Skip to content

fix: enable mTLS, inference routing, and SSH session for Kind#3

Merged
pdettori merged 1 commit into
mvpfrom
fix/sandbox-inference-kind
May 1, 2026
Merged

fix: enable mTLS, inference routing, and SSH session for Kind#3
pdettori merged 1 commit into
mvpfrom
fix/sandbox-inference-kind

Conversation

@pdettori
Copy link
Copy Markdown

@pdettori pdettori commented May 1, 2026

Summary

  • Add TLS volume mounts and env vars for mTLS between sandbox pod and gateway
  • Set infrastructure env vars for inference routing (ANTHROPIC_BASE_URL=https://inference.local, OPENAI_BASE_URL=https://inference.local/v1)
  • Add SSH socket path and handshake secret for supervisor SSH server
  • Add kagenti.io/inject=disabled label to prevent authbridge webhook sidecar injection
  • Set CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1 for LiteLLM proxy compatibility

Context

The compute driver creates Sandbox CR pod specs. For the full OpenShell flow to work on Kind (gateway login → sandbox create → Claude Code), the pod needs:

  1. mTLS certs mounted as volumes so the supervisor can authenticate to the gateway
  2. SSH socket path so the supervisor starts its SSH server (required for ConnectSupervisor relay)
  3. Inference routing env vars pointing to inference.local — the sandbox proxy intercepts these and routes to the upstream LLM
  4. Inject-disabled label to prevent the kagenti authbridge webhook from injecting sidecars into sandbox pods

Test plan

  • Deploy Kind cluster with kagenti + OpenShell
  • openshell sandbox create --provider claude --no-auto-providers -- claude --print hello returns LLM response
  • Sandbox pod has TLS volume mounts (/tls/ca, /tls/client)
  • SSH session env contains ANTHROPIC_BASE_URL=https://inference.local

Generated with Claude Code

@pdettori
fix: enable mTLS, inference routing, and SSH session for Kind
95b233f 
Comprehensive fixes for the compute driver to support the full OpenShell
sandbox flow on Kind clusters:

- Add TLS volume mounts (CA + client cert) for mTLS between sandbox and
  gateway, configured via --tls-ca-secret and --tls-client-secret flags
- Set OPENSHELL_SSH_SOCKET_PATH for supervisor to spawn SSH server
- Set OPENSHELL_TLS_CA/CERT/KEY env vars for gRPC TLS configuration
- Set ANTHROPIC_BASE_URL=https://inference.local (no /v1 — SDK appends)
- Set OPENAI_BASE_URL=https://inference.local/v1
- Set CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS=1 for LiteLLM compat
- Add SSH handshake secret from gateway secrets (secretKeyRef)
- Add kagenti.io/inject=disabled label to prevent authbridge sidecar
  injection on sandbox pods

Signed-off-by: Paolo Dettori <paolo@dettori.dev>

Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com>
Signed-off-by: Paolo Dettori <dettori@us.ibm.com>
@pdettori pdettori merged commit 28756fc into mvp May 1, 2026
4 checks passed
@pdettori pdettori deleted the fix/sandbox-inference-kind branch May 1, 2026 22:55
@clawgenti clawgenti mentioned this pull request May 4, 2026
Closed
@xjacka xjacka mentioned this pull request May 4, 2026
Open
@clawgenti clawgenti mentioned this pull request May 4, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pdettori