Network & egress
Networking configuration for ingress routing, egress DNS filtering, Chromium browser automation, and Tailscale integration.
Ingress
Disabled by default. Enable for external access with WebSocket support.
| Key | Default | Description |
|---|---|---|
ingress.enabled | false | Enable Ingress |
ingress.className | nginx | Ingress class name |
ingress.host | openclaw.example.com | Hostname |
ingress.tls | [] | TLS configuration |
ingress.annotations | (WebSocket timeouts) | Includes nginx proxy timeout annotations |
ingress:
enabled: true
className: nginx
host: openclaw.example.com
tls:
- secretName: openclaw-tls
hosts:
- openclaw.example.com
Gateway API
Enabled by default. Alternative to Ingress using gateway.networking.k8s.io/v1 HTTPRoutes with path-based routing.
| Key | Default | Description |
|---|---|---|
gatewayAPI.enabled | true | Enable Gateway API resources |
gatewayAPI.gatewayClassName | "" | Gateway class (defaults to controller's class when empty) |
gatewayAPI.host | openclaw.example.com | Hostname for all routes |
gatewayAPI.routes.openclaw | / | Path prefix for OpenClaw |
gatewayAPI.routes.o11y | /o11y | Path prefix for HyperDX |
gatewayAPI.routes.litellm | /litellm | Path prefix for LiteLLM |
gatewayAPI.routes.filtering | /filtering | Path prefix for Blocky |
gatewayAPI.crds.install | false | Install Gateway API CRDs (not needed with bundled controller) |
gatewayAPI.controller.enabled | true | Deploy Envoy Gateway as a subchart |
gatewayAPI.controller.gatewayClassName | envoy | GatewayClass created by Envoy Gateway |
If you already run a Gateway API controller (Istio, Cilium, etc.), set controller.enabled: false and set gatewayClassName to match your existing GatewayClass.
NetworkPolicy
| Key | Default | Description |
|---|---|---|
networkPolicy.enabled | true | Enable NetworkPolicy resources |
networkPolicy.ingressControllerNamespaceSelector | kubernetes.io/metadata.name: ingress-nginx | Labels identifying the ingress controller namespace |
networkPolicy.egress.allowAll | false | When false, enables egress scaffolding |
Egress DNS filter
Enabled by default. Deploys a Blocky DNS proxy for NextDNS-style filtering within the cluster.
| Key | Default | Description |
|---|---|---|
egressFilter.enabled | true | Deploy Blocky |
egressFilter.replicas | 1 | Blocky replicas |
egressFilter.upstreamDns.default | [10.96.0.10] | Upstream DNS (kube-dns ClusterIP) |
egressFilter.blockCountries | [RU, CN] | Country/TLD blocklist presets to deny |
egressFilter.denylists.threats | HaGeZi TIF list | Threat intelligence blocklist |
egressFilter.denylists.malware | StevenBlack hosts | Malware blocklist |
egressFilter.allowlists | [] | Domains that are never blocked |
egressFilter.queryLog.enabled | true | Log blocked queries to stdout |
egressFilter.queryLog.logLevel | blocked | blocked or all |
egressFilter.metrics.enabled | true | Prometheus metrics on :4000/metrics |
egressFilter.customConfig | (default-deny config) | Escape hatch: full Blocky config.yml |
When customConfig is set, all other egressFilter settings (except image, replicas, resources, securityContext) are ignored.
The default customConfig ships a default-deny posture: blocks all domains, then explicitly allows a short list (GitHub, Slack, Google OAuth).
egressFilter.blockCountries is a deny control, not an allow control. It blocks matching country TLDs while other DNS remains governed by your upstream resolvers, denylists, allowlists, or full customConfig.
Available blocklist presets: RU (.ru, .su, .рф), CN (.cn, .中国, .中國), IR (.ir), KP (.kp), BY (.by).
Chromium
Enabled by default. Deploys Chromium as a standalone Deployment + ClusterIP Service for browser automation via CDP.
| Key | Default | Description |
|---|---|---|
chromium.enabled | true | Deploy Chromium |
chromium.image.repository | zenika/alpine-chrome | Chromium image |
chromium.image.tag | 124 | Image tag |
chromium.cdpPort | 9222 | Chrome DevTools Protocol port |
The container runs as uid 1000 (non-root) with a read-only root filesystem and all Linux capabilities dropped. For stronger isolation, set pod.runtimeClassName to a gVisor or Kata runtime.
Tailscale
Two independent features, both enabled by default:
Expose
Annotates the Service for the Tailscale K8s Operator to proxy port 18789 onto your tailnet. No public ingress needed.
| Key | Default | Description |
|---|---|---|
tailscale.expose.enabled | true | Enable tailnet exposure |
tailscale.expose.hostname | "" | Tailnet hostname |
tailscale.expose.tags | "" | ACL tags (e.g. tag:k8s,tag:kubeclaw) |
SSH
Adds a Tailscale sidecar container with --ssh so operators can SSH into the pod from any enrolled device.
| Key | Default | Description |
|---|---|---|
tailscale.ssh.enabled | true | Enable SSH sidecar |
tailscale.ssh.image.tag | v1.78.1 | Tailscale image tag |
tailscale.ssh.authKey | "" | Required (unless authKeySecretName is set) |
tailscale.ssh.authKeySecretName | "" | Reference an existing Secret |
tailscale.ssh.authKeySecretKey | TS_AUTHKEY | Key within the referenced Secret |
tailscale.ssh.hostname | "" | Tailnet hostname (defaults to Helm fullname) |
tailscale.ssh.userspace | true | Userspace networking (no NET_ADMIN needed) |
tailscale.ssh.persistState | false | Persist state across restarts via PVC |