mirror of
https://github.com/kubernetes-sigs/node-feature-discovery.git
synced 2025-03-09 10:17:04 +00:00
c8d73666d6
Support templating of label names in feature rules. It is available both
in NodeFeatureRule CRs and in custom rule configuration of nfd-worker.
This patch adds a new 'labelsTemplate' field to the rule spec, making it
possible to dynamically generate multiple labels per rule based on the
matched features. The feature relies on the golang "text/template"
package. When expanded, the template must contain labels in a raw
<key>[=<value>] format (where 'value' defaults to "true"), separated by
newlines i.e.:
- name: <rule-name>
labelsTemplate: |
<label-1>[=<value-1>]
<label-2>[=<value-2>]
...
All the matched features of 'matchFeatures' directives are available for
templating engine in a nested data structure that can be described in
yaml as:
.
<domain-1>:
<key-feature-1>:
- Name: <matched-key>
- ...
<value-feature-1:
- Name: <matched-key>
Value: <matched-value>
- ...
<instance-feature-1>:
- <attribute-1-name>: <attribute-1-value>
<attribute-2-name>: <attribute-2-value>
...
- ...
<domain-2>:
...
That is, the per-feature data available for matching depends on the type
of feature that was matched:
- "key features": only 'Name' is available
- "value features": 'Name' and 'Value' can be used
- "instance features": all attributes of the matched instance are
available
NOTE: In case of matchAny is specified, the template is executed
separately against each individual matchFeatures matcher and the
eventual set of labels is a superset of all these expansions. Consider
the following:
- name: <name>
labelsTemplate: <template>
matchAny:
- matchFeatures: <matcher#1>
- matchFeatures: <matcher#2>
matchFeatures: <matcher#3>
In the example above (assuming the overall result is a match) the
template would be executed on matcher#1 and/or matcher#2 (depending on
whether both or only one of them match), and finally on matcher#3, and
all the labels from these separate expansions would be created (i.e. the
end result would be a union of all the individual expansions).
NOTE 2: The 'labels' field has priority over 'labelsTemplate', i.e.
labels specified in the 'labels' field will override any labels
originating from the 'labelsTemplate' field.
A special case of an empty match expression set matches everything (i.e.
matches/returns all existing keys/values). This makes it simpler to
write templates that run over all values. Also, makes it possible to
later implement support for templates that run over all _keys_ of a
feature.
Some example configurations:
- name: "my-pci-template-features"
labelsTemplate: |
{{ range .pci.device }}intel-{{ .class }}-{{ .device }}=present
{{ end }}
matchFeatures:
- feature: pci.device
matchExpressions:
class: {op: InRegexp, value: ["^06"]}
vendor: ["8086"]
- name: "my-system-template-features"
labelsTemplate: |
{{ range .system.osrelease }}system-{{ .Name }}={{ .Value }}
{{ end }}
matchFeatures:
- feature: system.osRelease
matchExpressions:
ID: {op: Exists}
VERSION_ID.major: {op: Exists}
Imaginative template pipelines are possible, of course, but care must be
taken in order to produce understandable and maintainable rule sets.
208 lines
10 KiB
YAML
208 lines
10 KiB
YAML
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.7.0
|
|
creationTimestamp: null
|
|
name: nodefeaturerules.nfd.k8s-sigs.io
|
|
spec:
|
|
group: nfd.k8s-sigs.io
|
|
names:
|
|
kind: NodeFeatureRule
|
|
listKind: NodeFeatureRuleList
|
|
plural: nodefeaturerules
|
|
singular: nodefeaturerule
|
|
scope: Cluster
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: NodeFeatureRule resource specifies a configuration for feature-based
|
|
customization of node objects, such as node labeling.
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: NodeFeatureRuleSpec describes a NodeFeatureRule.
|
|
properties:
|
|
rules:
|
|
description: Rules is a list of node customization rules.
|
|
items:
|
|
description: Rule defines a rule for node customization such as
|
|
labeling.
|
|
properties:
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
description: Labels to create if the rule matches.
|
|
type: object
|
|
labelsTemplate:
|
|
description: LabelsTemplate specifies a template to expand for
|
|
dynamically generating multiple labels. Data (after template
|
|
expansion) must be keys with an optional value (<key>[=<value>])
|
|
separated by newlines.
|
|
type: string
|
|
matchAny:
|
|
description: MatchAny specifies a list of matchers one of which
|
|
must match.
