1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2024-12-15 17:50:49 +00:00
Commit graph

414 commits

Author SHA1 Message Date
Kubernetes Prow Robot
407a610e0c
Merge pull request #1182 from fmuyassarov/disable-hooks-by-default
hooks: disable hooks by default from v0.14
2023-06-22 04:43:40 -07:00
Carlos Eduardo Arango Gutierrez
563cc862de
Docs: Fix typo on customization-guide
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
2023-06-09 10:23:33 +02:00
Muyassarov, Feruzjon
19527be924
hooks: disable hooks by default
We have deprecated hooks in v0.12.0 but kept it enabled by default.
Starting from v0.14 we are starting to disable it by default and
plan to fully remove it in the near future.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
2023-06-07 13:04:23 +03:00
Simon Jürgensmeyer
307a865465
Fix missing apostrophe for jq 2023-06-07 09:53:02 +02:00
Hairong Chen
e8a00ba7da cpu: Discover TDX guests based on cpuid information
NFD already has the capability to discover whether baremetal / host
machines support Intel TDX.  Now, the next step is to add support for
discovering whether a node is TDX protected (as in, a virtual machine
started using Intel TDX).

In order to do so, we've decided to go for a new `cpu-security.tdx`
property, called `protected` (`cpu-security.tdx.protected`).

Signed-off-by: Hairong Chen <hairong.chen@intel.com>
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2023-06-05 11:06:28 +02:00
Kubernetes Prow Robot
306969a945
Merge pull request #1133 from AhmedGrati/feat-parallelize-nodes-update
feat: parallelize nodes update
2023-06-02 05:28:57 -07:00
AhmedGrati
b3cfe17392 feat: parallelize nodes update
This PR aims to optimize the process of updating nodes with
corresponding features. In fact, previously, we were updating nodes
sequentially even though they are independent from each other.
Therefore, we integrated new components: LabelersNodePool which is
responsible for spininng a goroutine whenever there's a request for
updating nodes, and a Workqueue which is responsible for holding nodes names
that should be updated.

Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-06-02 11:41:50 +01:00
AhmedGrati
08b9c3486e feat: support dynamic values for labels in the NodeFeatureRule
This PR aims to support the dynamic values for labels in the
NodeFeatureRule CRD, it would offer more flexible labeling for users.
To achieve this, we check whether label value starts with "@", and if
it's the case, we will get the value of the feature value, and update
the value of the label with the feature value.

Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-05-31 23:30:26 +01:00
Kubernetes Prow Robot
d28a02c5cd
Merge pull request #1222 from vaibhav2107/kustomize-type
Fixed typo in Header under deployment/kustomize.md
2023-05-22 00:42:21 -07:00
Kubernetes Prow Robot
70d5ef477f
Merge pull request #1219 from PiotrProkop/leader-elect
Add leader election for nfd-master
2023-05-22 00:36:21 -07:00
vaibhav2107
9f7854479f Fixed type in Header under deployment/kustomize.md 2023-05-18 14:59:54 +05:30
PiotrProkop
272fd4784f Add new flag enable-leader-election for nfd-master.
It allows NFD-master to be run in active-passive way when running
multiple instances of NFD-master to prevent multiple components
from updating same custom resources.

Signed-off-by: PiotrProkop <pprokop@nvidia.com>
2023-05-15 13:30:07 +02:00
Markus Lehtonen
1200fd05c5 topology-updater: use node IP in the default configz URI
Use a separate NODE_ADDRESS environment variable in the default value of
-kubelet-config-uri (instead of NODE_NAME that was previously used).
Also change the kustomize and Helm deployments to set this variable to
node IP address. This should make the default deployment more robust,
making it work in scenarios where node name does not resolve to the node
ip, e.g. nodename != hostname.
2023-05-05 13:29:51 +03:00
Kubernetes Prow Robot
cd45baef8d
Merge pull request #1211 from marquiz/devel/helm
deployment/helm: improve handling of topologyUpdater.kubeletStateFiles
2023-05-05 00:17:13 -07:00
Markus Lehtonen
526aab87cf deployment/helm: user dedicated serviceaccount for topology-updater
Change the configuration so that, by default, we use a dedicated
serviceaccount for topology-updater (similar to topology-gc, nfd-master
and nfd-worker).

Fix the templates so that the serviceaccount and clusterrolebinding are
only created when topology-updater is enabled (clusterrole was already
handled this way).

This patch also correctly documents the default value of rbac.create
parameter of topology-updater and topology-gc.
2023-05-05 08:30:21 +03:00
Markus Lehtonen
9c2f268fd2 deployment/helm: improve handling of topologyUpdater.kubeletStateFiles
Make it possible to disable kubelet state tracking with
--set topologyUpdater.kubeletStateFiles="" as the documentation
suggests.

Also, fix the documentation regarding the default value of
topologyUpdater.kubeletStateFiles parameter.
2023-05-04 15:01:19 +03:00
Markus Lehtonen
9685d292a2 docs: add missing .md suffix to internal references
Commit bfbc47f55e added a lot of those and
this patch tries to cover all that we missed there. Having .md suffixes
in references to internal files makes it convenient to browse the
document locally, just as text files as the references work correctly.
2023-04-25 15:28:07 +03:00
Kubernetes Prow Robot
2356223ffc
Merge pull request #1139 from AhmedGrati/feat-configure-master-resync
feat: add master resync period configurability
2023-04-24 03:49:02 -07:00
AhmedGrati
7917434d38 feat: add master resync period configurability
This PR adds a config option for setting the NFD API controller resync period.
The resync period is only activated when the NodeFeature API has been
enabled (with -enable-nodefeature-api).

Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-04-24 11:52:38 +02:00
Carlos Eduardo Arango Gutierrez
05ef5d4e9d
cpu: expose the total number of AMD SEV ASID and ES
This patch add SEV ASIDs and the related (but distinct) SEV Encrypted State
(SEV-ES) IDs as two quantities to be exposed via extended resources.
In a kernel built with CONFIG_CGROUP_MISC on a suitably equipped AMD CPU, the
root control group will have a misc.capacity file that shows the number of
available IDs in each category.

The added extended resources are:
- sev.asids
- sev.encrypted_state_ids

Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
2023-04-17 19:34:39 +02:00
Mikko Ylinen
de1b69a8bf cpu: make SGX EPC resource available to NodeFeatureRules
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2023-04-14 15:31:54 +03:00
Markus Lehtonen
3320c74472 source/cpu: don't create cpu-security.tdx.total_keys label
Just have that as a feature for NodeFeatureRules to consume.
2023-04-14 13:33:13 +03:00
Kubernetes Prow Robot
84c348b69f
Merge pull request #1126 from marquiz/devel/er-deprecation
nfd-master: deprecate the -resource-labels flag
2023-04-13 10:52:39 -07:00
Kubernetes Prow Robot
8d71ed6755
Merge pull request #1086 from AhmedGrati/feat-support-builtin-kernel-mods
feat: support builtin kernel mods
2023-04-13 10:30:40 -07:00
AhmedGrati
109caa1f28 feat: support builtin kernel mods
This PR adds the combination of dynamic and builtin kernel modules into
one feature called `kernel.enabledmodule`. It's a superset of the
`kernel.loadedmodule` feature.

Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-04-13 10:19:24 +01:00
Markus Lehtonen
8511980bf4 nfd-master: deprecate the -resource-labels flag
Mark the -resource-labels flag (and the corresponding resourceLabels
config option) as deprecated. We now support managing extended resources
via NodeFeatureRule objects. This kludge deserves to go, eventually.
2023-04-13 11:30:58 +03:00
Markus Lehtonen
dcbb3bc450 docs: add missing mentions of extended resources and taints
A small update to fix some missing mentions of extended resources and
taints as assets managed by NFD.
2023-04-11 20:38:21 +03:00
Kubernetes Prow Robot
ad07829d0a
Merge pull request #1099 from ArangoGutierrez/extended_resources_v2
Create extended resources with NodeFeatureRule
2023-04-07 08:09:15 -07:00
Fabiano Fidêncio
250aea4741
Create extended resources with NodeFeatureRule
Add support for management of Extended Resources via the
NodeFeatureRule CRD API.

There are usage scenarios where users want to advertise features
as extended resources instead of labels (or annotations).

This patch enables the discovery of extended resources, via annotation
and patch of node.status.capacity and node.status.allocatable. By using
the NodeFeatureRule API.

Co-authored-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>
Co-authored-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
2023-04-07 16:14:56 +02:00
Kubernetes Prow Robot
6740224a13
Merge pull request #1100 from PiotrProkop/expose-L3-num-closid
Advertise RDT L3 num_closid
2023-04-07 00:49:14 -07:00
Markus Lehtonen
cc6c20ff5f nfd-master: disallow unprefixed and kubernetes taints
Disallow taints having a key with "kubernetes.io/" or "*.kubernetes.io/"
prefix. This is a precaution to protect the user from messing up with
the "official" well-known taints from Kubernetes itself. The only
exception is that the "nfd.node.kubernetes.io/" prefix is allowed.

However, there is one allowed NFD-specific namespace (and its
sub-namespaces) i.e. "feature.node.kubernetes.io" under the
kubernetes.io domain that can be used for NFD-managed taints.

Also disallow unprefixed taint keys. We don't add a default prefix to
unprefixed taints (like we do for labels) from NodeFeatureRules. This is
to prevent unpleasant surprises to users that need to manage matching
tolerations for their workloads.
2023-04-06 16:12:37 +03:00
PiotrProkop
0e78eba40e Advertise RDT L3 num_closid
Signed-off-by: PiotrProkop <pprokop@nvidia.com>
2023-04-06 11:22:55 +02:00
Kubernetes Prow Robot
3c0c43b9be
Merge pull request #1114 from marquiz/devel/rdt-deprecate
source/cpu: deprecate cpu-rdt.* labels
2023-04-05 06:21:40 -07:00
Kubernetes Prow Robot
193c552b33
Merge pull request #1084 from AhmedGrati/feat-add-master-config-file
feat: add master config file
2023-04-04 10:41:40 -07:00
Markus Lehtonen
6cb5e99afa source/cpu: deprecate cpu-rdt.* labels
Document built-in RDT labels to be deprecated and removed in a future
release. The plan is that the default built-in RDT labels would not be
created anymore, but the RDT features would still be available for
NodeFeatureRules to consume.

The RDT labels are not very useful (they don't e.g indicate if the
features are really enabled in kernel or if the resctrlfs is mounted).
2023-04-04 11:54:57 +03:00
AhmedGrati
3fff409f6d Add master config file
Similar to the nfd-worker, in this PR we want to support the
dynamic run-time configurability through a config file for the nfd-master.

We'll use a json or yaml configuration file along with the fsnotify in
order to watch for changes in the config file. As a result, we're
allowing dynamic control of logging params, allowed namespaces,
extended resources, label whitelisting, and denied namespaces.

Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-04-03 09:52:09 +01:00
Fabiano Fidêncio
10672e1bba cpu: Expose the total number of keys for TDX
The total amount of keys that can be used on a specific TDX system is
exposed via the cgroups misc.capacity. See:

```
$ cat /sys/fs/cgroup/misc.capacity
tdx 31
```

The first step to properly manage the amount of keys present in a node
is exposing it via the NFD, and that's exactly what this commit does.

An example of how it ends up being exposed via the NFD:

```
$ kubectl get node 984fee00befb.jf.intel.com -o jsonpath='{.metadata.labels}'  | jq | grep tdx.total_keys
  "feature.node.kubernetes.io/cpu-security.tdx.total_keys": "31",
```

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2023-03-31 09:12:26 +02:00
Carlos Eduardo Arango Gutierrez
7171cfd4eb
cpu: expose AMD SEV support
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
Co-authored-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>
2023-03-30 15:19:43 +02:00
AhmedGrati
02b3b7c7e0 feat: add enableTaints to helm chart
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-03-21 10:49:24 +01:00
Talor Itzhak
5c6be580f4 reactive updates: add an option to disable the feature
Access to the kubelet state directory may raise concerns in some setups, added an option to disable it.
The feature is enabled by default.

Signed-off-by: Talor Itzhak <titzhak@redhat.com>
2023-03-16 11:53:16 +02:00
Talor Itzhak
727de56191 documentaion: document the reactive updates feature
Signed-off-by: Talor Itzhak <titzhak@redhat.com>
2023-03-16 11:53:12 +02:00
Talor Itzhak
8924213d14 topology-updater: make it possible to disable sleep-interval
Especially convenient for testing porpuses and
completely harmless

Signed-off-by: Talor Itzhak <titzhak@redhat.com>
2023-03-12 12:43:17 +02:00
Sajiyah Salat
7082c31d6c
Update worker-configuration-reference.md 2023-03-08 21:33:44 +05:30
Sajiyah Salat
fb2d70a313
Update worker-configuration-reference.md 2023-03-08 21:28:45 +05:30
AhmedGrati
ff2dddd27d docs: fix usage cusomization guide typos
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-02-27 10:26:25 +01:00
Jose Luis Ojosnegros Manchón
b340d112a8 topology-updater:compute pod set fingerprint
Add an option to compute the fingerprint of the current pod set on each
node.

Report this new fingerprint using an attribute in NRT object.
2023-02-22 10:22:50 +01:00
Kubernetes Prow Robot
69440d7820
Merge pull request #1062 from yanggangtony/fix-doc
docs: describe nfd-topology-gc in introduction.md
2023-02-21 02:17:48 -08:00
Muyassarov, Feruzjon
0e2f2c4587 go.mod: bump cpuid to v2.2.4
Bump cpuid version to v2.2.4 in the go.mod so that WRMSRNS (
Non-Serializing Write to Model Specific Register) and MSRLIST
(Read/Write List of Model Specific Registers) instructions are
detectable.

