin: true
          tty: true
          securityContext:
            privileged: true
            capabilities:
              add:
                - NET_ADMIN
          env:
            - name: TZ
              value: "Turkey"
          volumeMounts:
            - name: vpn-config
              mountPath: /vpn/client.ovpn
              subPath: client.ovpn
            - name: vpn-auth
              mountPath: /vpn/auth.txt
              subPath: auth.txt
            - name: tmp
              mountPath: /tmp/route
        - name: app1
          image: python:3.6-stretch
          command:
            - sleep
            - "100000"
          tty: true
      dnsConfig:
        nameservers:
          - 8.8.8.8
          - 8.8.4.4

    you can also read more about the deployment :https://bugraoz93.medium.com/openvpn-client-in-a-pod-kubernetes-d3345c66b014

    You can also use the HELM Chart for same which will make easy to setup anything on Kubernetes via pre-made YAML scripts : https://itnext.io/use-helm-to-deploy-openvpn-in-kubernetes-to-access-pods-and-services-217dec344f13

    Docker Open VPN : https://github.com/dperson/openvpn-client