mirror of
https://github.com/kubernetes-sigs/node-feature-discovery.git
synced 2024-12-14 11:57:51 +00:00
1 line
No EOL
88 KiB
JSON
1 line
No EOL
88 KiB
JSON
[{"title":"Get started","layout":"default","sort":1,"content":"<h1 id=\"node-feature-discovery\">Node Feature Discovery</h1>\n\n<p>Welcome to Node Feature Discovery – a Kubernetes add-on for detecting hardware\nfeatures and system configuration!</p>\n\n<p>Continue to:</p>\n\n<ul>\n <li>\n <p><strong><a href=\"/node-feature-discovery/v0.6/get-started/introduction.html\">Introduction</a></strong> for more details on the\nproject.</p>\n </li>\n <li>\n <p><strong><a href=\"/node-feature-discovery/v0.6/get-started/quick-start.html\">Quick start</a></strong> for quick step-by-step\ninstructions on how to get NFD running on your cluster.</p>\n </li>\n</ul>\n\n<h2 id=\"quick-start--the-short-short-version\">Quick-start – the short-short version</h2>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>kubectl apply <span class=\"nt\">-f</span> https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/release-0.6/nfd-master.yaml.template\n namespace/node-feature-discovery created\n...\n\n<span class=\"nv\">$ </span>kubectl apply <span class=\"nt\">-f</span> https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/release-0.6/nfd-worker-daemonset.yaml.template\n daemonset.apps/nfd-worker created\n\n<span class=\"nv\">$ </span>kubectl <span class=\"nt\">-n</span> node-feature-discovery get all\n NAME READY STATUS RESTARTS AGE\n pod/nfd-master-555458dbbc-sxg6w 1/1 Running 0 56s\n pod/nfd-worker-mjg9f 1/1 Running 0 17s\n...\n\n<span class=\"nv\">$ </span>kubectl get no <span class=\"nt\">-o</span> json | jq .items[].metadata.labels\n <span class=\"o\">{</span>\n <span class=\"s2\">\"beta.kubernetes.io/arch\"</span>: <span class=\"s2\">\"amd64\"</span>,\n <span class=\"s2\">\"beta.kubernetes.io/os\"</span>: <span class=\"s2\">\"linux\"</span>,\n <span class=\"s2\">\"feature.node.kubernetes.io/cpu-cpuid.ADX\"</span>: <span class=\"s2\">\"true\"</span>,\n <span class=\"s2\">\"feature.node.kubernetes.io/cpu-cpuid.AESNI\"</span>: <span class=\"s2\">\"true\"</span>,\n...\n\n</code></pre> </div></div>\n","dir":"/get-started/","name":"index.md","path":"get-started/index.md","url":"/get-started/"},{"title":"Introduction","layout":"default","sort":1,"content":"<h1 class=\"no_toc\" id=\"introduction\">Introduction</h1>\n\n<h2 class=\"no_toc text-delta\" id=\"table-of-contents\">Table of Contents</h2>\n\n<ol id=\"markdown-toc\">\n <li><a href=\"#nfd-master\" id=\"markdown-toc-nfd-master\">NFD-Master</a></li>\n <li><a href=\"#nfd-worker\" id=\"markdown-toc-nfd-worker\">NFD-Worker</a></li>\n <li><a href=\"#feature-discovery\" id=\"markdown-toc-feature-discovery\">Feature Discovery</a></li>\n <li><a href=\"#node-annotations\" id=\"markdown-toc-node-annotations\">Node Annotations</a></li>\n</ol>\n\n<hr />\n\n<p>This software enables node feature discovery for Kubernetes. It detects\nhardware features available on each node in a Kubernetes cluster, and\nadvertises those features using node labels.</p>\n\n<p>NFD consists of two software components:</p>\n\n<ol>\n <li>nfd-master</li>\n <li>nfd-worker</li>\n</ol>\n\n<h2 id=\"nfd-master\">NFD-Master</h2>\n\n<p>Nfd-master is the daemon responsible for communication towards the Kubernetes\nAPI. That is, it receives labeling requests from the worker and modifies node\nobjects accordingly.</p>\n\n<h2 id=\"nfd-worker\">NFD-Worker</h2>\n\n<p>Nfd-worker is a daemon responsible for feature detection. It then communicates\nthe information to nfd-master which does the actual node labeling. One\ninstance of nfd-worker is supposed to be running on each node of the cluster,</p>\n\n<h2 id=\"feature-discovery\">Feature Discovery</h2>\n\n<p>Feature discovery is divided into domain-specific feature sources:</p>\n\n<ul>\n <li>CPU</li>\n <li>IOMMU</li>\n <li>Kernel</li>\n <li>Memory</li>\n <li>Network</li>\n <li>PCI</li>\n <li>Storage</li>\n <li>System</li>\n <li>USB</li>\n <li>Custom (rule-based custom features)</li>\n <li>Local (hooks for user-specific features)</li>\n</ul>\n\n<p>Each feature source is responsible for detecting a set of features which. in\nturn, are turned into node feature labels. Feature labels are prefixed with\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/</code> and also contain the name of the feature source.\nNon-standard user-specific feature labels can be created with the local and\ncustom feature sources.</p>\n\n<p>An overview of the default feature labels:</p>\n\n<div class=\"language-json highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"p\">{</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/cpu-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/custom-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/iommu-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/kernel-<feature name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"<feature value>\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/memory-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/network-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/pci-<device label>.present\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/storage-<feature-name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"true\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/system-<feature name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"<feature value>\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/usb-<device label>.present\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"<feature value>\"</span><span class=\"p\">,</span><span class=\"w\">\n </span><span class=\"nl\">\"feature.node.kubernetes.io/<file name>-<feature name>\"</span><span class=\"p\">:</span><span class=\"w\"> </span><span class=\"s2\">\"<feature value>\"</span><span class=\"w\">\n</span><span class=\"p\">}</span><span class=\"w\">\n</span></code></pre> </div></div>\n\n<h2 id=\"node-annotations\">Node Annotations</h2>\n\n<p>NFD also annotates nodes it is running on:</p>\n\n<table>\n <thead>\n <tr>\n <th>Annotation</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>nfd.node.kubernetes.io/master.version</td>\n <td>Version of the nfd-master instance running on the node. Informative use only.</td>\n </tr>\n <tr>\n <td>nfd.node.kubernetes.io/worker.version</td>\n <td>Version of the nfd-worker instance running on the node. Informative use only.</td>\n </tr>\n <tr>\n <td>nfd.node.kubernetes.io/feature-labels</td>\n <td>Comma-separated list of node labels managed by NFD. NFD uses this internally so must not be edited by users.</td>\n </tr>\n <tr>\n <td>nfd.node.kubernetes.io/extended-resources</td>\n <td>Comma-separated list of node extended resources managed by NFD. NFD uses this internally so must not be edited by users.</td>\n </tr>\n </tbody>\n</table>\n\n<p>Unapplicable annotations are not created, i.e. for example master.version is\nonly created on nodes running nfd-master.</p>\n","dir":"/get-started/","name":"introduction.md","path":"get-started/introduction.md","url":"/get-started/introduction.html"},{"title":"Developer Guide","layout":"default","sort":2,"content":"<h1 class=\"no_toc\" id=\"developer-guide\">Developer Guide</h1>\n\n<h2 class=\"no_toc text-delta\" id=\"table-of-contents\">Table of contents</h2>\n\n<ol id=\"markdown-toc\">\n <li><a href=\"#building-from-source\" id=\"markdown-toc-building-from-source\">Building from source</a> <ol>\n <li><a href=\"#download-the-source-code\" id=\"markdown-toc-download-the-source-code\">Download the source code</a></li>\n <li><a href=\"#docker-build\" id=\"markdown-toc-docker-build\">Docker Build</a></li>\n <li><a href=\"#customizing-the-build\" id=\"markdown-toc-customizing-the-build\">Customizing the Build</a></li>\n <li><a href=\"#testing\" id=\"markdown-toc-testing\">Testing</a></li>\n </ol>\n </li>\n <li><a href=\"#running-locally\" id=\"markdown-toc-running-locally\">Running Locally</a> <ol>\n <li><a href=\"#nfd-master\" id=\"markdown-toc-nfd-master\">NFD-Master</a></li>\n <li><a href=\"#nfd-worker\" id=\"markdown-toc-nfd-worker\">NFD-Worker</a></li>\n </ol>\n </li>\n <li><a href=\"#documentation\" id=\"markdown-toc-documentation\">Documentation</a></li>\n</ol>\n\n<hr />\n\n<h2 id=\"building-from-source\">Building from source</h2>\n\n<h3 id=\"download-the-source-code\">Download the source code</h3>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>git clone https://github.com/kubernetes-sigs/node-feature-discovery\n</code></pre> </div></div>\n\n<h3 id=\"docker-build\">Docker Build</h3>\n\n<h4 id=\"build-the-container-image\">Build the container image</h4>\n\n<p>See <a href=\"#customizing-the-build\">customizing the build</a> below for altering the\ncontainer image registry, for example.</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nb\">cd</span> <project-root>\nmake\n</code></pre> </div></div>\n\n<h4 id=\"push-the-container-image\">Push the container image</h4>\n\n<p>Optional, this example with Docker.</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>docker push <IMAGE_TAG>\n</code></pre> </div></div>\n\n<h4 id=\"change-the-job-spec-to-use-your-custom-image-optional\">Change the job spec to use your custom image (optional)</h4>\n\n<p>To use your published image from the step above instead of the\n<code class=\"language-plaintext highlighter-rouge\">k8s.gcr.io/nfd/node-feature-discovery</code> image, edit <code class=\"language-plaintext highlighter-rouge\">image</code>\nattribute in the spec template(s) to the new location\n(<code class=\"language-plaintext highlighter-rouge\"><registry-name>/<image-name>[:<version>]</code>).</p>\n\n<h3 id=\"customizing-the-build\">Customizing the Build</h3>\n\n<p>There are several Makefile variables that control the build process and the\nname of the resulting container image.