Signed-off-by: Muyassarov, Feruzjon <feruzjon.muyassarov@intel.com>
2023-02-20 22:58:59 +02:00
yanggang
150d4f4db2
docs: describe nfd-topology-gc in introduction.md
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-02-18 06:12:35 +08:00
Guangwen Feng
8ad6c5b425 Fix some typos
Signed-off-by: Guangwen Feng <fenggw-fnst@fujitsu.com>
2023-02-16 22:08:00 +08:00
Kubernetes Prow Robot
a92614c292
Merge pull request #1051 from AhmedGrati/feat-add-deny-label-ns-with-wildcard
feat: add deny-label-ns flag which supports wildcard
2023-02-15 03:42:25 -08:00
AhmedGrati
b499799364 feat: add deny-label-ns flag which supports wildcard
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-02-15 09:47:00 +01:00
Kubernetes Prow Robot
e3b9184354
Merge pull request #1027 from marquiz/devel/image-full
images: base the default image on distroless/base
2023-02-10 08:07:30 -08:00
AhmedGrati
07d5ffe4b8 helm: make master port configurable
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-02-01 10:03:06 +01:00
Markus Lehtonen
cd62f6566f images: base the default image on distroless/base
Make distroless/base as the base image for the default image,
effectively making the minimal image as the default. Add a new "full"
image variant that corresponds the previous default image. The
"*-minimal" container image tag is provided for backwards compatibility.

The practical user impact of this change is that hook support is limited
to statically linked ELF binaries. Bash or Perl scripts are not
supported by the default image, anymore, but the new "full" image
variant can be used for backwards compatibility.
2023-01-31 11:30:38 +02:00
Chandan Abhyankar
d66096a491 cpu: support for detecting nx-gzip coprocessor feature
Nest accelerator gzip support for IBM Power systems.

Signed-off-by: Chandan Abhyankar <Chandan.Abhyankar@ibm.com>
2023-01-17 23:18:16 -08:00
Hiren Panchasara
bfbc47f55e docs: fix internal cross-page references by injecting .md 2023-01-16 20:53:36 -08:00
PiotrProkop
3143faf0ab Add documentation for topology garbage collector
Signed-off-by: PiotrProkop <pprokop@nvidia.com>
2023-01-11 10:15:38 +01:00
Kubernetes Prow Robot
0159ab04e7
Merge pull request #1021 from fmuyassarov/docs-taint
Docs: mention tainting in the intro section
2023-01-02 02:19:30 -08:00
Kubernetes Prow Robot
79cd4fc094
Merge pull request #1023 from fmuyassarov/sfr-support
Bump cpuid to v2.2.3
2023-01-02 01:27:31 -08:00
Muyassarov, Feruzjon
d9dc4b09d5 Bump cpuid to v2.2.3
Bump cpuid to v2.2.3 which adds support for detecting Intel Sierra
Forest instructions like AVXIFMA, AVXNECONVERT, AVXVNNIINT8 and
CMPCCXADD.
Signed-off-by: Muyassarov, Feruzjon <feruzjon.muyassarov@intel.com>
2022-12-30 11:42:05 +02:00
Muyassarov, Feruzjon
842153a907 Docs: mention tainting in the intro section
Signed-off-by: Muyassarov, Feruzjon <feruzjon.muyassarov@intel.com>
2022-12-28 14:00:04 +02:00
Markus Lehtonen
8c0e38d0c5 docs: fix typo in CRD name 2022-12-21 13:42:10 +02:00
Markus Lehtonen
b91922746a docs: mention NodeFeature as an extension point
In the CRD intro, mention that NodeFeature can be used as an integration
point for 3rd party extensions.
2022-12-21 13:26:31 +02:00
Markus Lehtonen
27c47bd088 docs: better document differences between deployment methods 2022-12-20 16:29:48 +02:00
Markus Lehtonen
3209c14bea docs: document NodeFeature API
Document the usage of the NodeFeature CRD API. Also re-organize the
documentation a bit, moving the description of NodeFeatureRule
controller from customization guide to nfd-master usage page.
2022-12-14 22:33:12 +02:00
Markus Lehtonen
9f0806593d nfd-master: rename -featurerules-controller flag to -crd-controller
Deprecate the '-featurerules-controller' command line flag as the name
does not describe the functionality anymore: in practice it controls the
CRD controller handling both NodeFeature and NodeFeatureRule objects.
The patch introduces a duplicate, more generally named, flag
'-crd-controller'. A warning is printed in the log if
'-featurerules-controller' flag is encountered.
2022-12-14 10:23:45 +02:00
Markus Lehtonen
5a717c418b docs: small reordering of master cmdline reference
Move documentation of -enable-taints near '-enable-nodefeature-api' and
'-no-publish' as they are related in that they control the enablement of
APIs.
2022-12-14 07:31:28 +02:00
Markus Lehtonen
6ddd87e465 nfd-master: support NodeFeature objects
Add initial support for handling NodeFeature objects. With this patch
nfd-master watches NodeFeature objects in all namespaces and reacts to
changes in any of these. The node which a certain NodeFeature object
affects is determined by the "nfd.node.kubernetes.io/node-name"
annotation of the object. When a NodeFeature object targeting certain
node is changed, nfd-master needs to process all other objects targeting
the same node, too, because there may be dependencies between them.

Add a new command line flag for selecting between gRPC and NodeFeature
CRD API as the source of feature requests. Enabling NodeFeature API
disables the gRPC interface.

 -enable-nodefeature-api   enable NodeFeature CRD API for incoming
                           feature requests, will disable the gRPC
                           interface (defaults to false)

It is not possible to serve gRPC and watch NodeFeature objects at the
same time. This is deliberate to avoid labeling races e.g. by nfd-worker
sending gRPC requests but NodeFeature objects in the cluster
"overriding" those changes (labels from the gRPC requests will get
overridden when NodeFeature objects are processed).
2022-12-14 07:31:28 +02:00
Markus Lehtonen
237494463b nfd-worker: support creating NodeFeatures object
Support the new NodeFeatures object of the NFD CRD api. Add two new
command line options to nfd-worker:

 -kubeconfig               specifies the kubeconfig to use for
                           connecting k8s api (defaults to empty which
                           implies in-cluster config)
 -enable-nodefeature-api   enable the NodeFeature CRD API for
                           communicating node features to nfd-master,
                           will also automatically disable gRPC
                           (defgault to false)

No config file option for selecting the API is available as there should
be no need for dynamically selecting between gRPC and CRD. The
nfd-master configuration must be changed in tandem and it is safer (and
avoid awkward configuration races) to configure the whole NFD deployment
at once.

