[oconf] Using crt/key file from k8s secret inside openvpn client config file

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
skk6
OpenVpn Newbie
Posts: 6
Joined: Sun Jun 19, 2022 4:19 pm

[oconf] Using crt/key file from k8s secret inside openvpn client config file

Post by skk6 » Sun Jun 19, 2022 4:30 pm

Hello All,

I am new to openVPN world. I am working on a project which is based on microk8s based docker containered application. This python based app which creates openvpn tunnel with the server. So for the connection creation part, it creates the private key and cert data which am storing in kubernetes secrets using their python client apis. Now as the key/cert are stored in k8s secret store, I want to use those values referred inside my openvpn client config files under the SSL/TLS section as below-

Code: Select all

ca /path/to/ca.crt
cert /mount/openvpn/ms.crt   => to be replaced with data from k8s secret value
key /mount/openvpn/private.key  => to be replaced with data from k8s secret value
Whether there is any ways in openvpn to read the secrets from k8s secrets and provide as values to cert and key elements replacing the local file paths?

Appreciate your help on this.

thanks

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: [oconf] Using crt/key file from k8s secret inside openvpn client config file

Post by TinCanTech » Mon Jun 20, 2022 7:07 pm

skk6 wrote:
Sun Jun 19, 2022 4:30 pm
is any ways in openvpn to read the secrets from k8s secrets and provide as values to cert and key elements
There is no built-in OpenVPN support for kubernetes, to my knowledge.

skk6
OpenVpn Newbie
Posts: 6
Joined: Sun Jun 19, 2022 4:19 pm

Re: [oconf] Using crt/key file from k8s secret inside openvpn client config file

Post by skk6 » Thu Jun 23, 2022 6:49 am

TinCanTech wrote:
Mon Jun 20, 2022 7:07 pm
skk6 wrote:
Sun Jun 19, 2022 4:30 pm
is any ways in openvpn to read the secrets from k8s secrets and provide as values to cert and key elements
There is no built-in OpenVPN support for kubernetes, to my knowledge.
Thank you for your reply. I am wondering if the openvpn client code can be modified where the client config is read and processed to have kubernetes secrets using the kubernetes python client. I am working on one use case where after storing the keys/certs in k8s secrets, I should fetch those values and use in client.ovpn file. With my limited knowledge on openvpn I am just thinking to do like this.

Can you please suggest any alternatives if any, to pass this use case.

Post Reply