1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2024-12-14 11:57:51 +00:00
Commit graph

34 commits

Author SHA1 Message Date
Markus Lehtonen
342c1dfbc6 Dockerfile: use make for building
Modify Makefile to have separate hostmount prefix settings for local and
container builds in order to preserve the current behavior.
2020-08-21 14:27:39 +03:00
Kubernetes Prow Robot
a68a4ec4fb
Merge pull request #325 from marquiz/devel/hardening
Container image hardening
2020-08-21 02:51:39 -07:00
Alexander Kanevskiy
eb8fe6393a Update builder image to Go 1.13.12
Go versions after 1.13.7 contain fix for CVE-2020-7919
2020-07-10 14:24:01 +03:00
Markus Lehtonen
855bf34190 Dockerfile: run as non-root 2020-05-28 15:10:03 +03:00
Markus Lehtonen
704c81a4d2 Make host mount prefix configurable in Makefile and Dockerfile
Introduce a new makefile variable and dockerfile build arg named
HOSTMOUNT_PREFIX for changing the prefix used for mounting host
directories inside the container. Adds a sed rule in Makefile to
generate deployment yamls accordingly.
2020-05-20 22:15:41 +03:00
Markus Lehtonen
248859c64d source: parametrise host directory paths
Specify and handle system paths we use for discovery in a unified way.
2020-05-20 22:15:41 +03:00
Carlos Eduardo Arango Gutierrez
3e1e1a944b
Update go version to 1.13.5
Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>
2020-02-05 16:15:44 -05:00
Markus Lehtonen
f4d55ce040 Dockerfile: store build deps in a separate layer
Speeds up local builds considerably as the deps are cached (instead of
downloading them all on every build) - as long as go.mod and go.sum are
not changed.
2019-11-20 18:38:48 +02:00
Markus Lehtonen
67ddd87c41 Switch to using go modules
Update go version in Docker build image to v1.12.
2019-11-20 18:38:42 +02:00
Markus Lehtonen
6563da29ab Dockerfile: verbose dep ensure
Better see what is happening inside the build.
2019-05-10 15:50:53 +03:00
Markus Lehtonen
0a22564b9f Dockerfile: set verbosity of gRPC
Makes solving issues easier when gRPC prints out information e.g. about
TLS authentication problems on the server (nfd-master) side, too.
2019-04-04 22:40:24 +03:00
Markus Lehtonen
f8bc07952f Fix unit tests after master-worker split
Refactor old tests and add tests for new functions. Add 'test' target in
Makefile.
2019-04-04 22:40:24 +03:00
Markus Lehtonen
39be798472 Split NFD into client and server
Refactor NFD into a simple server-client system. Labeling is now done by
a separate 'nfd-master' server. It is a simple service with small
codebase, designed for easy isolation. The feature discovery part is
implemented in a 'nfd-worker' client which sends labeling requests to
nfd-server, thus, requiring no access/permissions to the Kubernetes API
itself.

Client-server communication is implemented by using gRPC. The protocol
currently consists of only one request, i.e. the labeling request.

The spec templates are converted to the new scheme. The nfd-master
server can be deployed using the nfd-master.yaml.template which now also
contains the necessary RBAC configuration. NFD workers can be deployed
by using the nfd-worker-daemonset.yaml.template or
nfd-worker-job.yaml.template (most easily used with the label-nodes.sh
script).

Only nfd-worker currently support config file or options. The (default)
NFD config file is renamed to nfd-worker.conf.
2019-04-04 22:40:24 +03:00
Markus Lehtonen
c1377589b3 Move version information into a separate module 2019-04-04 22:40:24 +03:00
Markus Lehtonen
2bf4d6f1f4 Migrate from glide to dep
Glide is not actively developed anymore, and, its documentation
recommends migrating to dep. Also, dep is widely used in other k8s
projects.

Migrating to dep dramatically reduces the size of the populated vendor/
directory from 75MB down to about 20MB.
2019-04-04 22:40:24 +03:00
Markus Lehtonen
e866b6ee1c Implement RDT detection in go
Get rid of the dependency on intel-cmt-cat library and rdt helper
binaries written in C. Significantly simplifies the build procedure.

Implements minimal support (in assembler) for getting the raw data from
the CPUID instruction. Also, implement a stub so that the code works on
other architectures than amd64, too.
2019-02-22 22:23:13 +02:00
Markus Lehtonen
47a97db35a Import from sigs.k8s.io/node-feature-discovery 2018-12-04 15:15:46 +02:00
Markus Lehtonen
917151728a Add config file support
Support yaml/json based config file for nfd. This commit does not add
any actual consumers for the config file, yet.