Default behavior of nfd-worker is not changed i.e. NodeFeatures object
creation is not enabled by default (but must be enabled with the command
line flag).

The patch also updates the kustomize and Helm deployment, adding RBAC
rules for nfd-worker and updating the example worker configuration.
2022-12-14 07:31:28 +02:00
Kubernetes Prow Robot
776a8c335c
Merge pull request #980 from marquiz/devel/topology-updater
nfd-topology-updater: update NodeResourceTopology objects directly
2022-12-08 01:44:22 -08:00
Markus Lehtonen
f13ed2d91c nfd-topology-updater: update NodeResourceTopology objects directly
Drop the gRPC communication to nfd-master and connect to the Kubernetes
API server directly when updating NodeResourceTopology objects.
Topology-updater already has connection to the API server for listing
Pods so this is not that dramatic change. It also simplifies the code
a lot as there is no need for the NFD gRPC client and no need for
managing TLS certs/keys.

This change aligns nfd-topology-updater with the future direction of
nfd-worker where the gRPC API is being dropped and replaced by a
CRD-based API.

This patch also update deployment files and documentation to reflect
this change.
2022-12-08 11:03:22 +02:00
Markus Lehtonen
881ee13654 docs: remove non-existent nodeFeatureRule.createCRD parameter
This value was recently dropped.
2022-12-07 16:25:43 +02:00
Markus Lehtonen
0834ec5cbf go.mod: update to klauspost/cpuid to v2.2.2
Support detection of Intel TME (Total Memory Encryption) plus AMXFP16
and PREFETCHI.
2022-12-07 13:58:19 +02:00
Feruzjon Muyassarov
984a3de198 Document tainting feature
Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
2022-12-02 17:29:10 +02:00
Kubernetes Prow Robot
f740f084e0
Merge pull request #976 from marquiz/docs/customization-guide
docs: small update to customization guide
2022-12-01 12:51:55 -08:00
Markus Lehtonen
72e523f277 scripts/mdlint: update mdlint to v0.12.0 2022-12-01 20:57:21 +02:00
Markus Lehtonen
32b252147c docs: small update to customization guide
Add a reference to the label rule format in the NodeFeatureRule section.
Also make it explicit in the beginning of Hooks section that hooks are
deprecated.
2022-12-01 18:33:48 +02:00
Markus Lehtonen
8a45384037 docs: simplify quick-start page
Move topology-updater deployment notes to the topology-updater usage
page. Also, rework the plaintext and headings a bit.
2022-12-01 12:22:23 +02:00
Markus Lehtonen
cdc7558f6f docs: better document custom resources
Add a separate page for describing the custom resources used by NFD.
Simplify the Introduction page by moving the details of
NodeResourceTopology from there. Similarly, drop long
NodeResourceTopology example from the quick-start page, making the page
shorter and simpler.
2022-12-01 11:12:59 +02:00
Kubernetes Prow Robot
efc833d1c7
Merge pull request #970 from marquiz/docs/worker-helm-sa-params
docs: document helm chart params related to worker serviceaccount
2022-11-28 08:36:08 -08:00
Markus Lehtonen
d0a4cf7564 docs: document helm chart params related to worker serviceaccount 2022-11-28 18:07:17 +02:00
Markus Lehtonen
c1fa8b2f28 docs: revise topology-updater helm chart rbac parameters 2022-11-28 17:49:19 +02:00
Markus Lehtonen
eb8e29c80a nfd-worker: drop deprecated command line flags
Drop the following flags that were deprecated already in v0.8.0:

-sleep-interval  (replaced by core.sleepInterval config file option)
-label-whitelist (replaced by core.labelWhiteList config file option)
-sources         (replaced by -label-sources flag)
2022-11-23 22:33:51 +02:00
Talor Itzhak
d495376f06 docs: topology-updater: update docs for exclude-list feature
Update the docs with explanations and examples
about the exclude-list feature.

Signed-off-by: Talor Itzhak <titzhak@redhat.com>
2022-11-21 21:31:51 +02:00
Markus Lehtonen
6f49421c0e docs: update github-pages gem to v227 2022-11-16 21:08:13 +02:00
Garrybest
3ec1b94020 get kubelet config from configz
Signed-off-by: Garrybest <garrybest@foxmail.com>
2022-11-08 23:52:35 +08:00
Markus Lehtonen
6171c745a4 docs: restructure docs
Introduce two main sections "Deployment" and "Usage" and move "Developer
guide" to the top level, too. In particular, split the huge
deployment-and-usage file into multiple parts under the new main
sections. Move customization guide from "Advanced" to "Usage".
This patch also renames "Advanced" to "Reference" as only that is left
there is reference documentation.
2022-11-03 10:26:56 +02:00
Markus Lehtonen
3a279ce751 docs: update the name of the base image 2022-11-02 15:10:46 +02:00
Kubernetes Prow Robot
e5c8180558
Merge pull request #937 from pacoxu/master
Stop using the beta.kubernetes.io/os and arch labels
2022-10-27 05:36:32 -07:00
Paco Xu
4e12ed8aac Stop using the beta.kubernetes.io/os and arch labels 2022-10-27 11:03:14 +08:00
Fabiano Fidêncio
d5db1cf907 cpu: Discover Intel TDX
Set `cpu-security.tdx.enable` to `true` when TDX is avialable and has
been enabled. otherwise it'll be set to `false`.

`/sys/module/kvm_intel/parameters/tdx` presence and content is used to
detect whether a CPU is Intel TDX capable.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2022-10-03 09:56:24 +02:00
Kubernetes Prow Robot
8662d17530
Merge pull request #871 from fmuyassarov/disable-hook
Config option to disable hooks
2022-09-26 10:40:08 -07:00
Markus Lehtonen
db7dd93a64 docs: fix incorrect shell snippet for removing labels 2022-09-15 16:18:09 +03:00
Markus Lehtonen
f21315d85f Update kubernetes registry to registry.k8s.io
Update registry location for non-nfd images.
2022-09-12 11:23:04 +03:00
Markus Lehtonen
4f34451db8 Update NFD registry to registry.k8s.io
Kubernetes has moved to a new container image registry:
https://groups.google.com/a/kubernetes.io/g/dev/c/DYZYNQ_A6_c/m/FpHqeVR2BAAJ
2022-09-12 11:21:12 +03:00
Kubernetes Prow Robot
77af16fe9d
Merge pull request #880 from fmuyassarov/add-tiltfile/feruz
Add Tilt option for developing NFD
2022-09-06 12:06:23 -07:00
Kubernetes Prow Robot
81da164b7f
Merge pull request #833 from marquiz/devel/security-refactor
cpu: re-organize security features
2022-09-01 05:29:06 -07:00
Feruzjon Muyassarov
e7af8d068f Update documentation about hooks depreciation
Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
2022-09-01 10:58:35 +03:00
Feruzjon Muyassarov
a675fd93fd Don't advertise BASE_IMAGE_FULL and BASE_IMAGE_MINIMAL
Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
2022-08-30 17:37:01 +03:00
Feruzjon Muyassarov
a30ceb2973 Describe how to develop locally with Tilt
Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
2022-08-30 17:36:58 +03:00
Viktor Oreshkin
7498e49ba5 helm: add priorityClassName to worker
Signed-off-by: Viktor Oreshkin <imselfish@stek29.rocks>
2022-08-22 06:45:52 +03:00
Francesco Romani
622adf3863 test: e2e: configurable pull policy
In some cases (CI) it is useful to run NFD e2e tests using
ephemeral clusters. To save time and bandwidth, it is also useful
to prime the ephemeral cluster with the images under test.

