📝 docs: SECURITY-MODEL.md §3 - mark local LLM providers registered and active#8250
Conversation
Updates SECURITY-MODEL.md §3 to reflect #8248, which registers Ollama, llama.cpp, LocalAI, vLLM, LM Studio, RHAIIS, Groq, OpenRouter and Open WebUI as chat-only agent providers in InitializeProviders. Changes: - Provider table flips the Registered column from "no" to "yes (chat only)" for the nine HTTP providers that are now wired into the agent dropdown, and adds rows for the six new local LLM runners with their env vars and default URLs. - Explains the chat-only capability flag and why missions still route through the tool-capable CLI agents (registry.go:303 rationale). - Adds a "Local LLM strategy" subsection that cross-links the docs.kubestellar.io local-llm-strategy page and the eight install missions on kubestellar/console-kb. - Replaces the "Planned follow-up" subsection with active recipes for each runner — Ollama loopback default, in-cluster Service URLs for llama.cpp/LocalAI/vLLM/RHAIIS, LM Studio workstation default, and Groq/OpenRouter/Open WebUI gateway overrides. The "# PLANNED — not yet wired at runtime" bash comments are removed. The threat model claims about kubeconfig and credentials staying out of the request body are unchanged and still authoritative. Signed-off-by: Andrew Anderson <[email protected]>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
kubestellar-prow
Bot
added
the
dco-signoff: yes
✅ Deploy Preview for kubestellarconsole canceled.
|
|
👋 Hey @clubanderson — thanks for opening this PR!
This is an automated message. |
kubestellar-prow
Bot
added
the
size/M
There was a problem hiding this comment.
Pull request overview
Updates the Security Model documentation to reflect a newer AI-provider registration model (chat-only local/OpenAI-compatible providers becoming selectable in the agent dropdown) and adds operator-facing recipes for using local LLM runners.
Changes:
- Updates the provider/env-var reference table to mark previously-staged HTTP providers as registered (chat-only) and adds local runner rows with URL env vars + loopback defaults.
- Replaces the prior “planned follow-up” content with an active “Local LLM strategy” section, including cross-links and configuration recipes.
- Adds narrative explanation of “chat only” vs mission/tool-exec routing.
| "Chat only" means the provider reports `CapabilityChat` but not `CapabilityToolExec`. AI missions that need to execute cluster commands (kubectl, helm) still route through the tool-capable CLI agents (`claude`, `codex`, `gemini-cli`, `antigravity`, `goose`, `copilot-cli`, `bob`); local LLM providers are selectable in the agent dropdown for analysis and chat workflows but do not drive missions. See `pkg/agent/registry.go:303` for the rationale comment and `promoteExecutingDefault()` which keeps a mission-capable agent as the default whenever one is available. | ||
|
|
||
| ### Planned follow-up: wire up OpenAI-compatible local LLMs | ||
| The upstream Anthropic, OpenAI, and Gemini HTTP providers remain intentionally unregistered — they cannot execute commands AND they route traffic to a specific vendor the operator has no say over, so they offer strictly less than the CLI agent equivalents. The `pkg/agent/provider_openai.go:15` hostname is still hard-coded. |
There was a problem hiding this comment.
The tool-capable agent list includes claude, but the registered tool-capable provider name is claude-code (and claude is the unregistered HTTP provider). Also, promoteExecutingDefault() currently only promotes away from “suggest-only” defaults (e.g., copilot-cli); it doesn’t generally enforce a tool-exec-capable default. Please adjust this explanation to match the current registry behavior.
| The examples below are **active recipes** as of this revision of the document — the providers they rely on are registered in `InitializeProviders` and the `Available` field in the agent dropdown honors these env vars. | ||
|
|
There was a problem hiding this comment.
This claims the referenced providers are registered in InitializeProviders and that the dropdown “Available” state honors the runner URL env vars. In the current code, InitializeProviders only registers CLI tool agents (no groq/openrouter/open-webui), and availability for groq/openrouter/open-webui is API-key based. Please ensure this statement matches the implementation present when this doc is merged.
| #### Planned: routing a local LLM through an overridable provider slot | ||
| The registered local LLM providers unlock a "chat stays inside the cluster" posture: when `OLLAMA_URL` (or any of the six runner-specific env vars) points at an in-cluster Service or a workstation-local server, user prompts and the model's responses never reach a public vendor. The `docs/security/SECURITY-MODEL.md` threat model still applies: kubeconfig files, bearer tokens, and cluster credentials are never put into the chat request body regardless of which provider is selected. | ||
|
|
||
| For a decision matrix on which runner fits which deployment profile, the install missions, and three topology diagrams, see the [Local LLM Strategy](https://docs.kubestellar.io/console/local-llm-strategy/) page on docs.kubestellar.io. Each runner has a companion install mission in `kubestellar/console-kb` (for example `install-ollama`, `install-llama-cpp`, `install-localai`, `install-vllm`, `install-rhaiis`, `install-lm-studio`, `install-open-webui`, `install-claude-desktop`), reachable from the agent selector dropdown when the runner is not yet configured. |
There was a problem hiding this comment.
