摘要
随着容器技术的蓬勃发展,Kubernetes作为容器集群管理平台,也被越来越广泛应用,但同时,云环境下的安全问题也越发重要,通过在云上部署VPN服务,能有效解决Kubernetes集群与本地数据中心或其他VPN对端之间建立安全连接的问题,本文对Kubernetes环境下如何实现容器化VPN服务及针对VPN应用到Kubernetes环境下,多网络接口的实现进行研究,最后通过实验验证了Kubernetes集群VPN服务与对端VPN的IPSec隧道连接,能实现对集群内部服务的安全访问。
With the vigorous development of container technology,Kubernetes,as a container cluster management platform,is also more and more widely used. At the same time,security issues in the cloud environment are becoming more and more important. By deploying VPN services on the cloud,it can effectively solve the problem of establishing a secure connection between the Kubernetes cluster and the local data center or other VPN peer. This article conducts research on how to implement containerized VPN services in the Kubernetes environment and the problem of network incompatibility when VPN is applied to the Kubernetes environment. Finally,the experiment verified that the Kubernetes cluster VPN container and the peer VPN can establish an IPSec tunnel connection,which can achieve secure access to the internal services of the cluster.
作者
张入文
罗俊
胡晓勤
龚勋
ZHANG Ruwen;LUO Jun;HU Xiaoqin;GONG Xun(School of Cyber Science and Engineering,Sichuan University,Chengdu 610065)
出处
《现代计算机》
2021年第17期31-36,共6页
Modern Computer