</p>\n\n<table>\n <thead>\n <tr>\n <th>Variable</th>\n <th>Description</th>\n <th>Default value</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>HOSTMOUNT_PREFIX</td>\n <td>Prefix of system directories for feature discovery (local builds)</td>\n <td>/ (<em>local builds</em>) /host- (<em>container builds</em>)</td>\n </tr>\n <tr>\n <td>IMAGE_BUILD_CMD</td>\n <td>Command to build the image</td>\n <td>docker build</td>\n </tr>\n <tr>\n <td>IMAGE_BUILD_EXTRA_OPTS</td>\n <td>Extra options to pass to build command</td>\n <td><em>empty</em></td>\n </tr>\n <tr>\n <td>IMAGE_PUSH_CMD</td>\n <td>Command to push the image to remote registry</td>\n <td>docker push</td>\n </tr>\n <tr>\n <td>IMAGE_REGISTRY</td>\n <td>Container image registry to use</td>\n <td>k8s.gcr.io/nfd</td>\n </tr>\n <tr>\n <td>IMAGE_TAG_NAME</td>\n <td>Container image tag name</td>\n <td><nfd version></td>\n </tr>\n <tr>\n <td>IMAGE_EXTRA_TAG_NAMES</td>\n <td>Additional container image tag(s) to create when building image</td>\n <td><em>empty</em></td>\n </tr>\n <tr>\n <td>K8S_NAMESPACE</td>\n <td>nfd-master and nfd-worker namespace</td>\n <td>kube-system</td>\n </tr>\n <tr>\n <td>KUBECONFIG</td>\n <td>Kubeconfig for running e2e-tests</td>\n <td><em>empty</em></td>\n </tr>\n <tr>\n <td>E2E_TEST_CONFIG</td>\n <td>Parameterization file of e2e-tests (see <a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/blob/release-0.6/test/e2e/e2e-test-config.exapmle.yaml\">example</a>)</td>\n <td><em>empty</em></td>\n </tr>\n </tbody>\n</table>\n\n<p>For example, to use a custom registry:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make <span class=\"nv\">IMAGE_REGISTRY</span><span class=\"o\">=</span><my custom registry uri>\n\n</code></pre> </div></div>\n\n<p>Or to specify a build tool different from Docker:</p>\n\n<p>It can be done in 2 ways, by pre-defining the variable</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">IMAGE_BUILD_CMD</span><span class=\"o\">=</span><span class=\"s2\">\"buildah bud\"</span> make\n</code></pre> </div></div>\n\n<p>Or By overriding the variable value</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make <span class=\"nv\">IMAGE_BUILD_CMD</span><span class=\"o\">=</span><span class=\"s2\">\"buildah bud\"</span>\n</code></pre> </div></div>\n\n<h3 id=\"testing\">Testing</h3>\n\n<p>Unit tests are automatically run as part of the container image build. You can\nalso run them manually in the source code tree by simply running:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make <span class=\"nb\">test</span>\n</code></pre> </div></div>\n\n<p>End-to-end tests are built on top of the e2e test framework of Kubernetes, and,\nthey required a cluster to run them on. For running the tests on your test\ncluster you need to specify the kubeconfig to be used:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make e2e-test <span class=\"nv\">KUBECONFIG</span><span class=\"o\">=</span><span class=\"nv\">$HOME</span>/.kube/config\n</code></pre> </div></div>\n\n<h2 id=\"running-locally\">Running Locally</h2>\n\n<p>You can run NFD locally, either directly on your host OS or in containers for\ntesting and development purposes. This may be useful e.g. for checking\nfeatures-detection.</p>\n\n<h3 id=\"nfd-master\">NFD-Master</h3>\n\n<p>When running as a standalone container labeling is expected to fail because\nKubernetes API is not available. Thus, it is recommended to use <code class=\"language-plaintext highlighter-rouge\">--no-publish</code>\ncommand line flag. E.g.</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ NFD_CONTAINER_IMAGE</span><span class=\"o\">=</span>k8s.gcr.io/nfd/node-feature-discovery:v0.6.0\n<span class=\"nv\">$ </span>docker run <span class=\"nt\">--rm</span> <span class=\"nt\">--name</span><span class=\"o\">=</span>nfd-test <span class=\"k\">${</span><span class=\"nv\">NFD_CONTAINER_IMAGE</span><span class=\"k\">}</span> nfd-master <span class=\"nt\">--no-publish</span>\n2019/02/01 14:48:21 Node Feature Discovery Master <NFD_VERSION>\n2019/02/01 14:48:21 gRPC server serving on port: 8080\n</code></pre> </div></div>\n\n<p>Command line flags of nfd-master:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>docker run <span class=\"nt\">--rm</span> <span class=\"k\">${</span><span class=\"nv\">NFD_CONTAINER_IMAGE</span><span class=\"k\">}</span> nfd-master <span class=\"nt\">--help</span>\n...\nnfd-master.\n\n Usage:\n nfd-master <span class=\"o\">[</span><span class=\"nt\">--no-publish</span><span class=\"o\">]</span> <span class=\"o\">[</span><span class=\"nt\">--label-whitelist</span><span class=\"o\">=</span><pattern>] <span class=\"o\">[</span><span class=\"nt\">--port</span><span class=\"o\">=</span><port>]\n <span class=\"o\">[</span><span class=\"nt\">--ca-file</span><span class=\"o\">=</span><path>] <span class=\"o\">[</span><span class=\"nt\">--cert-file</span><span class=\"o\">=</span><path>] <span class=\"o\">[</span><span class=\"nt\">--key-file</span><span class=\"o\">=</span><path>]\n <span class=\"o\">[</span><span class=\"nt\">--verify-node-name</span><span class=\"o\">]</span> <span class=\"o\">[</span><span class=\"nt\">--extra-label-ns</span><span class=\"o\">=</span><list>] <span class=\"o\">[</span><span class=\"nt\">--resource-labels</span><span class=\"o\">=</span><list>]\n nfd-master <span class=\"nt\">-h</span> | <span class=\"nt\">--help</span>\n nfd-master <span class=\"nt\">--version</span>\n\n Options:\n <span class=\"nt\">-h</span> <span class=\"nt\">--help</span> Show this screen.\n <span class=\"nt\">--version</span> Output version and exit.\n <span class=\"nt\">--port</span><span class=\"o\">=</span><port> Port on which to listen <span class=\"k\">for </span>connections.\n <span class=\"o\">[</span>Default: 8080]\n <span class=\"nt\">--ca-file</span><span class=\"o\">=</span><path> Root certificate <span class=\"k\">for </span>verifying connections\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--cert-file</span><span class=\"o\">=</span><path> Certificate used <span class=\"k\">for </span>authenticating connections\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--key-file</span><span class=\"o\">=</span><path> Private key matching <span class=\"nt\">--cert-file</span>\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--verify-node-name</span> Verify worker node name against CN from the TLS\n certificate. Only has effect when TLS authentication\n has been enabled.\n <span class=\"nt\">--no-publish</span> Do not publish feature labels\n <span class=\"nt\">--label-whitelist</span><span class=\"o\">=</span><pattern> Regular expression to filter label names to\n publish to the Kubernetes API server.\n NB: the label namespace is omitted i.e. the filter\n is only applied to the name part after <span class=\"s1\">'/'</span><span class=\"nb\">.</span>\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--extra-label-ns</span><span class=\"o\">=</span><list> Comma separated list of allowed extra label namespaces\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--resource-labels</span><span class=\"o\">=</span><list> Comma separated list of labels to be exposed as extended resources.\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n</code></pre> </div></div>\n\n<h3 id=\"nfd-worker\">NFD-Worker</h3>\n\n<p>In order to run nfd-worker as a “stand-alone” container against your\nstandalone nfd-master you need to run them in the same network namespace:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>docker run <span class=\"nt\">--rm</span> <span class=\"nt\">--network</span><span class=\"o\">=</span>container:nfd-test <NFD_CONTAINER_IMAGE> nfd-worker\n2019/02/01 14:48:56 Node Feature Discovery Worker <NFD_VERSION>\n...\n</code></pre> </div></div>\n\n<p>If you just want to try out feature discovery without connecting to nfd-master,\npass the <code class=\"language-plaintext highlighter-rouge\">--no-publish</code> flag to nfd-worker.</p>\n\n<p>Command line flags of nfd-worker:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>docker run <span class=\"nt\">--rm</span> <span class=\"k\">${</span><span class=\"nv\">NFD_CONTAINER_IMAGE</span><span class=\"k\">}</span> nfd-worker <span class=\"nt\">--help</span>\n...\nnfd-worker.\n\n Usage:\n nfd-worker <span class=\"o\">[</span><span class=\"nt\">--no-publish</span><span class=\"o\">]</span> <span class=\"o\">[</span><span class=\"nt\">--sources</span><span class=\"o\">=</span><sources>] <span class=\"o\">[</span><span class=\"nt\">--label-whitelist</span><span class=\"o\">=</span><pattern>]\n <span class=\"o\">[</span><span class=\"nt\">--oneshot</span> | <span class=\"nt\">--sleep-interval</span><span class=\"o\">=</span><seconds>] <span class=\"o\">[</span><span class=\"nt\">--config</span><span class=\"o\">=</span><path>]\n <span class=\"o\">[</span><span class=\"nt\">--options</span><span class=\"o\">=</span><config>] <span class=\"o\">[</span><span class=\"nt\">--server</span><span class=\"o\">=</span><server>] <span class=\"o\">[</span><span class=\"nt\">--server-name-override</span><span class=\"o\">=</span><name>]\n <span class=\"o\">[</span><span class=\"nt\">--ca-file</span><span class=\"o\">=</span><path>] <span class=\"o\">[</span><span class=\"nt\">--cert-file</span><span class=\"o\">=</span><path>] <span class=\"o\">[</span><span class=\"nt\">--key-file</span><span class=\"o\">=</span><path>]\n nfd-worker <span class=\"nt\">-h</span> | <span class=\"nt\">--help</span>\n nfd-worker <span class=\"nt\">--version</span>\n\n Options:\n <span class=\"nt\">-h</span> <span class=\"nt\">--help</span> Show this screen.\n <span class=\"nt\">--version</span> Output version and exit.\n <span class=\"nt\">--config</span><span class=\"o\">=</span><path> Config file to use.\n <span class=\"o\">[</span>Default: /etc/kubernetes/node-feature-discovery/nfd-worker.conf]\n <span class=\"nt\">--options</span><span class=\"o\">=</span><config> Specify config options from <span class=\"nb\">command </span>line. Config\n options are specified <span class=\"k\">in </span>the same format as <span class=\"k\">in </span>the\n config file <span class=\"o\">(</span>i.e. json or yaml<span class=\"o\">)</span><span class=\"nb\">.