OpenVPN
Overview
To ensure secure, encrypted access to Kubernetes clusters, KubeDNA integrates OpenVPN as a standard component in every deployed environment. This ensures secure communication between users and the Kubernetes control plane, especially for private and on-premise deployments.
✅ Architecture
In KubeDNA, OpenVPN is not automatically deployed as part of the base cluster installation.
Every KubeDNA cluster includes its own isolated OpenVPN server instance.
This instance runs within the cluster and is preconfigured to only allow access to that specific cluster.
VPN is integrated at the networking layer to restrict API access to authenticated VPN users only, enhancing security.
👤 Per-User Configuration Access
Each user that has access to a KubeDNA cluster can download their own personalized OpenVPN configuration file via the UI:
Path:Selected Cluster > Access & Security > Download VPN Config
Configuration files are pre-generated with unique client certificates and keys.
Users can connect securely to the cluster using standard OpenVPN clients (Windows, macOS, Linux).
Easy integration with team management and identity providers for scalable access control.
🔒 Security & Compliance
TLS encryption between client and server.
Certificate-based authentication ensures strong identity enforcement.
VPN logs and connection records are available for auditing purposes.
IP whitelisting and usage control via KubeDNA’s access policies.