pieterlange / kube-openvpn

:closed_lock_with_key: Kubernetes native OpenVPN
MIT License
383 stars 57 forks source link

create a healthcheck #38

Open pieterlange opened 7 years ago

pieterlange commented 7 years ago

Preferably accessible over HTTP but otherwise execable

pieterlange commented 7 years ago

this has not been updated because the entrypoint exec's the openvpn binary and it rarely if ever crashes.

I would consider a readiness check but i'm looking for input from users.

mtsgrd commented 6 years ago

I made a sidecar with a few lines of Go, not because it helps verify the VPN server is responding, but because the AWS LB health checks otherwise continuously generated a lot of noise in the VPN server logs.

pieterlange commented 6 years ago

Sharing is caring :). I'm sure it's pretty simple but i might incorporate it (i do too hate the flooded logs from ELB healthchecks)

mtsgrd commented 6 years ago

I'll send you a PR over the weekend! Also, just fyi, maybe you're interested in this commit as well? Say you have an RDS database attached to your k8s VPC that isn't publicly accessible, you won't be able to connect to it over VPN unless you also route to the VPC cidr.

pieterlange commented 6 years ago

Ah, i was actually in the process of removing specific envs for routes (as you can stick them into $OVPN_ROUTES) so i won't need that one :). Thanks anyway!

mtsgrd commented 6 years ago

Ah, ofc, that makes a lot of sense!