</span> These options\n will override settings <span class=\"nb\">read </span>from the config file.\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--ca-file</span><span class=\"o\">=</span><path> Root certificate <span class=\"k\">for </span>verifying connections\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--cert-file</span><span class=\"o\">=</span><path> Certificate used <span class=\"k\">for </span>authenticating connections\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--key-file</span><span class=\"o\">=</span><path> Private key matching <span class=\"nt\">--cert-file</span>\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--server</span><span class=\"o\">=</span><server> NFD server address to connecto to.\n <span class=\"o\">[</span>Default: localhost:8080]\n <span class=\"nt\">--server-name-override</span><span class=\"o\">=</span><name> Name <span class=\"o\">(</span>CN<span class=\"o\">)</span> expect from server certificate, useful\n <span class=\"k\">in </span>testing\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--sources</span><span class=\"o\">=</span><sources> Comma separated list of feature sources.\n <span class=\"o\">[</span>Default: cpu,custom,iommu,kernel,local,memory,network,pci,storage,system,usb]\n <span class=\"nt\">--no-publish</span> Do not publish discovered features to the\n cluster-local Kubernetes API server.\n <span class=\"nt\">--label-whitelist</span><span class=\"o\">=</span><pattern> Regular expression to filter label names to\n publish to the Kubernetes API server.\n NB: the label namespace is omitted i.e. the filter\n is only applied to the name part after <span class=\"s1\">'/'</span><span class=\"nb\">.</span>\n <span class=\"o\">[</span>Default: <span class=\"o\">]</span>\n <span class=\"nt\">--oneshot</span> Label once and exit.\n <span class=\"nt\">--sleep-interval</span><span class=\"o\">=</span><seconds> Time to <span class=\"nb\">sleep </span>between re-labeling. Non-positive\n value implies no re-labeling <span class=\"o\">(</span>i.e. infinite\n <span class=\"nb\">sleep</span><span class=\"o\">)</span><span class=\"nb\">.</span> <span class=\"o\">[</span>Default: 60s]\n</code></pre> </div></div>\n\n<p><strong>NOTE</strong> Some feature sources need certain directories and/or files from the\nhost mounted inside the NFD container. Thus, you need to provide Docker with the\ncorrect <code class=\"language-plaintext highlighter-rouge\">--volume</code> options in order for them to work correctly when run\nstand-alone directly with <code class=\"language-plaintext highlighter-rouge\">docker run</code>. See the\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/blob/release-0.6/nfd-worker-daemonset.yaml.template\">template spec</a>\nfor up-to-date information about the required volume mounts.</p>\n\n<h2 id=\"documentation\">Documentation</h2>\n\n<p>All documentation resides under the\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/tree/release-0.6/docs\">docs</a>\ndirectory in the source tree. It is designed to be served as a html site by\n<a href=\"https://pages.github.com/\">GitHub Pages</a>.</p>\n\n<p>Building the documentation is containerized in order to fix the build\nenvironment. The recommended way for developing documentation is to run:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make site-serve\n</code></pre> </div></div>\n\n<p>This will build the documentation in a container and serve it under\n<a href=\"http://localhost:4000/\">localhost:4000/</a> making it easy to verify the results.\nAny changes made to the <code class=\"language-plaintext highlighter-rouge\">docs/</code> will automatically re-trigger a rebuild and are\nreflected in the served content and can be inspected with a simple browser\nrefresh.</p>\n\n<p>In order to just build the html documentation run:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make site-build\n</code></pre> </div></div>\n\n<p>This will generate html documentation under <code class=\"language-plaintext highlighter-rouge\">docs/_site/</code>.</p>\n\n<!-- Links -->\n","dir":"/advanced/","name":"index.md","path":"advanced/index.md","url":"/advanced/"},{"title":"Quick Start","layout":"default","sort":2,"content":"<h1 id=\"quick-start\">Quick Start</h1>\n\n<p>Minimal steps to deploy latest released version of NFD in your cluster.</p>\n\n<h2 id=\"installation\">Installation</h2>\n\n<p>Deploy nfd-master – creates a new namespace, service and required RBAC rules</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>kubectl apply <span class=\"nt\">-f</span> https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/release-0.6/nfd-master.yaml.template\n</code></pre> </div></div>\n\n<p>Deploy nfd-worker as a daemonset</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>kubectl apply <span class=\"nt\">-f</span> https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/release-0.6/nfd-worker-daemonset.yaml.template\n</code></pre> </div></div>\n\n<h2 id=\"verify\">Verify</h2>\n\n<p>Wait until NFD master and worker are running.</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>kubectl <span class=\"nt\">-n</span> node-feature-discovery get ds,deploy\nNAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE\ndaemonset.apps/nfd-worker 3 3 3 3 3 <none> 5s\nNAME READY UP-TO-DATE AVAILABLE AGE\ndeployment.apps/nfd-master 1/1 1 1 17s\n</code></pre> </div></div>\n\n<p>Check that NFD feature labels have been created</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>kubectl get no <span class=\"nt\">-o</span> json | jq .items[].metadata.labels\n<span class=\"o\">{</span>\n <span class=\"s2\">\"beta.kubernetes.io/arch\"</span>: <span class=\"s2\">\"amd64\"</span>,\n <span class=\"s2\">\"beta.kubernetes.io/os\"</span>: <span class=\"s2\">\"linux\"</span>,\n <span class=\"s2\">\"feature.node.kubernetes.io/cpu-cpuid.ADX\"</span>: <span class=\"s2\">\"true\"</span>,\n <span class=\"s2\">\"feature.node.kubernetes.io/cpu-cpuid.AESNI\"</span>: <span class=\"s2\">\"true\"</span>,\n <span class=\"s2\">\"feature.node.kubernetes.io/cpu-cpuid.AVX\"</span>: <span class=\"s2\">\"true\"</span>,\n...\n</code></pre> </div></div>\n\n<h2 id=\"use-node-labels\">Use Node Labels</h2>\n\n<p>Create a pod targeting a distinguishing feature (select a valid feature from\nthe list printed on the previous step)</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span><span class=\"nb\">cat</span> <span class=\"o\"><<</span> <span class=\"no\">EOF</span><span class=\"sh\"> | kubectl apply -f -\napiVersion: v1\nkind: Pod\nmetadata:\n name: feature-dependent-pod\nspec:\n containers:\n - image: k8s.gcr.io/pause\n name: pause\n nodeSelector:\n # Select a valid feature\n feature.node.kubernetes.io/cpu-cpuid.AESNI: 'true'\n</span><span class=\"no\">EOF\n</span>pod/feature-dependent-pod created\n</code></pre> </div></div>\n\n<p>See that the pod is running on a desired node</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nv\">$ </span>kubectl get po feature-dependent-pod <span class=\"nt\">-o</span> wide\nNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES\nfeature-dependent-pod 1/1 Running 0 23s 10.36.0.4 node-2 <none> <none>\n</code></pre> </div></div>\n","dir":"/get-started/","name":"quick-start.md","path":"get-started/quick-start.md","url":"/get-started/quick-start.html"},{"title":"Deployment and Usage","layout":"default","sort":3,"content":"<h1 class=\"no_toc\" id=\"deployment-and-usage\">Deployment and Usage</h1>\n\n<h2 class=\"no_toc text-delta\" id=\"table-of-contents\">Table of Contents</h2>\n\n<ol id=\"markdown-toc\">\n <li><a href=\"#system-requirements\" id=\"markdown-toc-system-requirements\">System requirements</a></li>\n <li><a href=\"#usage\" id=\"markdown-toc-usage\">Usage</a> <ol>\n <li><a href=\"#nfd-master\" id=\"markdown-toc-nfd-master\">NFD-Master</a></li>\n <li><a href=\"#nfd-worker\" id=\"markdown-toc-nfd-worker\">NFD-Worker</a></li>\n <li><a href=\"#nfd-master-and-nfd-worker-in-the-same-pod\" id=\"markdown-toc-nfd-master-and-nfd-worker-in-the-same-pod\">NFD-Master and NFD-Worker in the same Pod</a></li>\n <li><a href=\"#tls-authentication\" id=\"markdown-toc-tls-authentication\">TLS authentication</a></li>\n </ol>\n </li>\n <li><a href=\"#deployment-options\" id=\"markdown-toc-deployment-options\">Deployment options</a> <ol>\n <li><a href=\"#deployment-templates\" id=\"markdown-toc-deployment-templates\">Deployment Templates</a></li>\n <li><a href=\"#build-your-own\" id=\"markdown-toc-build-your-own\">Build Your Own</a></li>\n </ol>\n </li>\n <li><a href=\"#configuration\" id=\"markdown-toc-configuration\">Configuration</a></li>\n <li><a href=\"#using-node-labels\" id=\"markdown-toc-using-node-labels\">Using Node Labels</a></li>\n</ol>\n\n<hr />\n\n<h3 id=\"system-requirements\">System requirements</h3>\n\n<ol>\n <li>Linux (x86_64/Arm64/Arm)</li>\n <li><a href=\"https://kubernetes.io/docs/tasks/tools/install-kubectl\">kubectl</a>\n(properly set up and configured to work with your Kubernetes cluster)</li>\n <li><a href=\"https://docs.docker.com/install\">Docker</a> (only required to build and push docker images)</li>\n</ol>\n\n<h2 id=\"usage\">Usage</h2>\n\n<h3 id=\"nfd-master\">NFD-Master</h3>\n\n<p>NFD-Master runs as a deployment (with a replica count of 1), by default\nit prefers running on the cluster’s master nodes but will run on worker\nnodes if no master nodes are found.</p>\n\n<p>For High Availability, you should simply increase the replica count of\nthe deployment object. You should also look into adding\n<a href=\"https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity\">inter-pod</a>\naffinity to prevent masters from running on the same node.\nHowever note that inter-pod affinity is costly and is not recommended\nin bigger clusters.