mirrors/node-feature-discovery
mirrors/node-feature-discovery
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2025-03-09 02:07:03 +00:00
Code Activity
node-feature-discovery/docs/reference/master-configuration-reference.md
Markus Lehtonen 45f49d574a nfd-master: drop resourceLabels 
Drop the resourceLabels config file option and the corresponding
-resource-labels command line flag. They were deprecated in NFD v0.13 so
it's time to let them go. NodeFeatureRule(s) should be used to manage
ERs, instead.
2024-11-07 15:16:52 +02:00

421 lines
9.1 KiB
Markdown
Raw Blame History

---
title: "Master config reference"
layout: default
sort: 3
---
# Configuration file reference of nfd-master
{: .no_toc}
## Table of contents
{: .no_toc .text-delta}
1. TOC
{:toc}
---
See the
[sample configuration file](https://github.com/kubernetes-sigs/node-feature-discovery/blob/{{site.release}}/deployment/components/master-config/nfd-master.conf.example)
for a full example configuration.
## noPublish
`noPublish` option disables updates to the Node objects in the Kubernetes
API server, making a "dry-run" flag for nfd-master. No Labels, Annotations, Taints
or ExtendedResources of nodes are updated.
Default: `false`
Example:
```yaml
noPublish: true
```
## extraLabelNs
`extraLabelNs` specifies a list of allowed feature
label namespaces. This option can be used to allow
other vendor or application specific namespaces for custom labels from the
local and custom feature sources, even though these labels were denied using
the `denyLabelNs` parameter.
Default: *empty*
Example:
```yaml
extraLabelNs: ["added.ns.io","added.kubernets.io"]
```
## denyLabelNs
`denyLabelNs` specifies a list of excluded
label namespaces. By default, nfd-master allows creating labels in all
namespaces, excluding `kubernetes.io` namespace and its sub-namespaces
(i.e. `*.kubernetes.io`). However, you should note that
`kubernetes.io` and its sub-namespaces are always denied.
This option can be used to exclude some vendors or application specific
namespaces.
Default: *empty*
Example:
```yaml
denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
```
## autoDefaultNs
**DEPRECATED**: Will be removed in NFD v0.17. Use the
[DisableAutoPrefix](feature-gates.md#disableautoprefix) feature gate instead.
The `autoDefaultNs` option controls the automatic prefixing of names. When set
to true (the default in NFD version {{ site.version }}) nfd-master
automatically adds the default `feature.node.kubernetes.io/` prefix to
unprefixed labels, annotations and extended resources - this is also the
default behavior in NFD v0.15 and earlier. When the option is set to `false`,
no prefix will be prepended to unprefixed names, effectively causing them to be
filtered out (as NFD does not allow unprefixed names of labels, annotations or
extended resources). The default will be changed to `false` in a future
release.
For example, with the `autoDefaultNs` set to `true`, a NodeFeatureRule with
```yaml
labels:
foo: bar
```
Will turn into `feature.node.kubernetes.io/foo=bar` node label. With
`autoDefaultNs` set to `false`, no prefix is added and the label will be
filtered out.
Note that taint keys are not affected by this option.
Default: `true`
Example:
```yaml
autoDefaultNs: false
```
## enableTaints
`enableTaints` enables/disables node tainting feature of NFD.
Default: *false*
Example:
```yaml
enableTaints: true
```
## labelWhiteList
`labelWhiteList` specifies a regular expression for filtering feature
labels based on their name. Each label must match against the given regular
expression or it will not be published.
> ** NOTE:** The regular expression is only matches against the "basename" part
> of the label, i.e. to the part of the name after '/'. The label namespace is
> omitted.
Default: *empty*
Example:
```yaml
labelWhiteList: "foo"
```
## resyncPeriod
The `resyncPeriod` option specifies the NFD API controller resync period.
The resync means nfd-master replaying all NodeFeature and NodeFeatureRule objects,
thus effectively re-syncing all nodes in the cluster (i.e. ensuring labels, annotations,
extended resources and taints are in place).
Default: 1 hour.
Example:
```yaml
resyncPeriod: 2h
```
## leaderElection
The `leaderElection` section exposes configuration to tweak leader election.
### leaderElection.leaseDuration
`leaderElection.leaseDuration` is the duration that non-leader candidates will
wait to force acquire leadership. This is measured against time of
last observed ack.
A client needs to wait a full LeaseDuration without observing a change to
the record before it can attempt to take over. When all clients are
shutdown and a new set of clients are started with different names against
the same leader record, they must wait the full LeaseDuration before
attempting to acquire the lease. Thus LeaseDuration should be as short as
possible (within your tolerance for clock skew rate) to avoid a possible
long waits in the scenario.