In these circumstances there is no risk of running a stale image,
and having a `Always` PullPolicy hardcoded actually makes
the whole exercise null.

So we add a new option, disabled by default, to make the e2e
manifest use the `IfNotPresent` pull policy, to effectively
cover this use case.

Signed-off-by: Francesco Romani <fromani@redhat.com>
2022-08-10 15:06:59 +02:00
Mikko Ylinen
026fcb2199 go.mod: update github.com/klauspost/cpuid to v2.1.0
The release relaxes detection of features that have non-AVX512
versions etc..

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2022-08-09 11:25:39 +03:00
Markus Lehtonen
f62b057bcd cpu: re-organize security features
Move existing security/trusted-execution related features (i.e. SGX and
SE) under the same "security" feature, deprecating the old features. The
motivation for the change is to keep the source code and user interface
more organized as we experience a constant inflow of similar security
related features. This change will affect the user interface so it is
less painful to do it early on.

New feature labels will be:

  feature.node.kubernetes.io/cpu-security.se.enabled
  feature.node.kubernetes.io/cpu-security.sgx.enabled

and correspondingly new "cpu.security" feature with "se.enabled" and
"sgx.enabled" elements will be available for custom rules, for example:

      - name: "sample sgx rule"
        labels:
          sgx.sample.feature: "true"
        matchFeatures:
          - feature: cpu.security
            matchExpressions:
              "sgx.enabled": {op: IsTrue}

At the same time deprecate old labels "cpu-sgx.enabled" and
"cpu-se.enabled" feature labels and the corresponding features for
custom rules. These will be removed in the future causing an effective
change in NFDs user interface.
2022-06-28 13:38:31 +03:00
Markus Lehtonen
136c036d4d Drop the iommu source
It was deprecated in v0.10.0.
2022-06-14 15:00:29 +03:00
Markus Lehtonen
b480f5b0ba docs: small typo fix in cpuid feature list 2022-06-08 09:16:37 +03:00
Markus Lehtonen
cc1da2efe3 docs: update x86 cpuid feature list
Update the partial list of x86 cpuid features that are presented in the
NFD documentation. In particular, the following instructions were left
out of the list: AVXSLOW, CETIBT, CETSS, CLDEMOTE, HLE, MPX, RTM,
RTM_ALWAYS_ABORT, SERIALIZE, SHA, TSXLDTRK.
2022-06-07 11:56:12 +03:00
Markus Lehtonen
05af1841cd docs: fix operator deployment instructions
Namespace parameter was dropped in operator v0.4.0.
2022-05-02 13:27:18 +03:00
Markus Lehtonen
9424eb7042 docs: remove fixed release tag in developer guide
Let the documentation follow the latest release name. Even if it's just
referential here it would look odd in the future if we refer to some
ancient version.
2022-03-29 09:47:42 +03:00
Jakob Naucke
9e95dde38b
cpu: Discover IBM Secure Execution
Set `cpu.se-enabled` to `true` when IBM Secure Execution for Linux
(IBM Z & LinuxONE) is available and has been enabled.

Uses `/sys/firmware/uv/prot_virt_host`, which is available in kernels
>=5.12 + backports. For simplicity, skip more complicated facility &
kernel cmdline lookups.
2022-03-28 12:28:07 +02:00
Carlos Eduardo Arango Gutierrez
cb0a6fca53
Add cpu-model feature detection (#792)
* Add cpu-model feature detection

Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>

* Apply suggestions from code review

Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>

Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>
2022-03-28 02:51:23 -07:00
Kubernetes Prow Robot
f952b9feed
Merge pull request #794 from dailymotion-oss/feat/add-annotations-dp-ds
helm: add annotations to daemonset and deployment
2022-03-25 07:37:59 -07:00
Cyril Corbon
eeb1f0d5e5
helm: add annotations to daemonset and deployment
Signed-off-by: Cyril Corbon <cyril.corbon@dailymotion.com>
2022-03-24 12:13:29 +01:00
Markus Lehtonen
36341bf4c7 apis/nfd: empty match expression set returns no features for templates
This patch changes a rare corner case of custom label rules with an
empty set of matchexpressions. The patch removes a special case where an
empty match expression set matched everything and returned all feature
elements for templates to consume. With this patch the match expression
set logically evaluates all expressions in the set and returns all
matches - if there are no expressions there are no matches and no
matched features are returned. However, the overall match result
(determining if "non-template" labels will be created) in this special
case will be "true" as before as none of the zero match expressions
failed.

The former behavior was somewhat illogical and counterintuitive: having
1 to N expressions matched and returned 1 to N features (at most), but,
having 0 expressions always matched everything and returned all
features. This was some leftover proof-of-concept functionality (for
some possible future extensions) that should have been removed before
merging.
2022-03-24 11:43:42 +02:00
Carlos Eduardo Arango Gutierrez
73d874b92f
Fix a couple typos
Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>
2022-03-23 19:16:01 -04:00
Mikko Ylinen
9bbb960d35 deployment/helm: add resourceLabels to master args
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2022-03-23 06:59:49 +02:00
Kubernetes Prow Robot
dbc70713f7
Merge pull request #716 from marquiz/devel/iommu-version
source/pci: detect intel-iommu/version
2022-03-15 05:32:12 -07:00
Vaibhav Goel
b070684af0
Fixed the incorrect references (#769)
* Fixed the incorrect references in customization guide

* Fixd the line length issue on PR

* Fixed again the length issue

* Updated customization.md
2022-03-15 05:16:11 -07:00
Cam Hutchison
678080c5f1 docs: Update default K8S_NAMESPACE
Change the default K8S_NAMESPACE to node-feature-discovery from
kube-system. The default was changed in the Makefile in commit
5d4484a1d9, but the docs were not updated
to correspond with that.
2022-02-14 19:19:49 +11:00
Kubernetes Prow Robot
27ccbcec55
Merge pull request #754 from marquiz/documentation/custom-config
docs: use new custom rule format in worker config reference
2022-01-25 09:30:31 -08:00
Markus Lehtonen
fc32386287 docs: re-fix operator deployment instructions
Back to how it was - the 'stable' channel went away in the latest NFD
update on community-opetors (operatorhub.io).
2022-01-25 18:27:15 +02:00
Kubernetes Prow Robot
8bb3c84578
Merge pull request #726 from marquiz/documentation/operator-deployment
docs: fix operator deployment instructions
2022-01-25 05:42:32 -08:00
Kaito Ii
a717cfd716
docs: update helm document to match values.yaml (#727)
* update helm document to match values.yaml

