sandbox connected and streaming
This commit is contained in:
@@ -35,7 +35,7 @@ User agent containers self-manage their lifecycle to optimize resource usage. Co
|
||||
|
||||
### 1. Lifecycle Manager (Python)
|
||||
|
||||
**Location**: `client-py/dexorder/lifecycle_manager.py`
|
||||
**Location**: `sandbox/dexorder/lifecycle_manager.py`
|
||||
|
||||
Runs inside the agent container and tracks:
|
||||
- **Activity**: MCP tool/resource/prompt calls reset the idle timer
|
||||
@@ -85,7 +85,7 @@ Runs alongside the agent container with shared PID namespace. Monitors the main
|
||||
- `USER_TYPE`: License tier (`anonymous`, `free`, `paid`, `enterprise`)
|
||||
- `MAIN_CONTAINER_PID`: PID of main container (default: 1)
|
||||
|
||||
**RBAC**: Has permission to delete deployments and PVCs **only in dexorder-agents namespace**. Cannot delete other deployments due to:
|
||||
**RBAC**: Has permission to delete deployments and PVCs **only in dexorder-sandboxes namespace**. Cannot delete other deployments due to:
|
||||
1. Only knows its own deployment name (from env)
|
||||
2. RBAC scoped to namespace
|
||||
3. No cross-pod communication
|
||||
@@ -164,12 +164,12 @@ Configured via `USER_TYPE` env var in deployment.
|
||||
**Lifecycle Sidecar**:
|
||||
- Can delete its own deployment only
|
||||
- Cannot delete other deployments
|
||||
- Scoped to dexorder-agents namespace
|
||||
- Scoped to dexorder-sandboxes namespace
|
||||
- No exec, no secrets access
|
||||
|
||||
### Admission Control
|
||||
|
||||
All deployments in `dexorder-agents` namespace are subject to:
|
||||
All deployments in `dexorder-sandboxes` namespace are subject to:
|
||||
- Image allowlist (only approved images)
|
||||
- Security context enforcement (non-root, drop caps, read-only rootfs)
|
||||
- Resource limits required
|
||||
@@ -198,7 +198,7 @@ kubectl apply -k deploy/k8s/dev # or prod
|
||||
```
|
||||
|
||||
This creates:
|
||||
- Namespaces (`dexorder-system`, `dexorder-agents`)
|
||||
- Namespaces (`dexorder-system`, `dexorder-sandboxes`)
|
||||
- RBAC (gateway, lifecycle sidecar)
|
||||
- Admission policies
|
||||
- Network policies
|
||||
@@ -257,7 +257,7 @@ cd lifecycle-sidecar
|
||||
go build -o lifecycle-sidecar main.go
|
||||
|
||||
# Run (requires k8s config)
|
||||
export NAMESPACE=dexorder-agents
|
||||
export NAMESPACE=dexorder-sandboxes
|
||||
export DEPLOYMENT_NAME=agent-test
|
||||
export USER_TYPE=free
|
||||
./lifecycle-sidecar
|
||||
@@ -277,7 +277,7 @@ export USER_TYPE=free
|
||||
|
||||
Check logs:
|
||||
```bash
|
||||
kubectl logs -n dexorder-agents agent-user-abc123 -c agent
|
||||
kubectl logs -n dexorder-sandboxes sandbox-user-abc123 -c agent
|
||||
```
|
||||
|
||||
Verify:
|
||||
@@ -289,19 +289,19 @@ Verify:
|
||||
|
||||
Check sidecar logs:
|
||||
```bash
|
||||
kubectl logs -n dexorder-agents agent-user-abc123 -c lifecycle-sidecar
|
||||
kubectl logs -n dexorder-sandboxes sandbox-user-abc123 -c lifecycle-sidecar
|
||||
```
|
||||
|
||||
Verify:
|
||||
- Exit code file exists: `/var/run/agent/exit_code` contains `42`
|
||||
- RBAC permissions: `kubectl auth can-i delete deployments --as=system:serviceaccount:dexorder-agents:agent-lifecycle -n dexorder-agents`
|
||||
- RBAC permissions: `kubectl auth can-i delete deployments --as=system:serviceaccount:dexorder-sandboxes:sandbox-lifecycle -n dexorder-sandboxes`
|
||||
- Deployment name matches: Check `DEPLOYMENT_NAME` env var
|
||||
|
||||
### Gateway can't create deployments
|
||||
|
||||
Check gateway logs and verify:
|
||||
- ServiceAccount exists: `kubectl get sa gateway -n dexorder-system`
|
||||
- RoleBinding exists: `kubectl get rolebinding gateway-agent-creator -n dexorder-agents`
|
||||
- RoleBinding exists: `kubectl get rolebinding gateway-sandbox-creator -n dexorder-sandboxes`
|
||||
- Admission policy allows image: Check image name matches allowlist in `admission-policy.yaml`
|
||||
|
||||
## Future Enhancements
|
||||
|
||||
Reference in New Issue
Block a user