</p>\n\n<p>You can use the template spec provided to deploy nfd-master, or\nuse <code class=\"language-plaintext highlighter-rouge\">nfd-master.yaml</code> generated by <code class=\"language-plaintext highlighter-rouge\">Makefile</code>. The latter includes\n<code class=\"language-plaintext highlighter-rouge\">image:</code> and <code class=\"language-plaintext highlighter-rouge\">namespace:</code> definitions that match the latest built\nimage. Example:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make <span class=\"nv\">IMAGE_TAG</span><span class=\"o\">=</span><IMAGE_TAG>\ndocker push <IMAGE_TAG>\nkubectl create <span class=\"nt\">-f</span> nfd-master.yaml\n</code></pre> </div></div>\n\n<p>NFD-Master listens for connections from nfd-worker(s) and connects to the\nKubernetes API server to add node labels advertised by them.</p>\n\n<p>If you have RBAC authorization enabled (as is the default e.g. with clusters\ninitialized with kubeadm) you need to configure the appropriate ClusterRoles,\nClusterRoleBindings and a ServiceAccount in order for NFD to create node\nlabels. The provided template will configure these for you.</p>\n\n<h3 id=\"nfd-worker\">NFD-Worker</h3>\n\n<p>NFD-Worker is preferably run as a Kubernetes DaemonSet. There is an\nexample spec (<code class=\"language-plaintext highlighter-rouge\">nfd-worker-daemonset.yaml.template</code>) that can be used\nas a template, or, as is when just trying out the service. Similarly\nto nfd-master above, the <code class=\"language-plaintext highlighter-rouge\">Makefile</code> also generates\n<code class=\"language-plaintext highlighter-rouge\">nfd-worker-daemonset.yaml</code> from the template that you can use to\ndeploy the latest image. Example:</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>make <span class=\"nv\">IMAGE_TAG</span><span class=\"o\">=</span><IMAGE_TAG>\ndocker push <IMAGE_TAG>\nkubectl create <span class=\"nt\">-f</span> nfd-worker-daemonset.yaml\n</code></pre> </div></div>\n\n<p>NFD-Worker connects to the nfd-master service to advertise hardware features.</p>\n\n<p>When run as a daemonset, nodes are re-labeled at an interval specified using\nthe <code class=\"language-plaintext highlighter-rouge\">--sleep-interval</code> option. In the\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/blob/release-0.6/nfd-worker-daemonset.yaml.template#L26\">template</a>\nthe default interval is set to 60s which is also the default when no\n<code class=\"language-plaintext highlighter-rouge\">--sleep-interval</code> is specified. Also, the configuration file is re-read on\neach iteration providing a simple mechanism of run-time reconfiguration.</p>\n\n<p>Feature discovery can alternatively be configured as a one-shot job. There is\nan example script in this repo that demonstrates how to deploy the job in the\ncluster.</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>./label-nodes.sh <span class=\"o\">[</span><IMAGE_TAG>]\n</code></pre> </div></div>\n\n<p>The label-nodes.sh script tries to launch as many jobs as there are Ready\nnodes. Note that this approach does not guarantee running once on every node.\nFor example, if some node is tainted NoSchedule or fails to start a job for\nsome other reason, then some other node will run extra job instance(s) to\nsatisfy the request and the tainted/failed node does not get labeled.</p>\n\n<h3 id=\"nfd-master-and-nfd-worker-in-the-same-pod\">NFD-Master and NFD-Worker in the same Pod</h3>\n\n<p>You can also run nfd-master and nfd-worker inside a single pod (skip the <code class=\"language-plaintext highlighter-rouge\">sed</code>\npart if running the latest released version):</p>\n\n<div class=\"language-bash highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nb\">sed</span> <span class=\"nt\">-E</span> s<span class=\"s1\">',^(\\s*)image:.+$,\\1image: <YOUR_IMAGE_REPO>:<YOUR_IMAGE_TAG>,'</span> nfd-daemonset-combined.yaml.template <span class=\"o\">></span> nfd-daemonset-combined.yaml\nkubectl apply <span class=\"nt\">-f</span> nfd-daemonset-combined.yaml\n</code></pre> </div></div>\n\n<p>Similar to the nfd-worker setup above, this creates a DaemonSet that schedules\nan NFD Pod an all worker nodes, with the difference that the Pod also also\ncontains an nfd-master instance. In this case no nfd-master service is run on\nthe master node(s), but, the worker nodes are able to label themselves.</p>\n\n<p>This may be desirable e.g. in single-node setups.</p>\n\n<h3 id=\"tls-authentication\">TLS authentication</h3>\n\n<p>NFD supports mutual TLS authentication between the nfd-master and nfd-worker\ninstances. That is, nfd-worker and nfd-master both verify that the other end\npresents a valid certificate.</p>\n\n<p>TLS authentication is enabled by specifying <code class=\"language-plaintext highlighter-rouge\">--ca-file</code>, <code class=\"language-plaintext highlighter-rouge\">--key-file</code> and\n<code class=\"language-plaintext highlighter-rouge\">--cert-file</code> args, on both the nfd-master and nfd-worker instances.\nThe template specs provided with NFD contain (commented out) example\nconfiguration for enabling TLS authentication.</p>\n\n<p>The Common Name (CN) of the nfd-master certificate must match the DNS name of\nthe nfd-master Service of the cluster. By default, nfd-master only check that\nthe nfd-worker has been signed by the specified root certificate (–ca-file).\nAdditional hardening can be enabled by specifying –verify-node-name in\nnfd-master args, in which case nfd-master verifies that the NodeName presented\nby nfd-worker matches the Common Name (CN) of its certificate. This means that\neach nfd-worker requires a individual node-specific TLS certificate.</p>\n\n<h2 id=\"deployment-options\">Deployment options</h2>\n\n<h3 id=\"deployment-templates\">Deployment Templates</h3>\n\n<p>For a stable version with ready-built images see the\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/releases/latest\">latest release</a>.</p>\n\n<h3 id=\"build-your-own\">Build Your Own</h3>\n\n<p>If you want to use the latest development version (master branch) you need to\nbuild your own custom image.\nSee the <a href=\"advanced-developer-guide.md\">Developer Guide</a> for instructions how to\nbuild images and deploy them on your cluster.</p>\n\n<h2 id=\"configuration\">Configuration</h2>\n\n<p>NFD-Worker supports a configuration file. The default location is\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/nfd-worker.conf</code>, but,\nthis can be changed by specifying the<code class=\"language-plaintext highlighter-rouge\">--config</code> command line flag.\nConfiguration file is re-read on each labeling pass (determined by\n<code class=\"language-plaintext highlighter-rouge\">--sleep-interval</code>) which makes run-time re-configuration of nfd-worker\npossible.</p>\n\n<p>Worker configuration file is read inside the container, and thus, Volumes and\nVolumeMounts are needed to make your configuration available for NFD. The\npreferred method is to use a ConfigMap which provides easy deployment and\nre-configurability. For example, create a config map using the example config\nas a template:</p>\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>cp nfd-worker.conf.example nfd-worker.conf\nvim nfd-worker.conf # edit the configuration\nkubectl create configmap nfd-worker-config --from-file=nfd-worker.conf\n</code></pre> </div></div>\n<p>Then, configure Volumes and VolumeMounts in the Pod spec (just the relevant\nsnippets shown below):</p>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"nn\">...</span>\n <span class=\"na\">containers</span><span class=\"pi\">:</span>\n <span class=\"na\">volumeMounts</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\">nfd-worker-config</span>\n <span class=\"na\">mountPath</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">/etc/kubernetes/node-feature-discovery/\"</span>\n<span class=\"nn\">...</span>\n <span class=\"na\">volumes</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\">nfd-worker-config</span>\n <span class=\"na\">configMap</span><span class=\"pi\">:</span>\n <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\">nfd-worker-config</span>\n<span class=\"nn\">...</span>\n</code></pre> </div></div>\n\n<p>You could also use other types of volumes, of course. That is, hostPath if\ndifferent config for different nodes would be required, for example.</p>\n\n<p>The (empty-by-default)\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/blob/release-0.6/nfd-worker.conf.example\">example config</a>\nis used as a config in the NFD Docker image. Thus, this can be used as a default\nconfiguration in custom-built images.</p>\n\n<p>Configuration options can also be specified via the <code class=\"language-plaintext highlighter-rouge\">--options</code> command line\nflag, in which case no mounts need to be used. The same format as in the config\nfile must be used, i.e. JSON (or YAML). For example:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>--options='{\"sources\": { \"pci\": { \"deviceClassWhitelist\": [\"12\"] } } }'\n</code></pre> </div></div>\n\n<p>Configuration options specified from the command line will override those read\nfrom the config file.</p>\n\n<h2 id=\"using-node-labels\">Using Node Labels</h2>\n\n<p>Nodes with specific features can be targeted using the <code class=\"language-plaintext highlighter-rouge\">nodeSelector</code> field. The\nfollowing example shows how to target nodes with Intel TurboBoost enabled.