From 53ddf081dac01a487f8bac32c9a51829588ce2e5 Mon Sep 17 00:00:00 2001 From: Tobias Giese Date: Mon, 23 Sep 2024 10:37:56 +0200 Subject: [PATCH] Add parameter to configure health endpoint port Signed-off-by: Tobias Giese --- cmd/nfd-master/main.go | 6 ++--- cmd/nfd-topology-updater/main.go | 4 +-- cmd/nfd-worker/main.go | 6 ++--- .../templates/master.yaml | 1 + .../templates/topologyupdater.yaml | 3 ++- .../templates/worker.yaml | 25 ++++++++++--------- .../helm/node-feature-discovery/values.yaml | 3 +++ docs/deployment/helm.md | 5 +++- 8 files changed, 31 insertions(+), 22 deletions(-) diff --git a/cmd/nfd-master/main.go b/cmd/nfd-master/main.go index 08a35324f..4ba235349 100644 --- a/cmd/nfd-master/main.go +++ b/cmd/nfd-master/main.go @@ -33,8 +33,7 @@ import ( const ( // ProgramName is the canonical name of this program - ProgramName = "nfd-master" - GrpcHealthPort = 8082 + ProgramName = "nfd-master" ) func main() { @@ -108,7 +107,6 @@ func main() { utils.ConfigureGrpcKlog() // Get new NfdMaster instance - args.GrpcHealthPort = GrpcHealthPort instance, err := master.NewNfdMaster(master.WithArgs(args)) if err != nil { klog.ErrorS(err, "failed to initialize NfdMaster instance") @@ -149,6 +147,8 @@ func initFlags(flagset *flag.FlagSet) (*master.Args, *master.ConfigOverrideArgs) " DEPRECATED: will be removed in a future release along with the deprecated gRPC API.") flagset.IntVar(&args.MetricsPort, "metrics", 8081, "Port on which to expose metrics.") + flagset.IntVar(&args.GrpcHealthPort, "grpc-health", 8082, + "Port on which to expose the grpc health endpoint.") flagset.BoolVar(&args.Prune, "prune", false, "Prune all NFD related attributes from all nodes of the cluster and exit.") flagset.BoolVar(&args.VerifyNodeName, "verify-node-name", false, diff --git a/cmd/nfd-topology-updater/main.go b/cmd/nfd-topology-updater/main.go index ee03415e2..dc6bee50d 100644 --- a/cmd/nfd-topology-updater/main.go +++ b/cmd/nfd-topology-updater/main.go @@ -38,7 +38,6 @@ const ( // ProgramName is the canonical name of this program ProgramName = "nfd-topology-updater" kubeletSecurePort = 10250 - GrpcHealthPort = 8082 ) var DefaultKubeletStateDir = path.Join(string(hostpath.VarDir), "lib", "kubelet") @@ -57,7 +56,6 @@ func main() { utils.ConfigureGrpcKlog() // Get new TopologyUpdater instance - args.GrpcHealthPort = GrpcHealthPort instance, err := topology.NewTopologyUpdater(*args, *resourcemonitorArgs) if err != nil { klog.ErrorS(err, "failed to initialize topology updater instance") @@ -115,6 +113,8 @@ func initFlags(flagset *flag.FlagSet) (*topology.Args, *resourcemonitor.Args) { "Kube config file.") flagset.IntVar(&args.MetricsPort, "metrics", 8081, "Port on which to expose metrics.") + flagset.IntVar(&args.GrpcHealthPort, "grpc-health", 8082, + "Port on which to expose the grpc health endpoint.") flagset.DurationVar(&resourcemonitorArgs.SleepInterval, "sleep-interval", time.Duration(60)*time.Second, "Time to sleep between CR updates. zero means no CR updates on interval basis. [Default: 60s]") flagset.StringVar(&resourcemonitorArgs.Namespace, "watch-namespace", "*", diff --git a/cmd/nfd-worker/main.go b/cmd/nfd-worker/main.go index 5c204aea4..d6b478103 100644 --- a/cmd/nfd-worker/main.go +++ b/cmd/nfd-worker/main.go @@ -32,8 +32,7 @@ import ( const ( // ProgramName is the canonical name of this program - ProgramName = "nfd-worker" - GrpcHealthPort = 8082 + ProgramName = "nfd-worker" ) func main() { @@ -80,7 +79,6 @@ func main() { utils.ConfigureGrpcKlog() // Get new NfdWorker instance - args.GrpcHealthPort = GrpcHealthPort instance, err := worker.NewNfdWorker(worker.WithArgs(args)) if err != nil { klog.ErrorS(err, "failed to initialize NfdWorker instance") @@ -138,6 +136,8 @@ func initFlags(flagset *flag.FlagSet) (*worker.Args, *worker.ConfigOverrideArgs) "Do