* Add links
2022-01-25 01:00:32 -08:00
Markus Lehtonen
e3661bda30 docs: use new custom rule format in worker config reference
Also, update the reference linking to the documentation of the custom
source to point to the customization guide.
2022-01-25 10:31:21 +02:00
Markus Lehtonen
3a70803352 docs: drop topology-updater cmdline help from developer guide
Similar to what we did for nfd-master and nfd-worker in
0d21b3d720.
2022-01-21 17:06:52 +02:00
Markus Lehtonen
7e1f5cb347 docs: clarify deployment requirements 2022-01-21 15:21:51 +02:00
Markus Lehtonen
64b3838579 source/pci: detect intel-iommu/version
Discover "iommu/intel-iommu/version" sysfs attribute for pci devices.
This information is available for custom label rules.

An example custom rule:

  - name: "iommu version rule"
    labels:
      iommu.version_1: "true"
    matchFeatures:
      - feature: pci.device
        matchExpressions:
          "iommu/intel-iommu/version": {op: In, value: ["1:0"]}
2022-01-21 15:16:37 +02:00
Markus Lehtonen
f302962519 docs: fix operator deployment instructions 2022-01-21 15:15:20 +02:00
Kubernetes Prow Robot
8ea6b765c8
Merge pull request #698 from zvonkok/multi-arch
Multi ARCH build amd64, arm64
2022-01-20 07:21:52 -08:00
Zvonko Kaiser
c69e47a27a Iniital multi arch build 2022-01-20 15:41:08 +01:00
Kubernetes Prow Robot
cc08c39902
Merge pull request #715 from marquiz/documentation/features
docs: small fix in block and net features in customization guide
2022-01-11 06:41:17 -08:00
Markus Lehtonen
58a1b04b2f docs: small fix in block and net features in customization guide
In the list of available features, list 'name' separately as it's not
from a sysfs file like the other attributes.
2022-01-11 12:01:55 +02:00
Markus Lehtonen
152f3531fe source/pci: add iommu_group/type attribute
Add "iommu_group/type" to the list of PCI device attributes that are
discovered. The value is the raw value from sysfs (i.e DMA, DMA-FQ or
identity).

No built-in (automatic) labels are generated based on this, but, the
attribute is available for custom label rules to use. Examples of custom
rules:

  - name: "iommu enabled rule"
    labels:
      iommu.enabled: "true"
    matchFeatures:
      - feature: pci.device
        matchExpressions:
          "iommu_group/type": {op: NotIn, value: ["unknown"]}

  - name: "iommu passthrough rule"
    labels:
      iommu.passthrough: "true"
    matchFeatures:
      - feature: pci.device
        matchExpressions:
          "iommu_group/type": {op: In, value: ["identity"]}
2022-01-11 11:54:54 +02:00
Markus Lehtonen
fc25bf2dc2 docs: small tinkering on the TLS documentation
Add cross-referencing links to the helm deployment and configuration
sections. Use correct names for the tls related helm options
(tls.enabled and tls.certManager).
2022-01-10 19:12:05 +02:00
Kubernetes Prow Robot
5a2e0ce5a6
Merge pull request #704 from marquiz/documentation/customization-guide
docs: add customization guide
2022-01-10 08:17:13 -08:00
Dave Baker
9215d171c5 Initial bash at new TLS docs 2022-01-10 11:40:43 +00:00
Markus Lehtonen
302aa5a82a docs: add customization guide
Add a separate customization guide. Move documentation of the custom and
local sources there. Also, cover the new NodeFeatureRules custom
resource and the new expression-based label rule format.

This patch also simplifies the "Feature labels" page, describing
built-in labels. Reformat the tables describing feature labels.
2022-01-08 09:56:05 +02:00
Kubernetes Prow Robot
1567900238
Merge pull request #677 from marquiz/devel/iommu-deprecation
source/iommu: deprecate and disable by default
2022-01-05 10:05:48 -08:00
Kubernetes Prow Robot
ffb6a294e5
Merge pull request #699 from marquiz/devel/helm-featurerule-controller
deployment/helm: disable nfr controller for parallel instances
2022-01-05 06:08:34 -08:00
Markus Lehtonen
edb3e6824c deployment/helm: disable nfr controller for parallel instances
Change the helm chart so that the NodeFeatureRule controller will be
disabled for other than the default deployment (i.e. all deployments
where master.instance is non-empty), unless explicitly set to true. With
this we try to ensure that there is only on controller instance for the
CR, avoiding contention and conflicts.
2022-01-04 21:25:02 +02:00
Markus Lehtonen
812073a025 deployment/helm: refactor nfd-master rbac parameters
Move top-level serviceAccount and rbac fields under master, making the
Helm chart more coherent.

Also, drop unused rbac.serviceAccountName and
rbac.serviceAccountAnnotations from values.yaml.
2022-01-04 16:30:11 +02:00
Dave Baker
b0834d7862 Enable TLS and cert-manager created certs for helm chart 2022-01-04 12:27:02 +00:00
Markus Lehtonen
838a375f85 source/iommu: deprecate and disable by default
Deprecate the iommu source and disable it by default.
2021-12-20 10:21:29 +02:00
Markus Lehtonen
b89429a4db source/local: don't prefix label names with the filename
Implicitly injecting the filename of the hook/featurefile into the name
of the label is confusing, counter-intuitive and unnecessarily complex
to understand. It's much clearer to advertise features and labels as
presented in the feature file / output of the hook.