</p>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"na\">apiVersion</span><span class=\"pi\">:</span> <span class=\"s\">v1</span>\n<span class=\"na\">kind</span><span class=\"pi\">:</span> <span class=\"s\">Pod</span>\n<span class=\"na\">metadata</span><span class=\"pi\">:</span>\n <span class=\"na\">labels</span><span class=\"pi\">:</span>\n <span class=\"na\">env</span><span class=\"pi\">:</span> <span class=\"s\">test</span>\n <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\">golang-test</span>\n<span class=\"na\">spec</span><span class=\"pi\">:</span>\n <span class=\"na\">containers</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">image</span><span class=\"pi\">:</span> <span class=\"s\">golang</span>\n <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\">go1</span>\n <span class=\"na\">nodeSelector</span><span class=\"pi\">:</span>\n <span class=\"s\">feature.node.kubernetes.io/cpu-pstate.turbo</span><span class=\"pi\">:</span> <span class=\"s1\">'</span><span class=\"s\">true'</span>\n</code></pre> </div></div>\n\n<p>For more details on targeting nodes, see\n<a href=\"https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/\">node selection</a>.</p>\n\n<!-- Links -->\n","dir":"/get-started/","name":"deployment-and-usage.md","path":"get-started/deployment-and-usage.md","url":"/get-started/deployment-and-usage.html"},{"title":"Contributing","layout":"default","sort":3,"content":"<h1 id=\"contributing\">Contributing</h1>\n\n<hr />\n\n<h2 id=\"community\">Community</h2>\n\n<p>You can reach us via the following channels:</p>\n\n<ul>\n <li><a href=\"https://kubernetes.slack.com/messages/node-feature-discovery\">#node-feature-discovery</a> channel in\n<a href=\"slack.k8s.io\">Kubernetes Slack</a></li>\n <li><a href=\"https://groups.google.com/g/kubernetes-sig-node\">SIG-Node</a> mailing list</li>\n <li>File an <a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/issues/new\">issue</a> in this repository</li>\n</ul>\n\n<h2 id=\"governance\">Governance</h2>\n\n<p>This is a <a href=\"https://github.com/kubernetes/community/blob/master/sig-node/README.md\">SIG-node</a>\nsubproject, hosted under the\n<a href=\"https://github.com/kubernetes-sigs\">Kubernetes SIGs</a> organization in Github.\nThe project was established in 2016 and was migrated to Kubernetes SIGs in 2018.</p>\n\n<h2 id=\"license\">License</h2>\n\n<p>This is open source software released under the <a href=\"LICENSE\">Apache 2.0 License</a>.</p>\n","dir":"/contributing/","name":"index.md","path":"contributing/index.md","url":"/contributing/"},{"title":"Feature Discovery","layout":"default","sort":4,"content":"<h1 class=\"no_toc\" id=\"feature-discovery\">Feature Discovery</h1>\n\n<h2 class=\"no_toc text-delta\" id=\"table-of-contents\">Table of Contents</h2>\n\n<ol id=\"markdown-toc\">\n <li><a href=\"#feature-labels\" id=\"markdown-toc-feature-labels\">Feature labels</a> <ol>\n <li><a href=\"#cpu-features\" id=\"markdown-toc-cpu-features\">CPU Features</a></li>\n <li><a href=\"#custom-features\" id=\"markdown-toc-custom-features\">Custom Features</a></li>\n <li><a href=\"#iommu-features\" id=\"markdown-toc-iommu-features\">IOMMU Features</a></li>\n <li><a href=\"#kernel-features\" id=\"markdown-toc-kernel-features\">Kernel Features</a></li>\n <li><a href=\"#memory-features\" id=\"markdown-toc-memory-features\">Memory Features</a></li>\n <li><a href=\"#network-features\" id=\"markdown-toc-network-features\">Network Features</a></li>\n <li><a href=\"#pci-features\" id=\"markdown-toc-pci-features\">PCI Features</a></li>\n <li><a href=\"#usb-features\" id=\"markdown-toc-usb-features\">USB Features</a></li>\n <li><a href=\"#storage-features\" id=\"markdown-toc-storage-features\">Storage Features</a></li>\n <li><a href=\"#system-features\" id=\"markdown-toc-system-features\">System Features</a></li>\n <li><a href=\"#feature-detector-hooks-user-specific-features\" id=\"markdown-toc-feature-detector-hooks-user-specific-features\">Feature Detector Hooks (User-specific Features)</a></li>\n </ol>\n </li>\n <li><a href=\"#extended-resources-experimental\" id=\"markdown-toc-extended-resources-experimental\">Extended resources (experimental)</a></li>\n</ol>\n\n<hr />\n\n<p>Feature discovery in nfd-worker is performed by a set of separate modules\ncalled feature sources. Most of them are specifically responsible for certain\ndomain of features (e.g. cpu). In addition there are two highly customizable\nfeature sources that work accross the system.</p>\n\n<h2 id=\"feature-labels\">Feature labels</h2>\n\n<p>The published node labels encode a few pieces of information:</p>\n\n<ul>\n <li>Namespace, i.e. <code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io</code></li>\n <li>The source for each label (e.g. <code class=\"language-plaintext highlighter-rouge\">cpu</code>).</li>\n <li>The name of the discovered feature as it appears in the underlying\nsource, (e.g. <code class=\"language-plaintext highlighter-rouge\">cpuid.AESNI</code> from cpu).</li>\n <li>The value of the discovered feature.</li>\n</ul>\n\n<p>Feature label names adhere to the following pattern:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><namespace>/<source name>-<feature name>[.<attribute name>]\n</code></pre> </div></div>\n\n<p>The last component (i.e. <code class=\"language-plaintext highlighter-rouge\">attribute-name</code>) is optional, and only used if a\nfeature logically has sub-hierarchy, e.g. <code class=\"language-plaintext highlighter-rouge\">sriov.capable</code> and\n<code class=\"language-plaintext highlighter-rouge\">sriov.configure</code> from the <code class=\"language-plaintext highlighter-rouge\">network</code> source.</p>\n\n<p>The <code class=\"language-plaintext highlighter-rouge\">--sources</code> flag controls which sources to use for discovery.</p>\n\n<p><em>Note: Consecutive runs of nfd-worker will update the labels on a\ngiven node. If features are not discovered on a consecutive run, the corresponding\nlabel will be removed. This includes any restrictions placed on the consecutive run,\nsuch as restricting discovered features with the –label-whitelist option.</em></p>\n\n<h3 id=\"cpu-features\">CPU Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature name</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>cpuid</td>\n <td><cpuid flag></td>\n <td>CPU capability is supported</td>\n </tr>\n <tr>\n <td>hardware_multithreading</td>\n <td> </td>\n <td>Hardware multithreading, such as Intel HTT, enabled (number of logical CPUs is greater than physical CPUs)</td>\n </tr>\n <tr>\n <td>power</td>\n <td>sst_bf.enabled</td>\n <td>Intel SST-BF (<a href=\"https://www.intel.com/content/www/us/en/architecture-and-technology/speed-select-technology-article.html\">Intel Speed Select Technology</a> - Base frequency) enabled</td>\n </tr>\n <tr>\n <td><a href=\"https://www.kernel.org/doc/Documentation/cpu-freq/intel-pstate.txt\">pstate</a></td>\n <td>turbo</td>\n <td>Set to ‘true’ if turbo frequencies are enabled in Intel pstate driver, set to ‘false’ if they have been disabled.</td>\n </tr>\n <tr>\n <td><a href=\"http://www.intel.com/content/www/us/en/architecture-and-technology/resource-director-technology.html\">rdt</a></td>\n <td>RDTMON</td>\n <td>Intel RDT Monitoring Technology</td>\n </tr>\n <tr>\n <td> </td>\n <td>RDTCMT</td>\n <td>Intel Cache Monitoring (CMT)</td>\n </tr>\n <tr>\n <td> </td>\n <td>RDTMBM</td>\n <td>Intel Memory Bandwidth Monitoring (MBM)</td>\n </tr>\n <tr>\n <td> </td>\n <td>RDTL3CA</td>\n <td>Intel L3 Cache Allocation Technology</td>\n </tr>\n <tr>\n <td> </td>\n <td>RDTL2CA</td>\n <td>Intel L2 Cache Allocation Technology</td>\n </tr>\n <tr>\n <td> </td>\n <td>RDTMBA</td>\n <td>Intel Memory Bandwidth Allocation (MBA) Technology</td>\n </tr>\n </tbody>\n</table>\n\n<p>The (sub-)set of CPUID attributes to publish is configurable via the\n<code class=\"language-plaintext highlighter-rouge\">attributeBlacklist</code> and <code class=\"language-plaintext highlighter-rouge\">attributeWhitelist</code> cpuid options of the cpu source.\nIf whitelist is specified, only whitelisted attributes will be published. With\nblacklist, only blacklisted attributes are filtered out. <code class=\"language-plaintext highlighter-rouge\">attributeWhitelist</code>\nhas priority over <code class=\"language-plaintext highlighter-rouge\">attributeBlacklist</code>. For examples and more information\nabout configurability, see <a href=\"deployment-and-usage#configuration\">configuration</a>.\nBy default, the following CPUID flags have been blacklisted:\nBMI1, BMI2, CLMUL, CMOV, CX16, ERMS, F16C, HTT, LZCNT, MMX, MMXEXT, NX, POPCNT,\nRDRAND, RDSEED, RDTSCP, SGX, SSE, SSE2, SSE3, SSE4.1, SSE4.2 and SSSE3.</p>\n\n<p><strong>NOTE</strong> The cpuid features advertise <em>supported</em> CPU capabilities, that is, a\ncapability might be supported but not enabled.</p>\n\n<h4 id=\"x86-cpuid-attributes-partial-list\">X86 CPUID Attributes (Partial List)</h4>\n\n<table>\n <thead>\n <tr>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>ADX</td>\n <td>Multi-Precision Add-Carry Instruction Extensions (ADX)</td>\n </tr>\n <tr>\n <td>AESNI</td>\n <td>Advanced Encryption Standard (AES) New Instructions (AES-NI)</td>\n </tr>\n <tr>\n <td>AVX</td>\n <td>Advanced Vector Extensions (AVX)</td>\n </tr>\n <tr>\n <td>AVX2</td>\n <td>Advanced Vector Extensions 2 (AVX2)</td>\n </tr>\n </tbody>\n</table>\n\n<h4 id=\"arm-cpuid-attribute-partial-list\">Arm CPUID Attribute (Partial List)</h4>\n\n<table>\n <thead>\n <tr>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>IDIVA</td>\n <td>Integer divide instructions available in ARM mode</td>\n </tr>\n <tr>\n <td>IDIVT</td>\n <td>Integer divide instructions available in Thumb mode</td>\n </tr>\n <tr>\n <td>THUMB</td>\n <td>Thumb instructions</td>\n </tr>\n <tr>\n <td>FASTMUL</td>\n <td>Fast multiplication</td>\n </tr>\n <tr>\n <td>VFP</td>\n <td>Vector floating point instruction extension (VFP)</td>\n </tr>\n <tr>\n <td>VFPv3</td>\n <td>Vector floating point extension v3</td>\n </tr>\n <tr>\n <td>VFPv4</td>\n <td>Vector floating point extension v4</td>\n </tr>\n <tr>\n <td>VFPD32</td>\n <td>VFP with 32 D-registers</td>\n </tr>\n <tr>\n <td>HALF</td>\n <td>Half-word loads and stores</td>\n </tr>\n <tr>\n <td>EDSP</td>\n <td>DSP extensions</td>\n </tr>\n <tr>\n <td>NEON</td>\n <td>NEON SIMD instructions</td>\n </tr>\n <tr>\n <td>LPAE</td>\n <td>Large Physical Address Extensions</td>\n </tr>\n </tbody>\n</table>\n\n<h4 id=\"arm64-cpuid-attribute-partial-list\">Arm64 CPUID Attribute (Partial List)</h4>\n\n<table>\n <thead>\n <tr>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>AES</td>\n <td>Announcing the Advanced Encryption Standard</td>\n </tr>\n <tr>\n <td>EVSTRM</td>\n <td>Event Stream Frequency Features</td>\n </tr>\n <tr>\n <td>FPHP</td>\n <td>Half Precision(16bit) Floating Point Data Processing Instructions</td>\n </tr>\n <tr>\n <td>ASIMDHP</td>\n <td>Half Precision(16bit) Asimd Data Processing Instructions</td>\n </tr>\n <tr>\n <td>ATOMICS</td>\n <td>Atomic Instructions to the A64</td>\n </tr>\n <tr>\n <td>ASIMRDM</td>\n <td>Support for Rounding Double Multiply Add/Subtract</td>\n </tr>\n <tr>\n <td>PMULL</td>\n <td>Optional Cryptographic and CRC32 Instructions</td>\n </tr>\n <tr>\n <td>JSCVT</td>\n <td>Perform Conversion to Match Javascript</td>\n </tr>\n <tr>\n <td>DCPOP</td>\n <td>Persistent Memory Support</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"custom-features\">Custom Features</h3>\n\n<p>The Custom feature source allows the user to define features based on a mix of\npredefined rules. A rule is provided input witch affects its process of\nmatching for a defined feature.