By default, nfd tries to read
/etc/kubernetes/node-feature-discovery/node-feature-discovery.conf.
This can be changed by specifying the --config command line flag.
2018-10-10 10:24:34 +03:00
Markus Lehtonen
f00f231c60 Use Debian strecth-slim as a base for the producion Docker image
To cut the image size further, down to about 75MB. We use Debian
strecth-slim as the base for the production image as golang docker
images use stretch as their base.
2018-09-24 10:15:23 +03:00
Markus Lehtonen
bff94eb107 Utilize multi-stage build to reduce docker image size
This reduces the size of the Docker image from ca. 1.2GB down to about
750MB.

Also, move unit tests from .travis.yml to Dockerfile. Final production
image is not able to run unit tests anymore, as sources are missing from
there.
2018-09-24 10:15:23 +03:00
Olev Kartau
4f4b0867b9 rdt-discovery, Dockerfile: update links to intel-cmt-cat
intel-cmt-cat repo is located in github/intel/ now,
update links accordingly, correcting also some
source file names pointed from files under rdt-discovery/.
Updated also ref. to intel-cmt-cat in Dockerfile.
No functional changes.
2018-07-03 08:19:54 +03:00
Markus Lehtonen
0440c8eabc Use a specific released version of intel-cmt-cat
This makes the build more deterministic. Previously, nfd just blindly
took the tip revision from intel-cmt-cat master branch which could brake
the build without any changes in nfd itself.
2018-04-10 11:04:14 +03:00
Markus Lehtonen
348f3a7f89 Remove hardcoding of nfd source path (#94)
* Make rdt-discovery buildable outside hardcoded path

Do not assume that nfd sources always reside under hardcoded directory
"/go/src/github.com/kubernetes-incubator/node-feature-discovery/". This
makes it possible e.g. to build nfd locally outside the Docker
container.

* Do not hardcode the path for RDT helper binaries

Utilize the standard PATH env variable, instead.
2018-03-16 09:56:35 -07:00
Bin Lu
4fc45c95d1 enable nfd framework on Arm64 platform
currently, nfd framework can't be work on Arm64 platform.
   Fix points:
   1, removed rdt on Arm64 platform
   2, optimized the code related to multi-arch

Change-Id: If605041f6d2243ae2afb3248edbf102083c6dcb4
Signed-off-by: Bin Lu <bin.lu@arm.com>
Jira: ENTOS-432
2018-01-10 00:46:37 -05:00
Michał Stachowski
59b0d5000a Add support for Kubernetes 1.8+ (#82)
bump client version 5.0.2
2017-11-21 12:21:56 +01:00
Balaji Subramaniam
d527d588f3 Fix to report the correct version inside container.
- Used build args to pass the correct version.
2016-12-09 13:36:15 -08:00
Balaji Subramaniam
e373c658f5 Fixed vulnerabilities in Docker image.
- Updated to debian testing (stretch).
- Updated to go v1.7.
- Added .dockerignore file.
2016-09-20 10:49:52 -07:00
Connor Doyle
570d1ae5be Replayed commit history. 2016-08-31 11:44:06 -07:00
Connor Doyle
e79ffd2c2a Refactored feature sources.
- Added interface FeatureSource, moved cpuid, rdt and pstate
  discovery logic into implementations.
- Updated logging output to make it more machine-readable
  (one feature, in label-format, per line).
- Normalized label names (derived from the underlying feature source).
- Added makefile.
- Added command-line argument parsing and proper CLI documentation.
- Added ability to filter the enabled feature sources: cpuid,rdt,pstate.
- Added ability to print the software version and exit.
- Added ability to print the CLI help.
- Updated README.
- Updated dep versions.
- Added -s -w to ldflags.
- Output version label along with discovered feature labels.
- Added sources section to README.
- Normalized README link for pstate
2016-08-30 14:41:59 -07:00
Connor Doyle
4bd63cb7f3 Automatically determine git version for labels.
- Added git version to published labels.
- Minor formatting fix in job template.
- Added .travis.yml and added build status image link to README.
- Added .gitignore.
2016-08-30 14:34:58 -07:00
Balaji Subramaniam
9c8b1bc8b3 Changed Dockerfile to use stable tag. Minor changes to readme. 2016-08-30 14:34:58 -07:00
Balaji Subramaniam
eaa116f565 Added more logging. Changed formatting. 2016-08-30 14:34:58 -07:00
Balaji Subramaniam
d96f50e7c6 1. Enabled RDT discovery.
2. Updated the ds to a job for node labelling.
3. Added script to run a job in each node.
4. Updated Readme.
2016-07-12 02:30:49 +02:00
Balaji Subramaniam
15a4d0ef2e Initial Commit. 2016-07-01 11:46:05 -07:00