NOTE: this breaks backwards compatibility with usage scenarios that rely
on prefixing the label with the filename.
2021-12-13 09:00:59 +02:00
Markus Lehtonen
df25b81c2e docs: fix mistake in md format
Accidentally introduced in a57a25f63c.
2021-12-08 14:39:30 +02:00
Markus Lehtonen
58e1461d90 nfd-worker: add -feature-sources command line flag
Allows controlling (enable/disable) the "raw" feature detection.
Especially useful for development and testing.
2021-12-03 09:42:35 +02:00
Markus Lehtonen
df6909ed5e nfd-worker: add core.featureSources config option
Add a configuration option for controlling the enabled "raw" feature
sources. This is useful e.g. in testing and development, plus it also
allows fully shutting down discovery of features that are not needed in
a deployment. Supplements core.labelSources which controls the
enablement of label sources.
2021-12-03 09:42:35 +02:00
Markus Lehtonen
8cd58af613 nfd-worker: disable sources more easily
Make it easier to disable single sources by prefixing the source name
with a dash ('-') in the core.sources config option (or -sources cmdline
flag).
2021-12-02 10:36:51 +02:00
Markus Lehtonen
f00be091e3 docs: amend the documentation of core.labelSources option 2021-12-02 10:36:51 +02:00
Markus Lehtonen
a22bab2d3d docs: update docs on label-sources option
Update documentation on core.labelSources/core.sources config file
options and -label-sources/-sources command line flags.
2021-12-01 17:11:49 +02:00
Kubernetes Prow Robot
86bfe74cd7 Merge pull request #671 from marquiz/fixes/single-dash-flags
Use single-dash format of cmdline flags
2021-12-01 06:45:15 -08:00
Markus Lehtonen
a57a25f63c Use single-dash format of cmdline flags
Use the single-dash (i.e. '-option' instead of '--option') format
consistently accross log messages and documentation. This is the format
that was mostly used, already, and shown by command line help of the
binaries, for example.
2021-11-25 18:03:54 +02:00
Markus Lehtonen
0d21b3d720 docs: drop cmdline help from developer guide
These just keep getting out of sync and do not provide much value. Also,
we do have dedicated cmdline reference for all the executables.
2021-11-25 13:56:09 +02:00
Mikko Ylinen
8a39434659 source/cpu: detect Intel SGX
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2021-11-23 15:57:31 +02:00
Markus Lehtonen
e8872462dc nfd-master: add -featurerules-controller flag
Add a new command line flag for disabling/enabling the controller for
NodeFeatureRule objects. In practice, disabling the controller disables
all labels generated from rules in NodeFeatureRule objects.
2021-11-22 16:57:42 +02:00
Markus Lehtonen
e6e32a88c3 nfd-master: implement controller for NodeFeatureRule CRs
Implement a simple controller stub that operates on NodeFeatureRule
objects. The controller does not yet have any functionality other than
logging changes in the (NodeFeatureRule) objecs it is watching.

Also update the documentation on the -no-publish flag to match the new
functionality.
2021-11-22 16:57:42 +02:00
Kubernetes Prow Robot
ec57057d3c
Merge pull request #659 from vaibhav2107/contri-slack
Update the link of slack channel
2021-11-18 00:19:04 -08:00
Vaibhav
e4385d2402 Update the link of slack channel 2021-11-18 11:39:18 +05:30
Markus Lehtonen
c3e2315834 pkg/apis/nfd: specify CRD for custom labeling rules
Add a cluster-scoped Custom Resource Definition for specifying labeling
rules. Nodes (node features, node objects) are cluster-level objects and
thus the natural and encouraged setup is to only have one NFD deployment
per cluster - the set of underlying features of the node stays the same
independent of how many parallel NFD deployments you have. Our extension
points (hooks, feature files and now CRs) can be be used by multiple
actors (depending on us) simultaneously. Having the CRD cluster-scoped
hopefully drives deployments in this direction. It also should make
deployment of vendor-specific labeling rules easy as there is no need to
worry about the namespace.

This patch virtually replicates the source.custom.FeatureSpec in a CRD
API (located in the pkg/apis/nfd/v1alpha1 package) with the notable
exception that "MatchOn" legacy rules are not supported. Legacy rules
are left out in order to keep the CRD simple and clean.

The duplicate functionality in source/custom will be dropped by upcoming
patches.

This patch utilizes controller-gen (from sigs.k8s.io/controller-tools)
for generating the CRD and deepcopy methods. Code can be (re-)generated
with "make generate". Install controller-gen with:

  go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0

Update kustomize and helm deployments to deploy the CRD.
2021-11-17 13:40:23 +02:00
Swati Sehgal
b444ef95a8 NFD-Topology-Updater: Bump NRT API to version v0.0.12
The NodeResourceTopology API has been made cluster
scoped as in the current context a CR corresponds to
a Node and since Node is a cluster scoped resource it
makes sense to make NRT cluster scoped as well.

Ref: https://github.com/k8stopologyawareschedwg/noderesourcetopology-api/pull/18
Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
2021-11-16 13:28:23 +00:00
Ukri Niemimuukko
90598d3b5a More topology updater documentation typo fixes
Signed-off-by: Ukri Niemimuukko <ukri.niemimuukko@intel.com>
2021-11-12 14:25:32 +02:00
Kubernetes Prow Robot
b26a12cc17
Merge pull request #640 from eliaskoromilas/worker-config
deployment: Implicitly generate the worker ConfigMap name
2021-11-12 03:38:28 -08:00
Ukri Niemimuukko
0a2e3bb18d Topology-updater introduction typo fix
Signed-off-by: Ukri Niemimuukko <ukri.niemimuukko@intel.com>
2021-11-12 12:10:33 +02:00
Elias Koromilas
e22b937391 Implicitly generate the worker ConfigMap name
Signed-off-by: Elias Koromilas <elias.koromilas@gmail.com>
2021-11-03 11:21:58 +02:00
Swati Sehgal
ab62172a8d Documentation capturing enablement of NFD-Topology-Updater in NFD
Prior to this feature, NFD consisted of only software components namely
nfd-master and nfd-worker. We have introduced another software component
called nfd-topology-updater.

NFD-Topology-Updater is a daemon responsible for examining allocated resources
on a worker node to account for allocatable resources on a per-zone basis (where
a zone can be a NUMA node). It then communicates the information to nfd-master
which does the CRD creation corresponding to all the nodes in the cluster. One
instance of nfd-topology-updater is supposed to be running on each node of the
cluster.

Signed-off-by: Swati Sehgal <swsehgal@redhat.com>
2021-10-29 10:14:38 +01:00
Markus Lehtonen
9e9ff951b2 docs: mention minimum required kubectl version
Kubectl prior to v1.21 contains too old version of kustomize for our
(kustomize-based) deployment to work.
2021-10-26 18:01:25 +03:00
Wei Zhang
158a5590ab deployment: add topology updater helm chart
Signed-off-by: Wei Zhang <kweizh@gmail.com>
2021-10-26 10:52:40 +08:00
Elias Koromilas
c17a898c4c
deployment: Simplify NFD worker configuration in Helm (#627)
* Simplify NFD worker service configuration in Helm