</p>\n\n<p>To aid in making Custom Features clearer, we define a general and a per rule\nnomenclature, keeping things as consistent as possible.</p>\n\n<h4 id=\"general-nomenclature--definitions\">General Nomenclature & Definitions</h4>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>Rule :Represents a matching logic that is used to match on a feature.\nRule Input :The input a Rule is provided. This determines how a Rule performs the match operation.\nMatcher :A composition of Rules, each Matcher may be composed of at most one instance of each Rule.\n</code></pre> </div></div>\n\n<h4 id=\"custom-features-format-using-the-nomenclature-defined-above\">Custom Features Format (using the Nomenclature defined above)</h4>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s\"><feature name></span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"s\"><Rule-1></span><span class=\"pi\">:</span> <span class=\"s\"><Rule-1 Input></span>\n <span class=\"pi\">[</span><span class=\"nv\"><Rule-2></span><span class=\"pi\">:</span> <span class=\"nv\"><Rule-2 Input></span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"s\"><Matcher-2></span>\n <span class=\"pi\">-</span> <span class=\"s\">...</span>\n <span class=\"pi\">-</span> <span class=\"s\">...</span>\n <span class=\"pi\">-</span> <span class=\"s\"><Matcher-N></span>\n<span class=\"pi\">-</span> <span class=\"s\"><custom feature 2></span>\n<span class=\"pi\">-</span> <span class=\"s\">...</span>\n<span class=\"pi\">-</span> <span class=\"s\">...</span>\n<span class=\"pi\">-</span> <span class=\"s\"><custom feature M></span>\n</code></pre> </div></div>\n\n<h4 id=\"matching-process\">Matching process</h4>\n\n<p>Specifying Rules to match on a feature is done by providing a list of Matchers.\nEach Matcher contains one or more Rules.</p>\n\n<p>Logical <em>OR</em> is performed between Matchers and logical <em>AND</em> is performed\nbetween Rules of a given Matcher.</p>\n\n<h4 id=\"rules\">Rules</h4>\n\n<h5 id=\"pciid-rule\">PciId Rule</h5>\n\n<h6 id=\"nomenclature\">Nomenclature</h6>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>Attribute :A PCI attribute.\nElement :An identifier of the PCI attribute.\n</code></pre> </div></div>\n\n<p>The PciId Rule allows matching the PCI devices in the system on the following\nAttributes: <code class=\"language-plaintext highlighter-rouge\">class</code>,<code class=\"language-plaintext highlighter-rouge\">vendor</code> and <code class=\"language-plaintext highlighter-rouge\">device</code>. A list of Elements is provided for\neach Attribute.</p>\n\n<h6 id=\"format\">Format</h6>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"na\">pciId </span><span class=\"pi\">:</span>\n <span class=\"na\">class</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><class id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><vendor id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><device id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n</code></pre> </div></div>\n\n<p>Matching is done by performing a logical <em>OR</em> between Elements of an Attribute\nand logical <em>AND</em> between the specified Attributes for each PCI device in the\nsystem. At least one Attribute must be specified. Missing attributes will not\npartake in the matching process.</p>\n\n<h5 id=\"usbid-rule\">UsbId Rule</h5>\n\n<h6 id=\"nomenclature-1\">Nomenclature</h6>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>Attribute :A USB attribute.\nElement :An identifier of the USB attribute.\n</code></pre> </div></div>\n\n<p>The UsbId Rule allows matching the USB devices in the system on the following Attributes: <code class=\"language-plaintext highlighter-rouge\">class</code>,<code class=\"language-plaintext highlighter-rouge\">vendor</code> and\n<code class=\"language-plaintext highlighter-rouge\">device</code>. A list of Elements is provided for each Attribute.</p>\n\n<h6 id=\"format-1\">Format</h6>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"na\">usbId </span><span class=\"pi\">:</span>\n <span class=\"na\">class</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><class id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><vendor id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><device id></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n</code></pre> </div></div>\n\n<p>Matching is done by performing a logical <em>OR</em> between Elements of an Attribute\nand logical <em>AND</em> between the specified Attributes for each USB device in the\nsystem. At least one Attribute must be specified. Missing attributes will not\npartake in the matching process.</p>\n\n<h5 id=\"loadedkmod-rule\">LoadedKMod Rule</h5>\n\n<h6 id=\"nomenclature-2\">Nomenclature</h6>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>Element :A kernel module\n</code></pre> </div></div>\n\n<p>The LoadedKMod Rule allows matching the loaded kernel modules in the system against a provided list of Elements.</p>\n\n<h6 id=\"format-2\">Format</h6>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"na\">loadedKMod </span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"nv\"><kernel module></span><span class=\"pi\">,</span> <span class=\"nv\">...</span><span class=\"pi\">]</span>\n</code></pre> </div></div>\n\n<p>Matching is done by performing logical <em>AND</em> for each provided Element, i.e the\nRule will match if all provided Elements (kernel modules) are loaded\n in the system.</p>\n\n<h4 id=\"example\">Example</h4>\n\n<div class=\"language-yaml highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code><span class=\"na\">custom</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">my.kernel.feature\"</span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">loadedKMod</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">kmod1\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">kmod2\"</span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">my.pci.feature\"</span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">pciId</span><span class=\"pi\">:</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">15b3\"</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">1014\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">1017\"</span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">my.usb.feature\"</span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">usbId</span><span class=\"pi\">:</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">1d6b\"</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">0003\"</span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">my.combined.feature\"</span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">loadedKMod </span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">vendor_kmod1\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">vendor_kmod2\"</span><span class=\"pi\">]</span>\n <span class=\"na\">pciId</span><span class=\"pi\">:</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">15b3\"</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">1014\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">1017\"</span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"na\">name</span><span class=\"pi\">:</span> <span class=\"s2\">\"</span><span class=\"s\">my.accumulated.feature\"</span>\n <span class=\"na\">matchOn</span><span class=\"pi\">:</span>\n <span class=\"pi\">-</span> <span class=\"na\">loadedKMod </span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">some_kmod1\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">some_kmod2\"</span><span class=\"pi\">]</span>\n <span class=\"pi\">-</span> <span class=\"na\">pciId</span><span class=\"pi\">:</span>\n <span class=\"na\">vendor</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">15b3\"</span><span class=\"pi\">]</span>\n <span class=\"na\">device</span><span class=\"pi\">:</span> <span class=\"pi\">[</span><span class=\"s2\">\"</span><span class=\"s\">1014\"</span><span class=\"pi\">,</span> <span class=\"s2\">\"</span><span class=\"s\">1017\"</span><span class=\"pi\">]</span>\n</code></pre> </div></div>\n\n<p><strong>In the example above:</strong></p>\n\n<ul>\n <li>A node would contain the label:\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/custom-my.kernel.feature=true</code> if the node has\n<code class=\"language-plaintext highlighter-rouge\">kmod1</code> <em>AND</em> <code class=\"language-plaintext highlighter-rouge\">kmod2</code> kernel modules loaded.