mirrors/node-feature-discovery
mirrors/node-feature-discovery
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2025-03-28 02:37:11 +00:00
Code Activity
Node feature discovery for Kubernetes
1164 commits 15 branches 71 tags 137 MiB
Go 96.1%
Shell 2.2%
Makefile 1%
Smarty 0.4%
Dockerfile 0.1%
Other 0.1%
Find a file
Markus Lehtonen f62b057bcd cpu: re-organize security features 
Move existing security/trusted-execution related features (i.e. SGX and
SE) under the same "security" feature, deprecating the old features. The
motivation for the change is to keep the source code and user interface
more organized as we experience a constant inflow of similar security
related features. This change will affect the user interface so it is
less painful to do it early on.

New feature labels will be:

  feature.node.kubernetes.io/cpu-security.se.enabled
  feature.node.kubernetes.io/cpu-security.sgx.enabled

and correspondingly new "cpu.security" feature with "se.enabled" and
"sgx.enabled" elements will be available for custom rules, for example:

      - name: "sample sgx rule"
        labels:
          sgx.sample.feature: "true"
        matchFeatures:
          - feature: cpu.security
            matchExpressions:
              "sgx.enabled": {op: IsTrue}

At the same time deprecate old labels "cpu-sgx.enabled" and
"cpu-se.enabled" feature labels and the corresponding features for
custom rules. These will be removed in the future causing an effective
change in NFDs user interface.
2022-06-28 13:38:31 +03:00
.github github: small fix in new-release issue template 2022-06-07 18:43:19 +03:00
cmd nfd-worker: stop using deprecated strings.Title 2022-04-13 10:34:29 +03:00
demo demo: make demo runnable again 2020-09-10 17:09:53 +03:00
deployment helm: add annotations to daemonset and deployment 2022-03-24 12:13:29 +01:00
docs cpu: re-organize security features 2022-06-28 13:38:31 +03:00
examples docs: add customization guide 2022-01-08 09:56:05 +02:00
hack Iniital multi arch build 2022-01-20 15:41:08 +01:00
pkg apis/nfd: empty match expression set returns no features for templates 2022-03-24 11:43:42 +02:00
scripts scripts/test-infra: bump golangci-lint to v1.45.2 2022-04-13 09:53:55 +03:00
source cpu: re-organize security features 2022-06-28 13:38:31 +03:00
test go.mod: bump kubernetes to v1.23.1 2022-01-12 16:43:21 +02:00
.dockerignore dockerignore: tidy up and update 2020-05-19 10:13:54 +03:00
.gitignore Only add kustomization.yaml in the root to .gitignore 2021-08-26 15:27:03 +01:00
cloudbuild.yaml cloudbuild.yaml: decrease timeout to 25 minutes 2022-01-21 12:00:14 +02:00
code-of-conduct.md Update code-of-conduct.md 2017-12-20 14:12:51 -05:00
CONTRIBUTING.md Template project files 2016-07-22 22:13:48 -07:00
Dockerfile Dockerfile: update builder image to Go v1.18.1 2022-04-14 13:03:02 +03:00
go.mod Bump Go to 1.18 2022-03-21 10:25:32 -04:00
go.sum Bump Go to 1.18 2022-03-21 10:25:32 -04:00
LICENSE Template project files 2016-07-22 22:13:48 -07:00
Makefile Adding missing target dep 2022-01-20 17:01:54 +01:00
OWNERS Update OWNERS file 2021-02-15 12:10:51 +00:00
README.md README: update to v0.11.1 2022-06-08 09:18:48 +03:00
SECURITY_CONTACTS Update SECURITY_CONTACTS 2020-11-19 15:10:27 -05:00

README.md

Node Feature Discovery

Go Report Card Prow Build

Welcome to Node Feature Discovery a Kubernetes add-on for detecting hardware features and system configuration!

See our Documentation for detailed instructions and reference

Quick-start the short-short version

$ kubectl apply -k https://github.com/kubernetes-sigs/node-feature-discovery/deployment/overlays/default?ref=v0.11.1
  namespace/node-feature-discovery created
  customresourcedefinition.apiextensions.k8s.io/nodefeaturerules.nfd.k8s-sigs.io created
  serviceaccount/nfd-master created
  clusterrole.rbac.authorization.k8s.io/nfd-master created
  clusterrolebinding.rbac.authorization.k8s.io/nfd-master created
  configmap/nfd-worker-conf created
  service/nfd-master created
  deployment.apps/nfd-master created
  daemonset.apps/nfd-worker created

$ kubectl -n node-feature-discovery get all
  NAME                              READY   STATUS    RESTARTS   AGE
  pod/nfd-master-555458dbbc-sxg6w   1/1     Running   0          56s
  pod/nfd-worker-mjg9f              1/1     Running   0          17s
...

$ kubectl get no -o json | jq .items[].metadata.labels
  {
    "beta.kubernetes.io/arch": "amd64",
    "beta.kubernetes.io/os": "linux",
    "feature.node.kubernetes.io/cpu-cpuid.ADX": "true",
    "feature.node.kubernetes.io/cpu-cpuid.AESNI": "true",
...