Signed-off-by: Elias Koromilas <elias.koromilas@gmail.com>

* Update docs/get-started/deployment-and-usage.md

Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>

Co-authored-by: Markus Lehtonen <markus.lehtonen@intel.com>
2021-10-25 09:34:23 -07:00
Markus Lehtonen
d65d6ab2f4 docs: update ruby deps 2021-10-11 11:27:16 +03:00
Markus Lehtonen
f8bacd9097 docs: update jekyll-rdt-theme to v2.0.10
Update jekyll-rdt-theme to the latest released version. Also sync site
customization (docs/_includes) with that.
2021-10-11 11:26:37 +03:00
Markus Lehtonen
819f333118 docs: fix TOCs
Make table of contents in the pages cleaner and more readable by
dropping the main heading (H1 level) from TOCs. This was the original
intention with the usage of "no_toc" kramdown magic, which was broken,
however. The kramdown class magic needs to be specified on the line
immediately following the headinds, otherwise it has no effect. We need
to disable MD022 rule of mdlint as it does not understand this magic.
2021-09-30 10:26:25 +03:00
krishna2603
dbb99c6f18
Update developer-guide.md
changed exapmle to example
2021-09-29 23:58:27 +05:30
Markus Lehtonen
89d0f4ff3c docs: remote wip note from worker configuration reference
All configuration options are documented.
2021-09-27 15:37:50 +03:00
Carlos Eduardo Arango Gutierrez
6f4fbefacd
Fix broken link on docs/get-started
Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>
2021-09-21 07:57:55 -05:00
Carlos Eduardo Arango Gutierrez
f9e09e5fd4
Fix broken link for worker-conf example
Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>
2021-09-02 11:41:03 -05:00
Kubernetes Prow Robot
92920d48d3
Merge pull request #589 from vaibhav2107/link-deploy
Fix a link in deployment-and-usage.md
2021-09-02 05:46:10 -07:00
Vaibhav
ac720ef57a Fix a link in deployment-and-usage.md 2021-09-01 22:41:04 +05:30
Kubernetes Prow Robot
189f86bec8
Merge pull request #548 from marquiz/devel/profile-ns
nfd-master: allow profile.node.kubernetes.io label ns
2021-08-27 07:24:04 -07:00
Vaibhav Goel
87feb9610b
Fix the typo in deployment-and-usage.md (#575)
* Fix the typo in deployment-and-usage.md

* Update in doc/get-started/deployment-and-usage.md
2021-08-25 00:32:39 -07:00
Kubernetes Prow Robot
c07c6354fc
Merge pull request #572 from marquiz/docs/cstate
docs: clarify the cpu.cstate feature
2021-08-19 07:55:24 -07:00
Markus Lehtonen
7dfd7d289f docs: document all the provided kustomize overlays 2021-08-18 15:10:25 +03:00
Markus Lehtonen
63c1256d08 Drop deployment templates
Resort to kustomize, instead. Update docs and scripts, accordingly.

Bump cert-manager version in the deployment instructions to v1.5.1.
2021-08-18 15:10:25 +03:00
Markus Lehtonen
0f2554abf1 helm: move files under deployment/helm 2021-08-16 14:44:26 +03:00
Markus Lehtonen
4ef58d7fc8 docs: clarify the cpu.cstate feature 2021-08-13 11:43:03 +03:00
Markus Lehtonen
55bd633425 nfd-master: allow profile.node.kubernetes.io label ns
Add a separate label namespace for profile labels, intended for
user-specified higher level "meta features". Also sub-namespaces of this
(i.e. <sub-ns>.profile.node.kubernetes.io) are allowed.
2021-08-10 19:39:59 +03:00
Kubernetes Prow Robot
4a22a39928
Merge pull request #536 from marquiz/devel/label-sub-ns
nfd-master: allow sub-namespaces of the default label ns
2021-08-10 04:19:18 -07:00
Markus Lehtonen
eb666f521d nfd-master: allow sub-namespaces of the default label ns
Allow <sub-ns>.feature.node.kubernetes.io label namespaces. Makes it
possible to have e.g. vendor specific label ns without the need to user
-extra-label-ns.
2021-08-10 11:41:52 +03:00
Carlos Eduardo Arango Gutierrez
59172007b2
Remove wrong comands
Signed-off-by: Carlos Eduardo Arango Gutierrez <carangog@redhat.com>
2021-08-04 21:01:02 -05:00
Markus Lehtonen
31bd91988f cpuid: correct the name of SSE4* cpuid flags
The naming was changed in when with cpuid v2
(github.com/klauspost/cpuid/v2) and we didn't catch this in NFD. No
issue reports of the inadvertent naming change so let's just adapt to
the updated naming in NFD configuration. The SSE4* labels are disabled
by default so they're not widely used, if at all.
2021-07-06 11:54:55 +03:00
Markus Lehtonen
4d19e1ab85 docs: show full version number in sidebar
Change the sidebar customization so that the full version (e.g. v0.8.2)
is displayed, instead of the truncated "releae branch version" (e.g.
v0.8) in the top left corner of the page. The items in the version menu
are unchanged and will still show the shorter form.
2021-05-19 11:02:10 +03:00
Jorik Jonker
d857f88d2d Add support for using USB device serial number
In my homelab, I have different FTDI serial converters connected to
several utility meters. They all have identical vendor/device, but
different serials.

In order to detect a specific FTDI unit (eg.  the one connected to my
electricity meter), I'd like feature labels triggered by a specific USB
serial.

Signed-off-by: Jorik Jonker <jorik@kippendief.biz>
2021-05-06 13:34:39 +00:00
Jordan Jacobelli
630e97a52c helm: add extraLabelNs master flag
Signed-off-by: Jordan Jacobelli <jordanjacobelli04@gmail.com>
2021-04-20 16:25:12 +02:00
robertdavidsmith
77bd4e4cf6
Accept client certs based on SAN, not just CN (#514)
* first attempt at SAN-based VerifyNodeName

* Update docs on verify-node-name
2021-04-20 01:44:32 -07:00
rmr-silicom
a896ff3011
Add support for configurable runtime full and minimal images. (#513)
* Add support for configurable runtime full and minimal images.

* Fixups and renamings.

* Change variables *_IMG_* to *_IMAGE_*

* Fix args in Dockerfile also.
2021-04-20 00:42:33 -07:00
Markus Lehtonen
72a4162c98 docs: fixes in Helm documentation
Use correct spelling of Helm in heading (start with a capital letter).
Use https url for the chart repo.
2021-04-13 10:09:43 +03:00
Kubernetes Prow Robot
ba51a92d63
Merge pull request #492 from adrianchiris/doc-fix-1
Docs: Add Table header to master/worker chart parameters
2021-03-18 10:11:20 -07:00
Adrian Chiris
30dabcf7bf Docs: Add Table header to master/worker chart parameters
While on the project website it looks OK, it does
not render correctly in Markdown.

Signed-off-by: Adrian Chiris <adrianc@nvidia.com>
2021-03-18 15:31:41 +00:00
Markus Lehtonen
11def7b459 docs: describe Helm repo as the primary option for Helm 2021-03-18 16:55:28 +02:00
Kubernetes Prow Robot
b8a1426252
Merge pull request #481 from marquiz/docs/config-reference
docs: document all config file options
2021-03-17 06:28:56 -07:00