Accessing Remote Servers over VPN from Amazon Virtual Private Cloud

Large enterprises, typically, have a virtual private network (VPN) configured to enable direct connect access to their corporate data center environment. Platform9 Managed Kubernetes can integrate with such a setup, without creating a networking component in your AWS environment.

When your app is deployed atop a Kubernetes cluster on an AWS Virtual Private Cloud (VPC), the app is unable to connect to resources across a VPN by attempting to resolve the resource's IP address using a DNS lookup. For instance, a Kubernetes app within an Amazon VPC may want to access a build automation server or a print server in the corporate data center. In such cases, the app must use the IP address of the remote server in the customer data center, which the app wants to access.

The Kubernetes app shown in the diagram below may access the server in the corporate data center across the VPN, using the IP address of the server, that is 192.0.2.2. An internal DNS lookup does not work in this case.

Note: Users within the corporate data center can access Kubernetes nodes in the Amazon VPC using its hostname or FQDN over the VPN, if the corporate data center has access to Amazon internal DNS.


November 27, 2017