Deploy and test locally using Minikube for development, testing, learning, and prototyping. This provides a complete local environment for experimenting with Twingate's zero-trust networking before deploying to production.
⚠️ Internal Use Only: This project can only be used for personal or internal use. Please do not use this project or Twingate to offer a commercial VPN service. Also note that bandwidth usage through Twingate infrastructure is subject to Twingate's Fair Use Policy.
┌─────────────────────────────────┐
│ Local Development │
│ │
│ ┌─────────────────────────────┐ │
│ │ Minikube Cluster │ │
│ │ │ │
│ │ ┌─────────────────────┐ │ │
│ │ │ Twingate Operator │ │ │
│ │ │ │ │ │
│ │ │ ┌─────────────────┐ │ │ │
│ │ │ │ Connector Pod │ │ │ │
│ │ │ └─────────────────┘ │ │ │
│ │ └─────────────────────┘ │ │
│ └─────────────────────────────┘ │
└─────────────────────────────────┘
✅ Zero Cost: Completely free local development environment
✅ Quick Setup: Automated deployment and cleanup scripts
✅ Full Feature Parity: Same Twingate operator as production
✅ Easy Debugging: Local access to all logs and configurations
✅ Safe Testing: Isolated environment for experimentation
✅ Learning Friendly: Perfect for understanding Twingate concepts
✅ CI/CD Testing: Great for validating configurations in pipelines
✅ Rapid Iteration: Quick destroy/redeploy cycles
- Minikube >= 1.25.0
- kubectl >= 1.25.0
- Helm >= 3.8.0
- Container Runtime: Docker Desktop, Podman, or containerd
- CPU: 2+ cores (4+ recommended)
- Memory: 4GB+ RAM (8GB+ recommended)
- Storage: 10GB+ free disk space
- Network: Internet access for downloading images and connecting to Twingate
- Twingate Home or higher subscription plan (Exit Networks not available on Starter plan)
- Twingate Account: Admin access to create API tokens
- API Token: Generated from Twingate Admin Console
- Exit Network: Existing Exit Network. To create one, take a look at the official docs
# Install via Homebrew
brew install minikube kubectl helm
# Or install individually
# Minikube: https://minikube.sigs.k8s.io/docs/start/
# kubectl: https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/
# Helm: https://helm.sh/docs/intro/install/Copy values-example.yaml to values.yaml and update it with your Twingate credentials:
twingate-operator:
twingateOperator:
network: "your-company" # https://{network}.twingate.com
apiKey: "your_twingate_api_key_here" # https://{network}.twingate.com/settings/api
remoteNetworkId: "" # https://{network}.twingate.com/exit-networks/{remoteNetworkId}
logFormat: "json"
logVerbosity: "debug" # Helpful for local developmentThe easiest way to get started is using the automated deployment script:
# Run the deployment script
./deploy.shThis script will:
- ✅ Check prerequisites
- ✅ Start Minikube if not running
- ✅ Check configuration
- ✅ Deploy the Helm chart
- ✅ Show deployment status
If you prefer manual control:
# Copy and edit configuration
cp values-example.yaml values.yaml
# Edit values.yaml with your Twingate credentials
# Update Helm dependencies
cd ../helm
helm dependency update
# Deploy to Minikube
helm install diy-vpn-local . \
-f ../minikube/values.yaml \
--namespace twingate \
--create-namespace \
--wait \
--timeout 5m
# Verify deployment
kubectl get pods -n twingate
kubectl get twingateconnectors -n twingateFor systems with limited resources:
twingate-operator:
twingateOperator:
network: "your-company"
apiKey: "your_api_key"
remoteNetworkId: "your_network_id"
logVerbosity: "info" # Less verbose logging
# Minimal resource requirements
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256MiFor active development and debugging:
twingate-operator:
twingateOperator:
network: "your-company-dev"
apiKey: "dev_api_key"
remoteNetworkId: "dev_network_id"
logVerbosity: "debug"
# Higher resources for development
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi# 1. Make configuration changes
vim values.yaml
# 2. Update deployment
helm upgrade diy-vpn-local ../helm \
-f values.yaml \
-n twingate
# 3. Watch deployment progress
kubectl get pods -n twingate -w
# 4. Check logs
kubectl logs -f -l app.kubernetes.io/name=twingate-operator -n twingate --max-log-requests=10# Deploy multiple configurations for comparison
helm install vpn-config-a ../helm -f values-config-a.yaml -n twingate-a --create-namespace
helm install vpn-config-b ../helm -f values-config-b.yaml -n twingate-b --create-namespace
# Compare results
kubectl get twingateconnectors -A# Use the cleanup script
./cleanup.sh
# Redeploy with new configuration
./deploy.sh# Check overall deployment health
kubectl get all -n twingate
# Check specific resources
kubectl get deployments,pods,twingateconnectors -n twingate
# Check node resources
kubectl describe nodes# Operator deployment details
kubectl describe deployment -l app.kubernetes.io/name=twingate-operator -n twingate
# Pod details
kubectl describe pods -l app.kubernetes.io/name=twingate-operator -n twingate
# Connector resource details
kubectl describe twingateconnectors -n twingate
# Recent events
kubectl get events -n twingate --sort-by=.metadata.creationTimestamp# Real-time operator logs
kubectl logs -f -l app.kubernetes.io/name=twingate-operator -n twingate --max-log-requests=10
# Historical logs with timestamps
kubectl logs -l app.kubernetes.io/name=twingate-operator -n twingate --timestamps --max-log-requests=10
# All container logs in namespace (get pod names first, then logs)
kubectl get pods -n twingate -o name | xargs -I {} kubectl logs {} -n twingate --all-containers=true
# Alternative: Get logs from specific pod (replace <pod-name> with actual pod name)
# kubectl logs <pod-name> -n twingate -f
# Get logs from deployment
kubectl logs deployment/twingate-operator -n twingate -f# Enable metrics server (if not already enabled)
minikube addons enable metrics-server
# Check resource usage
kubectl top nodes
kubectl top pods -n twingate
# Check cluster resource allocation
kubectl describe nodes | grep -A 5 "Allocated resources"| Issue | Symptoms | Solution |
|---|---|---|
| Minikube won't start | Error during minikube start | minikube delete && minikube start --driver=docker --force |
| Insufficient resources | Pods stuck in Pending | Increase Minikube resources or reduce pod resource requests |
| Operator CrashLoopBackOff | Pod keeps restarting | Check API credentials, view logs with kubectl logs deployment/twingate-operator -n twingate |
| Connector not appearing | No connector in Twingate Console | Verify API token permissions, check remote network ID |
| DNS resolution issues | Network timeouts | Check Minikube DNS: minikube addons enable dns |
| Image pull errors | Can't download images | Check internet connection, try minikube ssh docker pull <image> |
- 📖 Minikube Official Docs
- ☸️ Kubernetes Documentation
- ⚙️ Helm Documentation
- 🔒 Twingate Kubernetes Operator
🎉 Congratulations! You now have a fully functional local development environment for testing and learning Twingate's zero-trust networking. Ready to move to production? Check out our DigitalOcean deployment options!