Make ray service NOT accessible from inside K8s

How severe does this issue affect your experience of using Ray?

  • High: It blocks me to complete my task.

Let’s say you want to have an always-on ray cluster deployed on k8s available for the team. The security is ok with that, as long as you can map running jobs/tasks on driver/worker processes to the specific user at all times. But, right now, ray allows to view all details (e.g. env vars) of other jobs from any job, as well as submit arbitrary new jobs with no trackability of who’s running what and when. This seems to be in line with the following paragraph from the book:

Chapter 9: Ray Clusters, Exposing KubeRay section, page 186

By default, the Ray service is accessible from anywhere within the Kubernetes cluster
where the Ray operator is running.

This raises two key questions:

  1. Is there any way of configuring this to disallow access from inside worker/driver python scripts to access other ray jobs on a cluster?
  2. Is there any way to track the mapping between submission_id, driver IP and pid, all workers IPs and pids and a lineage of spawned other processes and jobs from the root one?