I am a newbie in kubernetes, so I apologise if this turns out to be trivially documented elsewhere. It may be that I did not search the right terms.
Say I have three pods in my cluster for three services: P1, P2 and P3.
I'd like to route all the traffic from and to pods P1 and P2 through a VPN, so that they can reach the services on an external network. At the same time, P3 should access the internet normally and not be able to use the VPN tunnel. I do not need P3 to communicate with P1 nor P2.
Is it possible to create another pod P4 running an openVPN client so that P1 and P2 use P4 as a gateway to the Internet while P3 can access Internet normally?
If possible, I am looking to have a single gateway pod P4. P4 will have health checks so that if it crashes, it gets recreated automatically. In the meantime that it crashed, P1 and P2 should not be able to access the Internet.
I saw that something like this may be possible by creating a new virtual network in which P4 acts as a gateway and putting the pods for P1 and P2 in such network using an admission hook. Yet, I would not be sure on how to create this new virtual network and have the hunch that there may be more elegant ways to approach this.
I am aware that I will need to put a service in front of the P4 pod to be able to get to it from the others.
Basically, I'd like all requests from P1 to go to the service of P4, then to the pod P4, then through the VPN tunnel using the VPN client running on P4
