scale open vpn server at kubernetes


Assume that there are openvpn server pod at kubernetes cluster. we have fabric and there are modem contains open vpn client ,Admin connects to this modem then he or she configure open vpn client to connect azure open vpn server pod .We have more than 1 maintenance operator(maybe 100 ) he or she can connects to azure aks open vpn server with their desktop open vpn client.So by this way azure acts like gateway then it creates a tunnel between client and fabric over azure vpn.But When Admin connect this device to azure pod ,we dont know which pod connected to this fabric.So my question is that how can we create open vpn server at azure and when we scale this open vpn server pod.How the operator knows which pods connected to right machine.Because both of the pod has different configuration maybe.


Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,892 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. vipullag-MSFT 24,881 Reputation points

    Hello Sahsuvaroglu, Muhammed (ADV D EU TR AC IWA)

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    I checked with internal team on this, we had similar customer challenges in particular related to peer-to-peer connections for gaming, pixel streaming and video streaming. These typically involve tapping into some of the architecture components of WebRTC, like STUN and TURN servers. STUN server can be challenging in AKS, unless you're running your cluster with node public IP for point-to-point connections vs. using a Kubernetes service (i.e. Standard Load Balancer). TURN servers add a latency hit, as they add a hop into the connection but the cluster configuration is more straight forward. Either way, these would help with the peer-to-peer assignment challenge.

    Another option to consider would be looking at solutions built for gaming, like Thundernetes or Agones. While they are purpose built for gaming, one key aspect of gaming is game server allocation for multiple peers, which seems similar to your challenge. Customers will typically use these solutions to have active game servers ready and waiting and when needed the end user will make a request to be assigned to a game server, at which point they'll get back the IP and Port for their assigned game server. Could be a stretch for your scenario, but could also help you out.

    Hope this helps in a way to get your ask a solution.