</li>\n <li>A node would contain the label:\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/custom-my.pci.feature=true</code> if the node contains\na PCI device with a PCI vendor ID of <code class=\"language-plaintext highlighter-rouge\">15b3</code> <em>AND</em> PCI device ID of <code class=\"language-plaintext highlighter-rouge\">1014</code>\n<em>OR</em> <code class=\"language-plaintext highlighter-rouge\">1017</code>.</li>\n <li>A node would contain the label:\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/custom-my.usb.feature=true</code> if the node contains\na USB device with a USB vendor ID of <code class=\"language-plaintext highlighter-rouge\">1d6b</code> <em>AND</em> USB device ID of <code class=\"language-plaintext highlighter-rouge\">0003</code>.</li>\n <li>A node would contain the label:\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/custom-my.combined.feature=true</code> if\n<code class=\"language-plaintext highlighter-rouge\">vendor_kmod1</code> <em>AND</em> <code class=\"language-plaintext highlighter-rouge\">vendor_kmod2</code> kernel modules are loaded <strong>AND</strong> the\nnode contains a PCI device with a PCI vendor ID of <code class=\"language-plaintext highlighter-rouge\">15b3</code> <em>AND</em> PCI device ID\nof <code class=\"language-plaintext highlighter-rouge\">1014</code> <em>or</em> <code class=\"language-plaintext highlighter-rouge\">1017</code>.</li>\n <li>A node would contain the label:\n<code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io/custom-my.accumulated.feature=true</code> if\n<code class=\"language-plaintext highlighter-rouge\">some_kmod1</code> <em>AND</em> <code class=\"language-plaintext highlighter-rouge\">some_kmod2</code> kernel modules are loaded <strong>OR</strong> the node\ncontains a PCI device with a PCI vendor ID of <code class=\"language-plaintext highlighter-rouge\">15b3</code> <em>AND</em> PCI device ID of\n<code class=\"language-plaintext highlighter-rouge\">1014</code> <em>OR</em> <code class=\"language-plaintext highlighter-rouge\">1017</code>.</li>\n</ul>\n\n<h4 id=\"statically-defined-features\">Statically defined features</h4>\n\n<p>Some feature labels which are common and generic are defined statically in the\n<code class=\"language-plaintext highlighter-rouge\">custom</code> feature source. A user may add additional Matchers to these feature\nlabels by defining them in the <code class=\"language-plaintext highlighter-rouge\">nfd-worker</code> configuration file.</p>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>rdma</td>\n <td>capable</td>\n <td>The node has an RDMA capable Network adapter</td>\n </tr>\n <tr>\n <td>rdma</td>\n <td>enabled</td>\n <td>The node has the needed RDMA modules loaded to run RDMA traffic</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"iommu-features\">IOMMU Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature name</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>enabled</td>\n <td>IOMMU is present and enabled in the kernel</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"kernel-features\">Kernel Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>config</td>\n <td><option name></td>\n <td>Kernel config option is enabled (set ‘y’ or ‘m’).<br /> Default options are <code class=\"language-plaintext highlighter-rouge\">NO_HZ</code>, <code class=\"language-plaintext highlighter-rouge\">NO_HZ_IDLE</code>, <code class=\"language-plaintext highlighter-rouge\">NO_HZ_FULL</code> and <code class=\"language-plaintext highlighter-rouge\">PREEMPT</code></td>\n </tr>\n <tr>\n <td>selinux</td>\n <td>enabled</td>\n <td>Selinux is enabled on the node</td>\n </tr>\n <tr>\n <td>version</td>\n <td>full</td>\n <td>Full kernel version as reported by <code class=\"language-plaintext highlighter-rouge\">/proc/sys/kernel/osrelease</code> (e.g. ‘4.5.6-7-g123abcde’)</td>\n </tr>\n <tr>\n <td> </td>\n <td>major</td>\n <td>First component of the kernel version (e.g. ‘4’)</td>\n </tr>\n <tr>\n <td> </td>\n <td>minor</td>\n <td>Second component of the kernel version (e.g. ‘5’)</td>\n </tr>\n <tr>\n <td> </td>\n <td>revision</td>\n <td>Third component of the kernel version (e.g. ‘6’)</td>\n </tr>\n </tbody>\n</table>\n\n<p>Kernel config file to use, and, the set of config options to be detected are\nconfigurable.\nSee <a href=\"deployment-and-usage#configuration\">configuration</a> for\nmore information.</p>\n\n<h3 id=\"memory-features\">Memory Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>numa</td>\n <td> </td>\n <td>Multiple memory nodes i.e. NUMA architecture detected</td>\n </tr>\n <tr>\n <td>nv</td>\n <td>present</td>\n <td>NVDIMM device(s) are present</td>\n </tr>\n <tr>\n <td>nv</td>\n <td>dax</td>\n <td>NVDIMM region(s) configured in DAX mode are present</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"network-features\">Network Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>sriov</td>\n <td>capable</td>\n <td><a href=\"http://www.intel.com/content/www/us/en/pci-express/pci-sig-sr-iov-primer-sr-iov-technology-paper.html\">Single Root Input/Output Virtualization</a> (SR-IOV) enabled Network Interface Card(s) present</td>\n </tr>\n <tr>\n <td> </td>\n <td>configured</td>\n <td>SR-IOV virtual functions have been configured</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"pci-features\">PCI Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td><device label></td>\n <td>present</td>\n <td>PCI device is detected</td>\n </tr>\n <tr>\n <td><device label></td>\n <td>sriov.capable</td>\n <td><a href=\"http://www.intel.com/content/www/us/en/pci-express/pci-sig-sr-iov-primer-sr-iov-technology-paper.html\">Single Root Input/Output Virtualization</a> (SR-IOV) enabled PCI device present</td>\n </tr>\n </tbody>\n</table>\n\n<p><code class=\"language-plaintext highlighter-rouge\"><device label></code> is composed of raw PCI IDs, separated by underscores.\nThe set of fields used in <code class=\"language-plaintext highlighter-rouge\"><device label></code> is configurable, valid fields being\n<code class=\"language-plaintext highlighter-rouge\">class</code>, <code class=\"language-plaintext highlighter-rouge\">vendor</code>, <code class=\"language-plaintext highlighter-rouge\">device</code>, <code class=\"language-plaintext highlighter-rouge\">subsystem_vendor</code> and <code class=\"language-plaintext highlighter-rouge\">subsystem_device</code>.\nDefaults are <code class=\"language-plaintext highlighter-rouge\">class</code> and <code class=\"language-plaintext highlighter-rouge\">vendor</code>. An example label using the default\nlabel fields:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>feature.node.kubernetes.io/pci-1200_8086.present=true\n</code></pre> </div></div>\n\n<p>Also the set of PCI device classes that the feature source detects is\nconfigurable. By default, device classes (0x)03, (0x)0b40 and (0x)12, i.e.\nGPUs, co-processors and accelerator cards are detected.</p>\n\n<h3 id=\"usb-features\">USB Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td><device label></td>\n <td>present</td>\n <td>USB device is detected</td>\n </tr>\n </tbody>\n</table>\n\n<p><code class=\"language-plaintext highlighter-rouge\"><device label></code> is composed of raw USB IDs, separated by underscores.\nThe set of fields used in <code class=\"language-plaintext highlighter-rouge\"><device label></code> is configurable, valid fields being\n<code class=\"language-plaintext highlighter-rouge\">class</code>, <code class=\"language-plaintext highlighter-rouge\">vendor</code>, and <code class=\"language-plaintext highlighter-rouge\">device</code>.\nDefaults are <code class=\"language-plaintext highlighter-rouge\">class</code>, <code class=\"language-plaintext highlighter-rouge\">vendor</code> and <code class=\"language-plaintext highlighter-rouge\">device</code>. An example label using the default\nlabel fields:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>feature.node.kubernetes.io/usb-fe_1a6e_089a.present=true\n</code></pre> </div></div>\n\n<p>See <a href=\"deployment-and-usage#configuration\">configuration</a> for more\ninformation on NFD config.</p>\n\n<h3 id=\"storage-features\">Storage Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature name</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>nonrotationaldisk</td>\n <td>Non-rotational disk, like SSD, is present in the node</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"system-features\">System Features</h3>\n\n<table>\n <thead>\n <tr>\n <th>Feature</th>\n <th>Attribute</th>\n <th>Description</th>\n </tr>\n </thead>\n <tbody>\n <tr>\n <td>os_release</td>\n <td>ID</td>\n <td>Operating system identifier</td>\n </tr>\n <tr>\n <td> </td>\n <td>VERSION_ID</td>\n <td>Operating system version identifier (e.g. ‘6.7’)</td>\n </tr>\n <tr>\n <td> </td>\n <td>VERSION_ID.major</td>\n <td>First component of the OS version id (e.g. ‘6’)</td>\n </tr>\n <tr>\n <td> </td>\n <td>VERSION_ID.minor</td>\n <td>Second component of the OS version id (e.g. ‘7’)</td>\n </tr>\n </tbody>\n</table>\n\n<h3 id=\"feature-detector-hooks-user-specific-features\">Feature Detector Hooks (User-specific Features)</h3>\n\n<p>NFD has a special feature source named <em>local</em> which is designed for getting the\nlabels from user-specific feature detector. It provides a mechanism for users to\nimplement custom feature sources in a pluggable way, without modifying nfd\nsource code or Docker images. The local feature source can be used to advertise\nnew user-specific features, and, for overriding labels created by the other\nfeature sources.</p>\n\n<p>The <em>local</em> feature source gets its labels by two different ways:</p>\n\n<ul>\n <li>It tries to execute files found under\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/source.d/</code> directory. The hook files\nmust be executable and they are supposed to print all discovered features in\n<code class=\"language-plaintext highlighter-rouge\">stdout</code>, one per line. With ELF binaries static linking is recommended as\nthe selection of system libraries available in the NFD release image is very\nlimited. Other runtimes currently supported by the NFD stock image are bash\nand perl.