Skip to content
Create openvpn inside kubernetes inside google cloud
Shell HCL Dockerfile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
envs/gce
modules
roles/gce4vpn
schemas
.gitattributes
.gitignore
Dockerfile
LICENSE
README.md
Vagrantfile
entrypoint.sh
gce4vpn.yml
openvpn.tmpl
runme.sh

README.md

gce4vpn

This project was created just for luls: provision Openvpn inside kubernetes inside google cloud platform via terrafom. How ever it was used for Hashicorp user group meetup & chaos constructions speeches.

More related links locate here

justdoit

$ vagrant up
$ vagrant ssh
$ /vagrant/runme.sh --gcloud-init --terraform-apply --openvpn-init --openvpn-config --get-google-key --create-account

schema

schema

Credits

I used code from zambien's and kylemanna's openvpn repos in this work: pieterlange/kube-openvpn zambien/terraform-gcp-gke-openvpn

cheatsheet

$ docker build --build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy --no-cache  -t ultral/openvpn .
$ gcloud container clusters get-credentials gce4vpn-k8s --zone europe-north1-a
$ kubectl get pods
$ gcloud projects add-iam-policy-binding gcp-adm \
  --member="serviceAccount:terraform@gcp-adm.iam.gserviceaccount.com" \
  --role='roles/servicemanagement.admin'
$ gcloud projects get-iam-policy gcp-adm
$ sudo -E yum -y install graphviz && terraform  graph /vagrant/envs/gce/ | dot -Tsvg > graph.svg

push state to remote

$ export GOOGLE_APPLICATION_CREDENTIALS=/home/vagrant/.key.json
$ echo 'terraform { backend "gcs" { bucket  = "gce4vpn31_tfstate" } }' > /vagrant/envs/gce/gcs.tf
$ cd /vagrant/envs/gce/ && terraform state push -force /home/vagrant/terraform.tfstate
$ terraform plan -var-file=./config_secrets.tfvars
You can’t perform that action at this time.