You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I did some research on admission control in Kubernetes and discovered that Kyverno had this feature they call ClusterPolicy and could be used to inject a sidecar into a deployment.
I also tested with Mullvad (https://mullvad.net/) and although they said they limited it to 5, in practice they didn't limit it, but I preferred not to take any risks and selected PIA as the best option.
One thing I would like to do is be able to subscribe to several providers and find a way to randomly distribute the credentials among Pods, but for now I don't know how to do this. So I'm only using one vpn provider.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I did some research on admission control in Kubernetes and discovered that Kyverno had this feature they call ClusterPolicy and could be used to inject a sidecar into a deployment.
In my use case I needed to activate VPNs for about 10 to 15 pods. So VPN providers that had limitations of 5-10 did not meet my needs.
I made a list of providers that did not limit simultaneous connections:
Private Internet Access/PIA:
https://www.privateinternetaccess.com/
Surfshark:
https://surfshark.com/
Windscribe:
https://windscribe.com/
IPVanish:
https://www.ipvanish.com/
I also tested with Mullvad (https://mullvad.net/) and although they said they limited it to 5, in practice they didn't limit it, but I preferred not to take any risks and selected PIA as the best option.
I created a repository with an example of my implementation:
https://github.com/pablomfc/gluetun-sidecar
One thing I would like to do is be able to subscribe to several providers and find a way to randomly distribute the credentials among Pods, but for now I don't know how to do this. So I'm only using one vpn provider.
Regards,
Pablo
Beta Was this translation helpful? Give feedback.
All reactions