Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure allowed namespaces on Provider resources #405

Open
3 tasks
alexgeorgousis opened this issue Dec 4, 2024 · 1 comment
Open
3 tasks

Configure allowed namespaces on Provider resources #405

alexgeorgousis opened this issue Dec 4, 2024 · 1 comment

Comments

@alexgeorgousis
Copy link
Contributor

alexgeorgousis commented Dec 4, 2024

Overview

Currently, any resource can be deployed to any provider. The operator simply reads the specified provider on the resource spec and performs any provider operation it needs to perform (e.g. creating a training pipeline or schedule).

This raises security concerns, because it means any user can create and manage resources on any provider, without any checks to confirm if that user is allowed to use the specified provider.

We want to control which resources can be deployed to which providers, similarly to how NetworkPolicies are used to control which namespaces a service can accept requests from.

We also want to be aware of when resources attempt to access a provider that they are not allowed to use, to make incorrectly-configured resources/providers visible.

Acceptance Criteria

  • Argo Workflows that perform provider CRUD operations can only be submitted for resources in namespaces permitted to use the specified provider
  • If a resource attempts to use a provider it's not permitted to use, the resource should go into a failed state and the user should receive an informative message
  • Attempts to use a provider that a resource is not permitted to use should increment a metric which can be used to detect if providers are being used maliciously or incorrectly configured

Technical Details

Every time a request changes (created, updated, deleted) the following happens:

  1. The operator receives a reconciliation request
  2. The operator submits an Argo Workflow to the namespace the provider specified on the resource spec lives
  3. The necessary operations are carried out in the specified provider (e.g. creating a training pipeline or a schedule)

Our goal is to only perform step 2 if the resource is in a namespace which is allowed to use the provider specified on the resource spec.

To do this we will add a list of allowed namespaces on Provider resources, which the operator will check against before submitting a Workflow to the specified provider. Something like the following (example taken from the KFP Operator website):

apiVersion: pipelines.kubeflow.org/v1alpha6
kind: Provider
metadata:
  name: kfp
  namespace: kfp-operator
spec:
  image: kfp-operator-kfp-provider:<version>
  ...
  allowedNamespaces:
  - user-ns-1
  - user-ns-2
  - user-ns-3
@grahamia
Copy link
Contributor

grahamia commented Dec 5, 2024

Should we follow the same format as the netpol e.g.

namespaceSelector:
  matchLabels:
    kubernetes.io/metadata.name: vai-provider

?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants