We don't want that as it makes dynamic configuration of the
sleep-interval via the config file impossible. It was set to the
internal default value, anyway.
Need to create the provenance file by hand as we mangle the name of the
chart archive. However, this also provides better user experience (for
the release manager) as gpg version 2.1 and later are supported.
Reduce default log verbosity. Only print out labels if log verbosity is
1 or higher ('core.klog.v: 1' config file option or '-v 1' on command
line). Also, dump the labels in a reproducible (sorted) format.
cert-manager can be used to automate TLS certificate management for
nfd-master and the nfd-worker pod(s).
Add a template to deploy cert-manager CA Issuer and Certificates and
document steps how to use them.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Take the default value displayed for the image.repository Helm chart
parameter dynamically from the Jekyll configuration. This way, we
get the correct value for releases/release branches.
Build a "minimal" variant of the nfd image based on
gcr.io/distroless/base. The motivations behind the minimal image are
image hardening (security) and reducing the image footprint (from ca.
108MB down to about 40MB).
The practical effect of deploying the minimal image is that no runtimes
for running worker hooks are present, not even a shell. This means that
only statically linked linked hook binaries are supported. Also, because
of the image hardening live debugging of the minimal image by attaching
to the container is not possible, and, the "full" image needs to be used
for that purpose.
Make the update-gh-pages.sh script to maintain a Helm charts repository
under charts/ subdirectory in gh-pages. The script now (always) scans
throught all release assets and injects any found Helm chart archives
into the Helm repo. In practice, new assets in all Github releases are
scanned and the Helm repo is updated on any update of the master or
release branches or on any new tags. Asset ids are tracked/cached in
order to avoid unnecessary downloads, but also, to capture any changes
in assets that were already merged in the repo index.
After this a user is able to do something like
$ helm repo add nfd http://kubernetes-sigs.github.io/node-feature-discovery/charts
...
$ helm repo update
...
$ helm install nfd/node-feature-discovery --namespace nfd --create-namespace --generate-name
...
This adds additional cpu features:
- pstate status from status of intel_pstate driver
- pstate scaling settings from scaling_governor
- cstate enable from max_cstates in intel_idle driver