not publish feature labels") flagset.IntVar(&args.MetricsPort, "metrics", 8081, "Port on which to expose metrics.") + flagset.IntVar(&args.GrpcHealthPort, "grpc-health", 8082, + "Port on which to expose the grpc health endpoint.") flagset.StringVar(&args.Options, "options", "", "Specify config options from command line. Config options are specified "+ "in the same format as in the config file (i.e. json or yaml). These options") diff --git a/deployment/helm/node-feature-discovery/templates/master.yaml b/deployment/helm/node-feature-discovery/templates/master.yaml index 88b898ec3..d5cd3dce3 100644 --- a/deployment/helm/node-feature-discovery/templates/master.yaml +++ b/deployment/helm/node-feature-discovery/templates/master.yaml @@ -116,6 +116,7 @@ spec: - "-feature-gates={{ $key }}={{ $value }}" {{- end }} - "-metrics={{ .Values.master.metricsPort | default "8081" }}" + - "-grpc-health={{ .Values.master.healthPort | default "8082" }}" {{- with .Values.master.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/deployment/helm/node-feature-discovery/templates/topologyupdater.yaml b/deployment/helm/node-feature-discovery/templates/topologyupdater.yaml index 483674bc5..d7a06ecf7 100644 --- a/deployment/helm/node-feature-discovery/templates/topologyupdater.yaml +++ b/deployment/helm/node-feature-discovery/templates/topologyupdater.yaml @@ -89,7 +89,8 @@ spec: # Disable kubelet state tracking by giving an empty path - "-kubelet-state-dir=" {{- end }} - - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}} + - "-metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}" + - "-grpc-health={{ .Values.topologyUpdater.healthPort | default "8082" }}" {{- with .Values.topologyUpdater.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/deployment/helm/node-feature-discovery/templates/worker.yaml b/deployment/helm/node-feature-discovery/templates/worker.yaml index 4c31e84dd..146593d13 100644 --- a/deployment/helm/node-feature-discovery/templates/worker.yaml +++ b/deployment/helm/node-feature-discovery/templates/worker.yaml @@ -71,19 +71,20 @@ spec: command: - "nfd-worker" args: -{{- if not .Values.featureGates.NodeFeatureAPI }} + {{- if not .Values.featureGates.NodeFeatureAPI }} - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}" -{{- end }} -{{- if .Values.tls.enable }} + {{- end }} + {{- if .Values.tls.enable }} - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt" - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key" - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt" -{{- end }} -# Go over featureGate and add the feature-gate flag -{{- range $key, $value := .Values.featureGates }} + {{- end }} + # Go over featureGate and add the feature-gate flag + {{- range $key, $value := .Values.featureGates }} - "-feature-gates={{ $key }}={{ $value }}" -{{- end }} + {{- end }} - "-metrics={{ .Values.worker.metricsPort | default "8081"}}" + - "-grpc-health={{ .Values.worker.healthPort | default "8082" }}" {{- with .Values.gc.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} @@ -125,11 +126,11 @@ spec: - name: nfd-worker-conf mountPath: "/etc/kubernetes/node-feature-discovery" readOnly: true -{{- if .Values.tls.enable }} + {{- if .Values.tls.enable }} - name: nfd-worker-cert mountPath: "/etc/kubernetes/node-feature-discovery/certs" readOnly: true -{{- end }} + {{- end }} volumes: - name: host-boot hostPath: @@ -166,12 +167,12 @@ spec: items: - key: nfd-worker.conf path: nfd-worker.conf -{{- if .Values.tls.enable }} + {{- if .Values.tls.enable }} - name: nfd-worker-cert secret: secretName: nfd-worker-cert -{{- end }} - {{- with .Values.worker.nodeSelector }} + {{- end }} + {{- with .Values.worker.