The doc says the agent selector dropdown links to runner-specific install missions (e.g., install-ollama, install-open-webui) when a runner is unavailable. I can’t find these mission IDs referenced anywhere in web/src in the current repo state, so this may be inaccurate unless the corresponding UI change lands with it.
| For a decision matrix on which runner fits which deployment profile, the install missions, and three topology diagrams, see the [Local LLM Strategy](https://docs.kubestellar.io/console/local-llm-strategy/) page on docs.kubestellar.io. Each runner has a companion install mission in `kubestellar/console-kb` (for example `install-ollama`, `install-llama-cpp`, `install-localai`, `install-vllm`, `install-rhaiis`, `install-lm-studio`, `install-open-webui`, `install-claude-desktop`), reachable from the agent selector dropdown when the runner is not yet configured. | |
| For a decision matrix on which runner fits which deployment profile, the install missions, and three topology diagrams, see the [Local LLM Strategy](https://docs.kubestellar.io/console/local-llm-strategy/) page on docs.kubestellar.io. Each runner has a companion install mission in `kubestellar/console-kb` (for example `install-ollama`, `install-llama-cpp`, `install-localai`, `install-vllm`, `install-rhaiis`, `install-lm-studio`, `install-open-webui`, `install-claude-desktop`). |
| | Groq (OpenAI-compatible, HTTP) | `groq` | `GROQ_API_KEY` | `GROQ_MODEL` | `GROQ_BASE_URL` | **yes (chat only)** | `pkg/agent/provider_groq.go` | | ||
| | OpenRouter (OpenAI-compatible, HTTP) | `openrouter` | `OPENROUTER_API_KEY` | `OPENROUTER_MODEL` | `OPENROUTER_BASE_URL` | **yes (chat only)** | `pkg/agent/provider_openrouter.go` | | ||
| | Open WebUI (OpenAI-compatible, HTTP) | `open-webui` | `OPEN_WEBUI_API_KEY` | `OPEN_WEBUI_MODEL` | `OPEN_WEBUI_URL` | **yes (chat only)** | `pkg/agent/provider_openwebui.go` | |
There was a problem hiding this comment.
The provider table marks Groq/OpenRouter/Open WebUI as registered, but the earlier “Important: current registration status” section still states these HTTP providers are not registered/selected at runtime. Please update or remove that earlier paragraph so the document doesn’t contradict itself.
| | Ollama (local, OpenAI-compatible) | `ollama` | `OLLAMA_API_KEY` (optional) | `OLLAMA_MODEL` | `OLLAMA_URL` (default `http://127.0.0.1:11434`) | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | | ||
| | llama.cpp server | `llamacpp` | `LLAMACPP_API_KEY` (optional) | `LLAMACPP_MODEL` | `LLAMACPP_URL` | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | | ||
| | LocalAI | `localai` | `LOCALAI_API_KEY` (optional) | `LOCALAI_MODEL` | `LOCALAI_URL` | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | | ||
| | vLLM | `vllm` | `VLLM_API_KEY` (optional) | `VLLM_MODEL` | `VLLM_URL` | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | | ||
| | LM Studio | `lm-studio` | `LM_STUDIO_API_KEY` (optional) | `LM_STUDIO_MODEL` | `LM_STUDIO_URL` (default `http://127.0.0.1:1234`) | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | | ||
| | Red Hat AI Inference Server | `rhaiis` | `RHAIIS_API_KEY` (optional) | `RHAIIS_MODEL` | `RHAIIS_URL` | **yes (chat only)** | `pkg/agent/provider_local_openai_compat.go` | |
There was a problem hiding this comment.
This table introduces local providers (ollama/llamacpp/localai/vllm/lm-studio/rhaiis) and points to pkg/agent/provider_local_openai_compat.go, but that file/providers aren’t present in the current repo state. Either gate this section on the code landing (e.g., explicitly reference #8248 / version) or adjust the docs to match what’s actually in-tree at merge time.
|
Thank you for your contribution! Your PR has been merged. Check out what's new:
Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey |
|
Post-merge build verification passed ✅ Both Go and frontend builds compiled successfully against merge commit |
Summary
Refreshes
docs/security/SECURITY-MODEL.md§3 to reflect #8248, which registers local LLM providers in the agent dropdown.Threat model claims about kubeconfig and credentials staying out of the request body are unchanged.
Test plan
Depends on #8248 landing first (or merging in parallel — the doc description matches the new code, and if #8248 reverts, this PR should revert too).
🤖 Generated with Claude Code