Gluetun is a containerized network utility designed to route traffic from multiple Docker containers through a secure virtual private network tunnel. It functions as a network gateway that encapsulates outgoing internet traffic to provide privacy and security for isolated application services.
The project distinguishes itself by utilizing Linux network namespaces to isolate container traffic, ensuring that all outgoing packets are forced through a dedicated tunnel interface. It supports both OpenVPN and WireGuard protocols, managing the connection lifecycle and routing logic as a sidecar container.
The software includes a health-check-based kill switch that continuously monitors tunnel connectivity and automatically disables network access for dependent containers if the secure connection drops. It also handles the configuration of firewall rules and routing tables through declarative inputs, allowing for the management of network identity and access across private infrastructure.
