For those seeking a flexible and lightweight VPN solution that works seamlessly within Docker, Gluetun has emerged as a popular choice. Developed by Quentin McGaw (@qdm12), Gluetun describes itself as a “swiss-army-knife-like” VPN client that integrates multiple providers, protocols, and additional privacy tools in one compact container.

What is Gluetun?

Gluetun is a VPN client designed to run in Docker containers, offering support for a wide variety of VPN service providers. Unlike most single-provider setups, Gluetun acts as a universal client that can connect to dozens of major VPN services through OpenVPN or WireGuard.

It’s written in Go, based on Alpine Linux for a small footprint, and includes built-in DNS over TLS, firewall features, and proxy servers. This makes it a versatile option for individuals or self-hosters who want both privacy and control over how their traffic is routed.

Key Features

• Wide VPN Provider Support
  Works with many providers including AirVPN, Mullvad, NordVPN, ProtonVPN, Surfshark, Private Internet Access, Cyberghost, Windscribe, and more.
• Protocol Flexibility
  • OpenVPN support for all listed providers.
  • WireGuard support for many providers, with both kernelspace and userspace options.
  • Ability to use custom WireGuard configurations.
• Privacy & Security Tools
  • DNS over TLS with the provider of your choice.
  • Fine-grained blocking of malicious, ad-related, or surveillance domains, updated daily.
  • Built-in firewall kill switch to prevent leaks outside the VPN tunnel.
• Proxies Included
  • A Shadowsocks proxy server (with UDP + TCP tunneling).
  • An HTTP proxy for web traffic.
• Container-Friendly
  • Other Docker containers can connect to Gluetun as their network gateway.
  • LAN devices can also be routed through it.
  • Works across multiple CPU architectures: amd64, i686, ARM (32/64-bit), and even ppc64le.
• Advanced Features
  • Custom VPN server-side port forwarding (for supported providers).
  • Split-horizon DNS (using multiple DNS over TLS providers).
  • Usable as a Kubernetes sidecar container.

Setup and Usage

The project maintains a detailed Wiki with provider-specific instructions, ensuring a smoother setup experience for newcomers. A minimal docker-compose.yml example is provided for those who want a quick start:

services:
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    volumes:
      - /yourpath:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=ivpn
      - VPN_TYPE=openvpn
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - TZ=

With this configuration, Gluetun can function as the backbone of a secure, private networking stack inside Docker.

Project Activity and Community

Gluetun is under active development with regular updates, bug fixes, and new features. It has:

• 11,000+ stars on GitHub.
• 71 releases to date (latest in December 2024).
• Contributions from over 50 developers.

The community often engages via GitHub Issues and Discussions, while the Wiki and documentation provide troubleshooting resources and setup guides.

Licensing

The project is released under the MIT License, allowing free use, modification, and distribution.

Conclusion

Gluetun has become a go-to tool for self-hosters and developers looking for a reliable VPN client in Docker. Its wide provider support, compact footprint, and built-in privacy tools make it an attractive solution for both simple setups and more advanced containerized environments.

Whether you’re running a small homelab or deploying Kubernetes clusters, Gluetun offers a flexible way to integrate VPN connectivity into your workflow without being locked to a single provider.

👉 Explore the project here: Gluetun on GitHub