Open nyejon opened 2 years ago
Same thing applies to rabbit and redis:
We should be able to specify the name of the rabbit and redis pod when we use an external deployment.
You can use the NP from Rasa-X by adding the following label to the podLabels in the values file.
podLabels:
app.kubernetes.io/component: rasa-production
Then make sure the name of redis and rabbit deployments are "redis" and "rabbitmq" respectively.
Hello @nyejon due to current restructuring internally - all development on the RASA helm charts are on hold. ( and yes paying customers is a different scenario )
We will come back to this ticket when we will refactor the RASA helmcharts.
headsup - NP will most likely disappear from the helmcharts. Since we cannot support multiple CNI's / Cloud providers.
perfect moment to mention We accept PR's and always did - interesting https://github.com/RasaHQ/helm-charts#how-to-contribute
Hi @RASADSA
The network policies are useful, they should be in at least either the Rasa X chart or the Rasa OSS chart.
For many issues, all that needs to be done is standardise the way you name things in your charts. With these minor changes, it works.
A lot of the issues are small mistakes, but the problem (as a user) has been that there are many small mistakes and it's been difficult to debug.
Thanks, Jonathan
Hello @nyejon
there is enough documentation on that around the k8s projects - fact is that a lot of bigger OSS helmcharts pulled out NP cause its impossible to support all the edge cases of NP with a different CNI.
Neither the fact the most of the CNI's treat NP different.
RASA has not the capabilities to support NP's.
a list of current CNI 's supported by k8s at this moment
Project Calico - a layer 3 virtual network Weave - a multi-host Docker network Contiv Networking - policy networking for various use cases SR-IOV Cilium - BPF & XDP for containers Infoblox - enterprise IP address management for containers Multus - a Multi plugin Romana - Layer 3 CNI plugin supporting network policy for Kubernetes CNI-Genie - generic CNI network plugin Nuage CNI - Nuage Networks SDN plugin for network policy kubernetes support Silk - a CNI plugin designed for Cloud Foundry Linen - a CNI plugin designed for overlay networks with Open vSwitch and fit in SDN/OpenFlow network environment Vhostuser - a Dataplane network plugin - Supports OVS-DPDK & VPP Amazon ECS CNI Plugins - a collection of CNI Plugins to configure containers with Amazon EC2 elastic network interfaces (ENIs) Bonding CNI - a Link aggregating plugin to address failover and high availability network ovn-kubernetes - an container network plugin built on Open vSwitch (OVS) and Open Virtual Networking (OVN) with support for both Linux and Windows Juniper Contrail / TungstenFabric - Provides overlay SDN solution, delivering multicloud networking, hybrid cloud networking, simultaneous overlay-underlay support, network policy enforcement, network isolation, service chaining and flexible load balancing Knitter - a CNI plugin supporting multiple networking for Kubernetes DANM - a CNI-compliant networking solution for TelCo workloads running on Kubernetes VMware NSX – a CNI plugin that enables automated NSX L2/L3 networking and L4/L7 Load Balancing; network isolation at the pod, node, and cluster level; and zero-trust security policy for your Kubernetes cluster. cni-route-override - a meta CNI plugin that override route information Terway - a collection of CNI Plugins based on alibaba cloud VPC/ECS network product Cisco ACI CNI - for on-prem and cloud container networking with consistent policy and security model. Kube-OVN - a CNI plugin that bases on OVN/OVS and provides advanced features like subnet, static ip, ACL, QoS, etc. Project Antrea - an Open vSwitch k8s CNI OVN4NFV-K8S-Plugin - a OVN based CNI controller plugin to provide cloud native based Service function chaining (SFC), Multiple OVN overlay networking Azure CNI - a CNI plugin that natively extends Azure Virtual Networks to containers NetLOX Loxilight - Loxilight CNI is based on TC eBPF. It works either as a pure eBPF mode or in a hybrid-mode with multi-vendor DPU support when DPU units are available Hybridnet - a CNI plugin designed for hybrid clouds which provides both overlay and underlay networking for containers in one or more clusters. Overlay and underlay containers can run on the same node and have cluster-wide bidirectional network connectivity.
Hi, if I specify a different name, like "rasa-production" the network policies no longer apply.
See: https://github.com/RasaHQ/helm-charts/blob/2875622c467c89fbb2ac00202c395852ea237075/charts/rasa/templates/network-policy/rasa-bot-allow-egress-http-https.yaml#L9
It should be something like: {{ include "rasa-common.names.fullname" . }}