After running Pritunl in Minikube, it is not possible to connect to the VPN:
…
2022–10–03 13:50:32 TCP/UDP: Preserving recently used remote address: [AF_INET]194.168.3.100:1194
2022–10–03 13:50:32 UDP link local: (not bound)
2022–10–03 13:50:32 UDP link remote: [AF_INET]194.168.3.100:1194
…
Check its Kubernetes Service:
$ kubectl -n pritunl-local get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
pritunl LoadBalancer 10.102.129.25 <pending> 1194:30166/TCP 47m
…
The type is LoadBalancer, but its EXTERNAL-IPstatus is Pending , since Minikube does not have a service with the LoadBalancer type, because it must be created at the infrastructure level - AWS, GCE, Azure, and then Kubernetes receives an IP or URL from them to route requests to this load balancer.
LoadBalancer solutions
For the Minikube, there are several solutions:
- use
minikube tunnel- will create a tunnel between the host and the Service in Kubernetes - or
minikube service- get a direct URL to connect - or set
externalIPs- for Kubernetes LoadBalancer Service - configure it manually
Let’s try everything.
Minikube tunnel
Check the routes on the host machine:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.3.1 0.0.0.0 UG 100 0 0 enp38s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-9c291321e71a]
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 enp38s0
192.168.59.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0
Can see here the route to our VirtualBox - 192.168.59.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0.
Launch tunnel:
$ minikube tunnel
[sudo] password for setevoy:
Status:
machine: minikube
pid: 333552
route: 10.96.0.0/12 -> 192.168.59.107
minikube: Running
services: [pritunl]
errors:
minikube: no errors
router: no errors
loadbalancer emulator: no errors
…
Check the routes now — there is a new route to the network 10.96.0.0 (Kubernetes CIDR) via 192.168.59.107 — this is a VirtualBox virtual machine running Minikube itself:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.3.1 0.0.0.0 UG 100 0 0 enp38s0
10.96.0.0 192.168.59.107 255.240.0.0 UG 0 0 0 vboxnet0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-9c291321e71a
192.168.3.0 0.0.0.0 255.255.255.0 U 100 0 0 enp38s0
192.168.59.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0
Check Kubernetes LoadBalancer now:
$ kubectl -n pritunl-local get svc pritunl
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
pritunl LoadBalancer 10.102.129.25 10.102.129.25 1194:30166/TCP 54m
“It works!” ©
Minikube service
Run minikube service, specify a namespace and a name of the Service - Minicube will return the URL for connection to us:
$ minikube service -n pritunl-local pritunl
| — — — — — — — -| — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
| NAMESPACE | NAME | TARGET PORT | URL |
| — — — — — — — -| — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
| pritunl-local | pritunl | openvpn/1194 | http://192.168.59.108:32350 |
| — — — — — — — -| — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
🎉 Opening service pritunl-local/pritunl in default browser…
Here, 192.168.59.108 is the address of our VirtualBox server, and 32350 is the NodePort on it, with Pritunl Server running.
You can also list all Kubernetes Services with list:
$ minikube service -n pritunl-local list
| — — — — — — — -| — — — — — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
| NAMESPACE | NAME | TARGET PORT | URL |
| — — — — — — — -| — — — — — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
| pritunl-local | pritunl | openvpn/1194 | http://192.168.59.108:32350 |
| pritunl-local | pritunl-mongodb | No node port |
| pritunl-local | pritunl-web | No node port |
| — — — — — — — -| — — — — — — — — -| — — — — — — — | — — — — — — — — — — — — — — -|
Or get the URL in one line instead of a table:
$ kubectl -n priminikube service -n pritunl-local pritunl — url
http://192.168.59.108:32350
Try to connect:
$ telnet 192.168.59.108 32350
Trying 192.168.59.108…
Connected to 192.168.59.108.
Escape character is ‘^]’.
Pritunl logs:
“It works!” ©
LoadBalancer externalIPs
Get the IP of the VirtualBox machine:
$ minikube ip
192.168.59.108
Edit LoadBalancer:
$ kubectl -n pritunl-local edit svc pritunl
Set externalIPs:
...
externalIPs:
- 192.168.59.108
...
Save, check the Service itself:
$ kubectl -n pritunl-local get svc pritunl
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
pritunl LoadBalancer 10.104.33.93 192.168.59.108 1194:32350/TCP 81m
And check connection:
$ telnet 192.168.59.108 1194
Trying 192.168.59.108…
Connected to 192.168.59.108.
Escape character is ‘^]’.
“It works!” ©
Done.
Originally published at RTFM: Linux, DevOps, and system administration.
Top comments (0)