| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2024-01-03 |
access, private, containers, |
containers |
{{site.data.keyword.attribute-definition-list}}
{: #cluster-access-wireguard}
When you have a Kubernetes cluster created with a private-only endpoint, you might need to access your cluster from outside of {{site.data.keyword.cloud_notm}}. {: shortdesc}
The Kubernetes master is accessible through the private cloud service endpoint if authorized cluster users are in your {{site.data.keyword.cloud_notm}} private network or are connected to the private network. There are two ways to set up your VPN to access your private clusters: client-to-site or site-to-site. For more details, see VPNs for VPC overview.
To understand the fundamentals about how to apply the client-to-site VPN in {{site.data.keyword.cloud_notm}} to access private clusters, start with this blog{: external}. This blog article does a walkthrough of creating a client-to-site VPN service that you can use to connect client machines such as Macs and PCs to your {{site.data.keyword.cloud_notm}} VPC network, Kubernetes clusters, Cloud Service Endpoints (CSE), IaaS services, and to your private classic subnets.