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/deployment/helm/node-feature-discovery/values.yaml b/deployment/helm/node-feature-discovery/values.yaml index db088410e..37683b97c 100644 --- a/deployment/helm/node-feature-discovery/values.yaml +++ b/deployment/helm/node-feature-discovery/values.yaml @@ -58,6 +58,7 @@ master: # be removed with it in a future release port: 8080 metricsPort: 8081 + healthPort: 8082 instance: featureApi: resyncPeriod: @@ -406,6 +407,7 @@ worker: ### metricsPort: 8081 + healthPort: 8082 daemonsetAnnotations: {} podSecurityContext: {} # fsGroup: 2000 @@ -497,6 +499,7 @@ topologyUpdater: create: true metricsPort: 8081 + healthPort: 8082 kubeletConfigPath: kubeletPodResourcesSockPath: updateInterval: 60s diff --git a/docs/deployment/helm.md b/docs/deployment/helm.md index d9e009f11..9ac221f16 100644 --- a/docs/deployment/helm.md +++ b/docs/deployment/helm.md @@ -180,6 +180,7 @@ API's you need to install the prometheus operator in your cluster. | `master.hostNetwork` | bool | false | Specifies whether to enable or disable running the container in the host's network namespace | | `master.port` | integer | | Specifies the TCP port that nfd-master listens for incoming requests. **NOTE**: this parameter is related to the deprecated gRPC API and will be removed with it in a future release | | `master.metricsPort` | integer | 8081 | Port on which to expose metrics from components to prometheus operator | +| `master.healthPort` | integer | 8082 | Port on which to expose the grpc health endpoint | | `master.instance` | string | | Instance name. Used to separate annotation namespaces for multiple parallel deployments | | `master.resyncPeriod` | string | | NFD API controller resync period. | | `master.extraLabelNs` | array | [] | List of allowed extra label namespaces | @@ -217,7 +218,8 @@ API's you need to install the prometheus operator in your cluster. | `worker.*` | dict | | NFD worker daemonset configuration | | `worker.enable` | bool | true | Specifies whether nfd-worker should be deployed | | `worker.hostNetwork` | bool | false | Specifies whether to enable or disable running the container in the host's network namespace | -| `worker.metricsPort*` | int | 8081 | Port on which to expose metrics from components to prometheus operator | +| `worker.metricsPort` | int | 8081 | Port on which to expose metrics from components to prometheus operator | +| `worker.healthPort` | int | 8082 | Port on which to expose the grpc health endpoint | | `worker.config` | dict | | NFD worker [configuration](../reference/worker-configuration-reference) | | `worker.podSecurityContext` | dict | {} | [PodSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) holds pod-level security attributes and common container settins | | `worker.securityContext` | dict | {} | Container [security settings](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | @@ -252,6 +254,7 @@ API's you need to install the prometheus operator in your cluster. | `topologyUpdater.serviceAccount.name` | string | | The name of the service account for topology updater to use. If not set and create is true, a name is generated using the fullname template and `-topology-updater` suffix | | `topologyUpdater.rbac.create` | bool | true | Specifies whether to create [RBAC][rbac] configuration for topology updater | | `topologyUpdater.metricsPort` | integer | 8081 | Port on which to expose prometheus metrics | +| `topologyUpdater.healthPort` | integer | 8082 | Port on which to expose the grpc health endpoint | | `topologyUpdater.kubeletConfigPath` | string | "" | Specifies the kubelet config host path | | `topologyUpdater.kubeletPodResourcesSockPath` | string | "" | Specifies the kubelet sock path to read pod resources | | `topologyUpdater.updateInterval` | string | 60s | Time to sleep between CR updates. Non-positive value implies no CR update. |