Default: 15 seconds.
Example:
```yaml
leaderElection:
leaseDurtation: 15s
```
### leaderElection.renewDeadline
`leaderElection.renewDeadline` is the duration that the acting master will retry
refreshing leadership before giving up.
This value has to be lower than leaseDuration and greater than retryPeriod*1.2.
Default: 10 seconds.
Example:
```yaml
leaderElection:
renewDeadline: 10s
```
### leaderElection.retryPeriod
`leaderElection.retryPeriod` is the duration the LeaderElector clients should wait
between tries of actions.
It has to be greater than 0.
Default: 2 seconds.
Example:
```yaml
leaderElection:
retryPeriod: 2s
```
## nfdApiParallelism
The `nfdApiParallelism` option can be used to specify the maximum
number of concurrent node updates.
Default: 10
Example:
```yaml
nfdApiParallelism: 1
```
## klog
The following options specify the logger configuration. Most of which can be
dynamically adjusted at run-time.
> **NOTE:** The logger options can also be specified via command line flags
> which take precedence over any corresponding config file options.
### klog.addDirHeader
If true, adds the file directory to the header of the log messages.
Default: `false`
Run-time configurable: yes
### klog.alsologtostderr
Log to standard error as well as files.
Default: `false`
Run-time configurable: yes
### klog.logBacktraceAt
When logging hits line file:N, emit a stack trace.
Default: *empty*
Run-time configurable: yes
### klog.logDir
If non-empty, write log files in this directory.
Default: *empty*
Run-time configurable: no
### klog.logFile
If non-empty, use this log file.
Default: *empty*
Run-time configurable: no
### klog.logFileMaxSize
Defines the maximum size a log file can grow to. Unit is megabytes. If the
value is 0, the maximum file size is unlimited.
Default: `1800`
Run-time configurable: no
### klog.logtostderr
Log to standard error instead of files
Default: `true`
Run-time configurable: yes
### klog.skipHeaders
If true, avoid header prefixes in the log messages.
Default: `false`
Run-time configurable: yes
### klog.skipLogHeaders
If true, avoid headers when opening log files.
Default: `false`
Run-time configurable: no
### klog.stderrthreshold
Logs at or above this threshold go to stderr (default 2)
Run-time configurable: yes
### klog.v
Number for the log level verbosity.
Default: `0`
Run-time configurable: yes
### klog.vmodule
Comma-separated list of `pattern=N` settings for file-filtered logging.
Default: *empty*
Run-time configurable: yes
## restrictions (EXPERIMENTAL)
The following options specify the restrictions that can be applied by the
nfd-master on the deployed Custom Resources in the cluster.
### restrictions.nodeFeatureNamespaceSelector
The `nodeFeatureNamespaceSelector` option specifies the NodeFeatures namespaces
to watch, which can be selected by using `metav1.LabelSelector` as a type for
this option. An empty value selects all namespaces to be watched.
Default: *empty*
Example:
```yaml
restrictions:
nodeFeatureNamespaceSelector:
matchLabels:
kubernetes.io/metadata.name: "node-feature-discovery"
matchExpressions:
- key: "kubernetes.io/metadata.name"
operator: "In"
values:
- "node-feature-discovery"
```
### restrictions.disableLabels
The `disableLabels` option controls whether to allow creation of node labels
from NodeFeature and NodeFeatureRule CRs or not.
Default: false
Example:
```yaml
restrictions:
disableLabels: true
```
### restrictions.disableExtendedResources
The `disableExtendedResources` option controls whether to allow creation of
node extended resources from NodeFeatureRule CR or not.
Default: false
Example:
```yaml
restrictions:
disableExtendedResources: true
```
### restrictions.disableAnnotations
he `disableAnnotations` option controls whether to allow creation of node annotations
from NodeFeatureRule CR or not.
Default: false
Example:
```yaml
restrictions:
disableAnnotations: true
```
### restrictions.allowOverwrite
The `allowOverwrite` option controls whether NFD is allowed to overwrite and
take over management of existing node labels, annotations, and extended resources.
Labels, annotations and extended resources created by NFD itself are not affected
(overwrite cannot be disabled). NFD tracks the labels, annotations and extended
resources that it manages with specific
[node annotations](../get-started/introduction.md#node-annotations).
Default: true
Example:
```yaml
restrictions:
allowOverwrite: false
```
### restrictions.denyNodeFeatureLabels
The `denyNodeFeatureLabels` option specifies whether to deny labels from 3rd party
NodeFeature objects or not. NodeFeature objects created by nfd-worker are not affected.
Default: false
Example:
```yaml
restrictions:
denyNodeFeatureLabels: true
```
View git blame Copy permalink