|
|
items:
|
|
description: MatchAnyElem specifies one sub-matcher of MatchAny.
|
|
properties:
|
|
matchFeatures:
|
|
description: MatchFeatures specifies a set of matcher
|
|
terms all of which must match.
|
|
items:
|
|
description: FeatureMatcherTerm defines requirements
|
|
against one feature set. All requirements (specified
|
|
as MatchExpressions) are evaluated against each element
|
|
in the feature set.
|
|
properties:
|
|
feature:
|
|
type: string
|
|
matchExpressions:
|
|
additionalProperties:
|
|
description: "MatchExpression specifies an expression
|
|
to evaluate against a set of input values. It
|
|
contains an operator that is applied when matching
|
|
the input and an array of values that the operator
|
|
evaluates the input against. \n NB: CreateMatchExpression
|
|
or MustCreateMatchExpression() should be used
|
|
for creating new instances. NB: Validate()
|
|
must be called if Op or Value fields are modified
|
|
or if a new instance is created from scratch
|
|
without using the helper functions."
|
|
properties:
|
|
op:
|
|
description: Op is the operator to be applied.
|
|
enum:
|
|
- In
|
|
- NotIn
|
|
- InRegexp
|
|
- Exists
|
|
- DoesNotExist
|
|
- Gt
|
|
- Lt
|
|
- GtLt
|
|
- IsTrue
|
|
- IsFalse
|
|
type: string
|
|
value:
|
|
description: Value is the list of values that
|
|
the operand evaluates the input against.
|
|
Value should be empty if the operator is
|
|
Exists, DoesNotExist, IsTrue or IsFalse.
|
|
Value should contain exactly one element
|
|
if the operator is Gt or Lt and exactly
|
|
two elements if the operator is GtLt. In
|
|
other cases Value should contain at least
|
|
one element.
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- op
|
|
type: object
|
|
description: MatchExpressionSet contains a set of
|
|
MatchExpressions, each of which is evaluated against
|
|
a set of input values.
|
|
type: object
|
|
required:
|
|
- feature
|
|
- matchExpressions
|
|
type: object
|
|
type: array
|
|
required:
|
|
- matchFeatures
|
|
type: object
|
|
type: array
|
|
matchFeatures:
|
|
description: MatchFeatures specifies a set of matcher terms
|
|
all of which must match.
|
|
items:
|
|
description: FeatureMatcherTerm defines requirements against
|
|
one feature set. All requirements (specified as MatchExpressions)
|
|
are evaluated against each element in the feature set.
|
|
properties:
|
|
feature:
|
|
type: string
|
|
matchExpressions:
|
|
additionalProperties:
|
|
description: "MatchExpression specifies an expression
|
|
to evaluate against a set of input values. It contains
|
|
an operator that is applied when matching the input
|
|
and an array of values that the operator evaluates
|
|
the input against. \n NB: CreateMatchExpression or
|
|
MustCreateMatchExpression() should be used for creating
|
|
new instances. NB: Validate() must be called if Op
|
|
or Value fields are modified or if a new instance
|
|
is created from scratch without using the helper functions."
|
|
properties:
|
|
op:
|
|
description: Op is the operator to be applied.
|
|
enum:
|
|
- In
|
|
- NotIn
|
|
- InRegexp
|
|
- Exists
|
|
- DoesNotExist
|
|
- Gt
|
|
- Lt
|
|
- GtLt
|
|
- IsTrue
|
|
- IsFalse
|
|
type: string
|
|
value:
|
|
description: Value is the list of values that the
|
|
operand evaluates the input against. Value should
|
|
be empty if the operator is Exists, DoesNotExist,
|
|
IsTrue or IsFalse. Value should contain exactly
|
|
one element if the operator is Gt or Lt and exactly
|
|
two elements if the operator is GtLt. In other
|
|
cases Value should contain at least one element.
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- op
|
|
type: object
|
|
description: MatchExpressionSet contains a set of MatchExpressions,
|
|
each of which is evaluated against a set of input values.
|
|
type: object
|
|
required:
|
|
- feature
|
|
- matchExpressions
|
|
type: object
|
|
type: array
|
|
name:
|
|
description: Name of the rule.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
required:
|
|
- rules
|
|
type: object
|
|
required:
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
status:
|
|
acceptedNames:
|
|
kind: ""
|
|
plural: ""
|
|
conditions: []
|
|
storedVersions: []
|