115 lines
2.6 KiB
YAML
115 lines
2.6 KiB
YAML
# Network policies for agent isolation
|
|
# Agents can only communicate with specific services, not with each other
|
|
# or with the Kubernetes API
|
|
---
|
|
# Default deny all ingress and egress in agents namespace
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: default-deny-all
|
|
namespace: dexorder-agents
|
|
spec:
|
|
podSelector: {}
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
---
|
|
# Allow agents to receive connections from gateway (MCP)
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-gateway-ingress
|
|
namespace: dexorder-agents
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
dexorder.io/component: agent
|
|
policyTypes:
|
|
- Ingress
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
app: gateway
|
|
ports:
|
|
- protocol: TCP
|
|
port: 3000 # MCP server port
|
|
- protocol: TCP
|
|
port: 5555 # ZeroMQ control channel
|
|
---
|
|
# Allow agents to connect to required services
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-agent-egress
|
|
namespace: dexorder-agents
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
dexorder.io/component: agent
|
|
policyTypes:
|
|
- Egress
|
|
egress:
|
|
# DNS resolution (required)
|
|
- to:
|
|
- namespaceSelector: {}
|
|
podSelector:
|
|
matchLabels:
|
|
k8s-app: kube-dns
|
|
ports:
|
|
- protocol: UDP
|
|
port: 53
|
|
- protocol: TCP
|
|
port: 53
|
|
# Gateway (for callbacks)
|
|
- to:
|
|
- podSelector:
|
|
matchLabels:
|
|
app: gateway
|
|
ports:
|
|
- protocol: TCP
|
|
port: 3000
|
|
# Kafka/Redpanda for data subscriptions
|
|
- to:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
dexorder.io/type: system
|
|
podSelector:
|
|
matchLabels:
|
|
app: redpanda
|
|
ports:
|
|
- protocol: TCP
|
|
port: 9092
|
|
# External HTTPS (for exchange APIs, LLM APIs)
|
|
- to:
|
|
- ipBlock:
|
|
cidr: 0.0.0.0/0
|
|
except:
|
|
# Block access to k8s API server (common ranges)
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
ports:
|
|
- protocol: TCP
|
|
port: 443
|
|
---
|
|
# Default namespace: allow ingress from agents to gateway
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-agent-callbacks
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
app: gateway
|
|
policyTypes:
|
|
- Ingress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
dexorder.io/type: agents
|
|
ports:
|
|
- protocol: TCP
|
|
port: 3000
|