mirror of
https://github.com/kubernetes-sigs/node-feature-discovery.git
synced 2025-04-07 09:35:23 +00:00
Node feature discovery for Kubernetes
b5b503c6a5
when OwnerReferencesPermissionEnforcement validating webhook is enabled additional permissions are required to set/update owner ref field. NFD worker sets/updates NodeFeature owner ref field to the worker pod and owning daemonset. owner reference can only be updated if the worker has delete permissions for NodeFeatures. if owner reference has blockOwnerDeletion (as the case for the daemonset owner reference) then it requires update permissions to the finalizers of the owner, to avoid this, we set blockOwnerDeleteion to false for all owners referenced from NFD worker pod when setting/updating NodeFeature owner ref. Signed-off-by: adrianc <adrianc@nvidia.com> |
||
|---|---|---|
| .github | ||
| api | ||
| cmd | ||
| demo | ||
| deployment | ||
| docs | ||
| enhancements | ||
| examples | ||
| hack | ||
| pkg | ||
| scripts | ||
| source | ||
| test | ||
| testdata | ||
| .dockerignore | ||
| .gitignore | ||
| cloudbuild.yaml | ||
| code-of-conduct.md | ||
| codecov.yml | ||
| CONTRIBUTING.md | ||
| Dockerfile | ||
| Dockerfile_generator | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| netlify.toml | ||
| OWNERS | ||
| README.md | ||
| SECURITY_CONTACTS | ||
| Tiltfile | ||
Node Feature Discovery
Welcome to Node Feature Discovery – a Kubernetes add-on for detecting hardware features and system configuration!
See our Documentation for detailed instructions and reference
Quick-start – the short-short version
$ kubectl apply -k "https://github.com/kubernetes-sigs/node-feature-discovery/deployment/overlays/default?ref=v0.17.0
namespace/node-feature-discovery created
customresourcedefinition.apiextensions.k8s.io/nodefeaturerules.nfd.k8s-sigs.io created
customresourcedefinition.apiextensions.k8s.io/nodefeatures.nfd.k8s-sigs.io created
serviceaccount/nfd-gc created
serviceaccount/nfd-master created
serviceaccount/nfd-worker created
role.rbac.authorization.k8s.io/nfd-worker created
clusterrole.rbac.authorization.k8s.io/nfd-gc created
clusterrole.rbac.authorization.k8s.io/nfd-master created
rolebinding.rbac.authorization.k8s.io/nfd-worker created
clusterrolebinding.rbac.authorization.k8s.io/nfd-gc created
clusterrolebinding.rbac.authorization.k8s.io/nfd-master created
configmap/nfd-master-conf created
configmap/nfd-worker-conf created
deployment.apps/nfd-gc created
deployment.apps/nfd-master created
daemonset.apps/nfd-worker created
$ kubectl -n node-feature-discovery get all
NAME READY STATUS RESTARTS AGE
pod/nfd-gc-565fc85d9b-94jpj 1/1 Running 0 18s
pod/nfd-master-6796d89d7b-qccrq 1/1 Running 0 18s
pod/nfd-worker-nwdp6 1/1 Running 0 18s
...
$ kubectl get no -o json | jq ".items[].metadata.labels"
{
"kubernetes.io/arch": "amd64",
"kubernetes.io/os": "linux",
"feature.node.kubernetes.io/cpu-cpuid.ADX": "true",
"feature.node.kubernetes.io/cpu-cpuid.AESNI": "true",
...