mirror of
https://github.com/kubernetes-sigs/node-feature-discovery.git
synced 2024-12-14 11:57:51 +00:00
deployment/kustomize: drop default-combined overlay
The "combined" overlay, deploying nfd-master and nfd-worker in the same pod (with a daemonset) doesn't make sense anymore as we have enabled NodeFeature API. There is no direct communication between nfd-master and nfd-worker anymore, Moreover, the combined deployment can be seen as broken as there is one NodeFeature controller (i.e. nfd-master) on each node, causing them to race against each other, all processing all NodeFeature objects.
This commit is contained in:
parent
7f859ce568
commit
53f5967555
10 changed files with 1 additions and 190 deletions
|
@ -1,7 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: node-feature-discovery
|
||||
|
||||
resources:
|
||||
- master-worker-daemonset.yaml
|
|
@ -1,41 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
labels:
|
||||
app: nfd
|
||||
name: nfd
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nfd
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nfd
|
||||
spec:
|
||||
serviceAccount: nfd-master
|
||||
enableServiceLinks: false
|
||||
tolerations: []
|
||||
containers:
|
||||
- name: nfd-master
|
||||
image: gcr.io/k8s-staging-nfd/node-feature-discovery:master
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
grpc:
|
||||
port: 8080
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
grpc:
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
failureThreshold: 10
|
||||
command:
|
||||
- "nfd-master"
|
||||
- name: nfd-worker
|
||||
image: gcr.io/k8s-staging-nfd/node-feature-discovery:master
|
||||
imagePullPolicy: Always
|
||||
command:
|
||||
- "nfd-worker"
|
||||
args: []
|
|
@ -1,14 +0,0 @@
|
|||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env"
|
||||
value:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/1/env"
|
||||
value:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
|
@ -18,23 +18,6 @@ patches:
|
|||
target:
|
||||
labelSelector: app=nfd
|
||||
name: nfd-worker
|
||||
# We need separate patches for the "combined" daemonset with two containers in the pod :/
|
||||
- path: env-combined.yaml
|
||||
target:
|
||||
labelSelector: app=nfd
|
||||
name: nfd
|
||||
- path: securitycontext-combined.yaml
|
||||
target:
|
||||
labelSelector: app=nfd
|
||||
name: nfd
|
||||
- path: master-affinity.yaml
|
||||
target:
|
||||
labelSelector: app=nfd
|
||||
name: nfd
|
||||
- path: worker-mounts-combined.yaml
|
||||
target:
|
||||
labelSelector: app=nfd
|
||||
name: nfd
|
||||
- path: master-mounts.yaml
|
||||
target:
|
||||
labelSelector: app=nfd
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
- op: add
|
||||
path: "/spec/template/spec/containers/0/securityContext"
|
||||
value:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/1/securityContext"
|
||||
value:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
|
@ -1,55 +0,0 @@
|
|||
- op: add
|
||||
path: /spec/template/spec/volumes
|
||||
value:
|
||||
- name: host-boot
|
||||
hostPath:
|
||||
path: "/boot"
|
||||
- name: host-os-release
|
||||
hostPath:
|
||||
path: "/etc/os-release"
|
||||
- name: host-sys
|
||||
hostPath:
|
||||
path: "/sys"
|
||||
- name: host-usr-lib
|
||||
hostPath:
|
||||
path: "/usr/lib"
|
||||
- name: host-lib
|
||||
hostPath:
|
||||
path: "/lib"
|
||||
- name: source-d
|
||||
hostPath:
|
||||
path: "/etc/kubernetes/node-feature-discovery/source.d/"
|
||||
- name: features-d
|
||||
hostPath:
|
||||
path: "/etc/kubernetes/node-feature-discovery/features.d/"
|
||||
- name: nfd-worker-conf
|
||||
configMap:
|
||||
name: nfd-worker-conf
|
||||
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/1/volumeMounts
|
||||
value:
|
||||
- name: host-boot
|
||||
mountPath: "/host-boot"
|
||||
readOnly: true
|
||||
- name: host-os-release
|
||||
mountPath: "/host-etc/os-release"
|
||||
readOnly: true
|
||||
- name: host-sys
|
||||
mountPath: "/host-sys"
|
||||
readOnly: true
|
||||
- name: host-usr-lib
|
||||
mountPath: "/host-usr/lib"
|
||||
readOnly: true
|
||||
- name: host-lib
|
||||
mountPath: "/host-lib"
|
||||
readOnly: true
|
||||
- name: source-d
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
|
||||
readOnly: true
|
||||
- name: features-d
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
|
||||
readOnly: true
|
||||
- name: nfd-worker-conf
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery"
|
||||
readOnly: true
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: node-feature-discovery
|
||||
|
||||
resources:
|
||||
- ../../base/rbac
|
||||
- ../../base/nfd-crds
|
||||
- ../../base/master-worker-combined
|
||||
- namespace.yaml
|
||||
|
||||
components:
|
||||
- ../../components/worker-config
|
||||
- ../../components/common
|
||||
- ../../components/master-config
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: node-feature-discovery
|
|
@ -48,8 +48,6 @@ scenarios under
|
|||
|
||||
- [`default`](https://github.com/kubernetes-sigs/node-feature-discovery/blob/{{site.release}}/deployment/overlays/default):
|
||||
default deployment of nfd-worker as a daemonset, described above
|
||||
- [`default-combined`](https://github.com/kubernetes-sigs/node-feature-discovery/blob/{{site.release}}/deployment/overlays/default-combined)
|
||||
see [Master-worker pod](#master-worker-pod) below
|
||||
- [`default-job`](https://github.com/kubernetes-sigs/node-feature-discovery/blob/{{site.release}}/deployment/overlays/default-job):
|
||||
see [Worker one-shot](#worker-one-shot) below
|
||||
- [`master-worker-topologyupdater`](https://github.com/kubernetes-sigs/node-feature-discovery/blob/{{site.release}}/deployment/overlays/master-worker-topologyupdater):
|
||||
|
@ -72,23 +70,6 @@ scenarios under
|
|||
[Custom feature source](../usage/features.md#custom) for more information about
|
||||
custom node labels
|
||||
|
||||
### Master-worker pod
|
||||
|
||||
You can also run nfd-master and nfd-worker inside the same pod
|
||||
|
||||
```bash
|
||||
kubectl apply -k https://github.com/kubernetes-sigs/node-feature-discovery/deployment/overlays/default-combined?ref={{ site.release }}
|
||||
|
||||
```
|
||||
|
||||
This creates a DaemonSet that runs nfd-worker and nfd-master in the same Pod.
|
||||
In this case no nfd-master is run on the master node(s), but, the worker nodes
|
||||
are able to label themselves which may be desirable e.g. in single-node setups.
|
||||
|
||||
> **NOTE:** nfd-topology-updater is not deployed by the default-combined
|
||||
> overlay. To enable nfd-topology-updater in this scenario,the users must
|
||||
> customize the deployment themselves.
|
||||
|
||||
### Worker one-shot
|
||||
|
||||
Feature discovery can alternatively be configured as a one-shot job.
|
||||
|
|
|
@ -90,8 +90,7 @@ kubectl apply -k .
|
|||
```
|
||||
|
||||
You can use alternative deployment methods by modifying the auto-generated
|
||||
kustomization file. For example, deploying worker and master in the same pod by
|
||||
pointing to `deployment/overlays/default-combined`.
|
||||
kustomization file.
|
||||
|
||||
### Building locally
|
||||
|
||||
|
|
Loading…
Reference in a new issue