Skip to main content
Skip table of contents

OpenVPN

Overview

To ensure secure, encrypted access to Kubernetes clusters, KubeDNA integrates OpenVPN as a standard component in every deployed environment. This ensures secure communication between users and the Kubernetes control plane, especially for private and on-premise deployments.


Architecture

In KubeDNA, OpenVPN is not automatically deployed as part of the base cluster installation.

  • Every KubeDNA cluster includes its own isolated OpenVPN server instance.

  • This instance runs within the cluster and is preconfigured to only allow access to that specific cluster.

  • VPN is integrated at the networking layer to restrict API access to authenticated VPN users only, enhancing security.


👤 Per-User Configuration Access

Each user that has access to a KubeDNA cluster can download their own personalized OpenVPN configuration file via the UI:

Path:
Selected Cluster > Access & Security > Download VPN Config

  • Configuration files are pre-generated with unique client certificates and keys.

  • Users can connect securely to the cluster using standard OpenVPN clients (Windows, macOS, Linux).

  • Easy integration with team management and identity providers for scalable access control.


🔒 Security & Compliance

  • TLS encryption between client and server.

  • Certificate-based authentication ensures strong identity enforcement.

  • VPN logs and connection records are available for auditing purposes.

  • IP whitelisting and usage control via KubeDNA’s access policies.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.