Skip to content

fix(networking): Ingress updates for Code interpreter #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
justin-tahara wants to merge 1 commit into
base: main
Choose a base branch
from
+21 −6
Open

fix(networking): Ingress updates for Code interpreter #24

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 21 additions & 6 deletions kubernetes/code-interpreter/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,19 +163,34 @@ readinessProbe:
failureThreshold: 3

# Network Policy
# Note: this policy applies to the code-interpreter SERVICE pod, not the
# ephemeral executor pods. Executor pods are locked down separately by the
# `*-executor` NetworkPolicy in templates/networkpolicy.yaml.
networkPolicy:
enabled: true
policyTypes:
- Ingress
- Egress
ingress: []
ingress:
# Allow ingress on the HTTP port from anywhere in the cluster (so the
# api-server pods can call us) AND from the node itself (so the kubelet
# health probes succeed). An empty `from` matches all sources.
- ports:
- protocol: TCP
port: 8000
egress:
# Allow DNS
# DNS
- ports:
- protocol: UDP
port: 53
- protocol: TCP
port: 53
# Kubernetes API server — required for the kubernetes executor backend
# to create/exec/delete executor pods. The api-server is reached on TCP
# 443 inside the cluster.
- ports:
- protocol: UDP
port: 53
- protocol: TCP
port: 53
- protocol: TCP
port: 443

# Extra environment variables
extraEnvVars: []
Expand Down
Loading