</li>\n <li>It reads files found under\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/features.d/</code> directory. The file\ncontent is expected to be similar to the hook output (described above).</li>\n</ul>\n\n<p>These directories must be available inside the Docker image so Volumes and\nVolumeMounts must be used if standard NFD images are used. The given template\nfiles mount by default the <code class=\"language-plaintext highlighter-rouge\">source.d</code> and the <code class=\"language-plaintext highlighter-rouge\">features.d</code> directories\nrespectively from <code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/source.d/</code> and\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/features.d/</code> from the host. You should\nupdate them to match your needs.</p>\n\n<p>In both cases, the labels can be binary or non binary, using either <code class=\"language-plaintext highlighter-rouge\"><name></code> or\n<code class=\"language-plaintext highlighter-rouge\"><name>=<value></code> format.</p>\n\n<p>Unlike the other feature sources, the name of the file, instead of the name of\nthe feature source (that would be <code class=\"language-plaintext highlighter-rouge\">local</code> in this case), is used as a prefix in\nthe label name, normally. However, if the <code class=\"language-plaintext highlighter-rouge\"><name></code> of the label starts with a\nslash (<code class=\"language-plaintext highlighter-rouge\">/</code>) it is used as the label name as is, without any additional prefix.\nThis makes it possible for the user to fully control the feature label names,\ne.g. for overriding labels created by other feature sources.</p>\n\n<p>You can also override the default namespace of your labels using this format:\n<code class=\"language-plaintext highlighter-rouge\"><namespace>/<name>[=<value>]</code>. You must whitelist your namespace using the\n<code class=\"language-plaintext highlighter-rouge\">--extra-label-ns</code> option on the master. In this case, the name of the\nfile will not be added to the label name. For example, if you want to add the\nlabel <code class=\"language-plaintext highlighter-rouge\">my.namespace.org/my-label=value</code>, your hook output or file must contains\n<code class=\"language-plaintext highlighter-rouge\">my.namespace.org/my-label=value</code> and you must add\n<code class=\"language-plaintext highlighter-rouge\">--extra-label-ns=my.namespace.org</code> on the master command line.</p>\n\n<p><code class=\"language-plaintext highlighter-rouge\">stderr</code> output of the hooks is propagated to NFD log so it can be used for\ndebugging and logging.</p>\n\n<h4 id=\"injecting-labels-from-other-pods\">Injecting Labels from Other Pods</h4>\n\n<p>One use case for the hooks and/or feature files is detecting features in other\nPods outside NFD, e.g. in Kubernetes device plugins. It is possible to mount\nthe <code class=\"language-plaintext highlighter-rouge\">source.d</code> and/or <code class=\"language-plaintext highlighter-rouge\">features.d</code> directories common with the NFD Pod and\ndeploy the custom hooks/features there. NFD will periodically scan the\ndirectories and run any hooks and read any feature files it finds. The\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/blob/release-0.6/nfd-worker-daemonset.yaml.template#L69\">example nfd-worker deployment template</a>\ncontains <code class=\"language-plaintext highlighter-rouge\">hostPath</code> mounts for <code class=\"language-plaintext highlighter-rouge\">sources.d</code> and <code class=\"language-plaintext highlighter-rouge\">features.d</code> directories. By\nusing the same mounts in the secondary Pod (e.g. device plugin) you have\ncreated a shared area for delivering hooks and feature files to NFD.</p>\n\n<h4 id=\"a-hook-example\">A Hook Example</h4>\n\n<p>User has a shell script\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/source.d/my-source</code> which has the\nfollowing <code class=\"language-plaintext highlighter-rouge\">stdout</code> output:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>MY_FEATURE_1\nMY_FEATURE_2=myvalue\n/override_source-OVERRIDE_BOOL\n/override_source-OVERRIDE_VALUE=123\noverride.namespace/value=456\n</code></pre> </div></div>\n\n<p>which, in turn, will translate into the following node labels:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>feature.node.kubernetes.io/my-source-MY_FEATURE_1=true\nfeature.node.kubernetes.io/my-source-MY_FEATURE_2=myvalue\nfeature.node.kubernetes.io/override_source-OVERRIDE_BOOL=true\nfeature.node.kubernetes.io/override_source-OVERRIDE_VALUE=123\noverride.namespace/value=456\n</code></pre> </div></div>\n\n<h4 id=\"a-file-example\">A File Example</h4>\n\n<p>User has a file\n<code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/features.d/my-source</code> which contains the\nfollowing lines:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>MY_FEATURE_1\nMY_FEATURE_2=myvalue\n/override_source-OVERRIDE_BOOL\n/override_source-OVERRIDE_VALUE=123\noverride.namespace/value=456\n</code></pre> </div></div>\n\n<p>which, in turn, will translate into the following node labels:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code>feature.node.kubernetes.io/my-source-MY_FEATURE_1=true\nfeature.node.kubernetes.io/my-source-MY_FEATURE_2=myvalue\nfeature.node.kubernetes.io/override_source-OVERRIDE_BOOL=true\nfeature.node.kubernetes.io/override_source-OVERRIDE_VALUE=123\noverride.namespace/value=456\n</code></pre> </div></div>\n\n<p>NFD tries to run any regular files found from the hooks directory. Any\nadditional data files your hook might need (e.g. a configuration file) should\nbe placed in a separate directory in order to avoid NFD unnecessarily trying to\nexecute these. You can use a subdirectory under the hooks directory, for\nexample <code class=\"language-plaintext highlighter-rouge\">/etc/kubernetes/node-feature-discovery/source.d/conf/</code>.</p>\n\n<p><strong>NOTE!</strong> NFD will blindly run any executables placed/mounted in the hooks\ndirectory. It is the user’s responsibility to review the hooks for e.g.\npossible security implications.</p>\n\n<p><strong>NOTE!</strong> Be careful when creating and/or updating hook or feature files while\nNFD is running. In order to avoid race conditions you should write into a\ntemporary file (outside the <code class=\"language-plaintext highlighter-rouge\">source.d</code> and <code class=\"language-plaintext highlighter-rouge\">features.d</code> directories), and,\natomically create/update the original file by doing a filesystem move\noperation.</p>\n\n<h2 id=\"extended-resources-experimental\">Extended resources (experimental)</h2>\n\n<p>This feature is experimental and by no means a replacement for the usage of\ndevice plugins.</p>\n\n<p>Labels which have integer values, can be promoted to Kubernetes extended\nresources by listing them to the master <code class=\"language-plaintext highlighter-rouge\">--resource-labels</code> command line flag.\nThese labels won’t then show in the node label section, they will appear only\nas extended resources.</p>\n\n<p>An example use-case for the extended resources could be based on a hook which\ncreates a label for the node SGX EPC memory section size. By giving the name of\nthat label in the <code class=\"language-plaintext highlighter-rouge\">--resource-labels</code> flag, that value will then turn into an\nextended resource of the node, allowing PODs to request that resource and the\nKubernetes scheduler to schedule such PODs to only those nodes which have a\nsufficient capacity of said resource left.</p>\n\n<p>Similar to labels, the default namespace <code class=\"language-plaintext highlighter-rouge\">feature.node.kubernetes.io</code> is\nautomatically prefixed to the extended resource, if the promoted label doesn’t\nhave a namespace.</p>\n\n<p>Example usage of the command line arguments, using a new namespace:\n<code class=\"language-plaintext highlighter-rouge\">nfd-master --resource-labels=my_source-my.feature,sgx.some.ns/epc --extra-label-ns=sgx.some.ns</code></p>\n\n<p>The above would result in following extended resources provided that related\nlabels exist:</p>\n\n<div class=\"language-plaintext highlighter-rouge\"><div class=\"highlight\"><pre class=\"highlight\"><code> sgx.some.ns/epc: <label value>\n feature.node.kubernetes.io/my_source-my.feature: <label value>\n</code></pre> </div></div>\n\n<!-- Links -->\n","dir":"/get-started/","name":"features.md","path":"get-started/features.md","url":"/get-started/features.html"},{"title":"Examples and Demos","layout":"default","sort":5,"content":"<h1 class=\"no_toc\" id=\"examples-and-demos\">Examples And Demos</h1>\n\n<h2 class=\"no_toc text-delta\" id=\"table-of-contents\">Table of Contents</h2>\n\n<ol id=\"markdown-toc\">\n <li><a href=\"#demos\" id=\"markdown-toc-demos\">Demos</a> <ol>\n <li><a href=\"#usage-demo\" id=\"markdown-toc-usage-demo\">Usage demo</a></li>\n <li><a href=\"#demo-use-case\" id=\"markdown-toc-demo-use-case\">Demo Use Case</a></li>\n </ol>\n </li>\n</ol>\n\n<hr />\n\n<p>This page contains usage examples and demos.</p>\n\n<h2 id=\"demos\">Demos</h2>\n\n<h3 id=\"usage-demo\">Usage demo</h3>\n\n<p><a href=\"https://asciinema.org/a/247316\"><img src=\"https://asciinema.org/a/247316.svg\" alt=\"asciicast\" /></a></p>\n\n<h3 id=\"demo-use-case\">Demo Use Case</h3>\n\n<p>A demo on the benefits of using node feature discovery can be found in the\nsource code repository under\n<a href=\"https://github.com/kubernetes-sigs/node-feature-discovery/tree/release-0.6/demo\">demo/</a>.</p>\n","dir":"/get-started/","name":"examples-and-demos.md","path":"get-started/examples-and-demos.md","url":"/get-started/examples-and-demos.html"}] |