Site to Site VPN for Google Kubernetes Engine
In this tutorial I will try to explain you briefly and concisely how you can set up a site-to-site VPN for the Google Cloud Network.
We need 2 virtual machines. The first one on the side of our office and the other one on the side of Google.
Setup OpenVPN Clients
Site-to-Site Client Office Side
We need to install OpenVPN, we do it as follows:
apt install openvpn -y
After that we add our OpenVPN configuration under this path
# Use a dynamic tun device.
# For Linux 2.2 or non-Linux OSes,
# you may want to use an explicit
# unit number such as "tun1".
# OpenVPN also supports virtual
# ethernet "tap" devices.
# Our OpenVPN peer is the Google gateway.
ifconfig 18.104.22.168 22.214.171.124
route 10.156.0.0 255.255.240.0 # Google Cloud VM Network
route 10.24.0.0 255.252.0.0 # Google Kubernetes Pod Network
push "route 192.168.10.0 255.255.255.0" # Office Network
# Our pre-shared static key
# Cipher to use
# Uncomment this section for a more reliable detection when a system
# loses its connection. For example, dial-ups or laptops that
# travel to other locations.
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting