Skip to main content
Skip table of contents

OpenVPN

Overview

To ensure secure, encrypted access to Kubernetes clusters, KubeDNA integrates OpenVPN as a standard component in every deployed environment. This ensures secure communication between users and the Kubernetes control plane, especially for private and on-premise deployments.

Architecture

In KubeDNA, OpenVPN is not automatically deployed as part of the base cluster installation.

  • Every KubeDNA cluster includes its own isolated OpenVPN server instance.

  • This instance runs within the cluster and is preconfigured to only allow access to that specific cluster.

  • VPN is integrated at the networking layer to restrict API access to authenticated VPN users only, enhancing security.

👤 Per-User Configuration Access

Each user that has access to a KubeDNA cluster can download their own personalized OpenVPN configuration file via the UI:

Path:
Selected Cluster > Access & Security > Download VPN Config

  • Configuration files are pre-generated with unique client certificates and keys.

  • Users can connect securely to the cluster using standard OpenVPN clients (Windows, macOS, Linux).

  • Easy integration with team management and identity providers for scalable access control.

🔒 Security & Compliance

  • TLS encryption between client and server.

  • Certificate-based authentication ensures strong identity enforcement.

  • VPN logs and connection records are available for auditing purposes.

  • IP whitelisting and usage control via KubeDNA’s access policies.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close