alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Activity
Files
5ca176e682b4c1f24cf697c6d989ef5bebec064d
infrastructure/clusters/cl01tl/manifests/node-feature-discovery/node-feature-discovery.yaml

1593 lines
61 KiB
YAML
Raw Blame History

---
# Source: node-feature-discovery/charts/node-feature-discovery/crds/nfd-api-crds.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
name: nodefeatures.nfd.k8s-sigs.io
spec:
group: nfd.k8s-sigs.io
names:
kind: NodeFeature
listKind: NodeFeatureList
plural: nodefeatures
singular: nodefeature
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: |-
NodeFeature resource holds the features discovered for one node in the
cluster.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Specification of the NodeFeature, containing features discovered
for a node.
properties:
features:
description: Features is the full "raw" features data that has been
discovered.
properties:
attributes:
additionalProperties:
description: AttributeFeatureSet is a set of features having
string value.
properties:
elements:
additionalProperties:
type: string
description: Individual features of the feature set.
type: object
required:
- elements
type: object
description: Attributes contains all the attribute-type features
of the node.
type: object
flags:
additionalProperties:
description: FlagFeatureSet is a set of simple features only
containing names without values.
properties:
elements:
additionalProperties:
description: |-
Nil is a dummy empty struct for protobuf compatibility.
NOTE: protobuf definitions have been removed but this is kept for API compatibility.
type: object
description: Individual features of the feature set.
type: object
required:
- elements
type: object
description: Flags contains all the flag-type features of the
node.
type: object
instances:
additionalProperties:
description: InstanceFeatureSet is a set of features each of
which is an instance having multiple attributes.
properties:
elements:
description: Individual features of the feature set.
items:
description: InstanceFeature represents one instance of
a complex features, e.g. a device.
properties:
attributes:
additionalProperties:
type: string
description: Attributes of the instance feature.
type: object
required:
- attributes
type: object
type: array
required:
- elements
type: object
description: Instances contains all the instance-type features
of the node.
type: object
type: object
labels:
additionalProperties:
type: string
description: Labels is the set of node labels that are requested to
be created.
type: object
type: object
required:
- spec
type: object
served: true
storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
name: nodefeaturegroups.nfd.k8s-sigs.io
spec:
group: nfd.k8s-sigs.io
names:
kind: NodeFeatureGroup
listKind: NodeFeatureGroupList
plural: nodefeaturegroups
shortNames:
- nfg
singular: nodefeaturegroup
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NodeFeatureGroup resource holds Node pools by featureGroup
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Spec defines the rules to be evaluated.
properties:
featureGroupRules:
description: List of rules to evaluate to determine nodes that belong
in this group.
items:
description: GroupRule defines a rule for nodegroup filtering.
properties:
matchAny:
description: MatchAny specifies a list of matchers one of which
must match.
items:
description: MatchAnyElem specifies one sub-matcher of MatchAny.
properties:
matchFeatures:
description: MatchFeatures specifies a set of matcher
terms all of which must match.
items:
description: |-
FeatureMatcherTerm defines requirements against one feature set. All
requirements (specified as MatchExpressions) are evaluated against each
element in the feature set.
properties:
feature:
description: Feature is the name of the feature
set to match against.
type: string
matchExpressions:
additionalProperties:
description: |-
MatchExpression specifies an expression to evaluate against a set of input
values. It contains an operator that is applied when matching the input and
an array of values that the operator evaluates the input against.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
description: |-
MatchExpressions is the set of per-element expressions evaluated. These
match against the value of the specified elements.
type: object
matchName:
description: |-
MatchName in an expression that is matched against the name of each
element in the feature set.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
required:
- feature
type: object
type: array
required:
- matchFeatures
type: object
type: array
matchFeatures:
description: MatchFeatures specifies a set of matcher terms
all of which must match.
items:
description: |-
FeatureMatcherTerm defines requirements against one feature set. All
requirements (specified as MatchExpressions) are evaluated against each
element in the feature set.
properties:
feature:
description: Feature is the name of the feature set to
match against.
type: string
matchExpressions:
additionalProperties:
description: |-
MatchExpression specifies an expression to evaluate against a set of input
values. It contains an operator that is applied when matching the input and
an array of values that the operator evaluates the input against.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
description: |-
MatchExpressions is the set of per-element expressions evaluated. These
match against the value of the specified elements.
type: object
matchName:
description: |-
MatchName in an expression that is matched against the name of each
element in the feature set.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
required:
- feature
type: object
type: array
name:
description: Name of the rule.
type: string
vars:
additionalProperties:
type: string
description: |-
Vars is the variables to store if the rule matches. Variables can be
referenced from other rules enabling more complex rule hierarchies.
type: object
varsTemplate:
description: |-
VarsTemplate specifies a template to expand for dynamically generating
multiple variables. Data (after template expansion) must be keys with an
optional value (<key>[=<value>]) separated by newlines.
type: string
required:
- name
type: object
type: array
required:
- featureGroupRules
type: object
status:
description: |-
Status of the NodeFeatureGroup after the most recent evaluation of the
specification.
properties:
nodes:
description: Nodes is a list of FeatureGroupNode in the cluster that
match the featureGroupRules
items:
properties:
name:
description: Name of the node.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.3
name: nodefeaturerules.nfd.k8s-sigs.io
spec:
group: nfd.k8s-sigs.io
names:
kind: NodeFeatureRule
listKind: NodeFeatureRuleList
plural: nodefeaturerules
shortNames:
- nfr
singular: nodefeaturerule
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: |-
NodeFeatureRule resource specifies a configuration for feature-based
customization of node objects, such as node labeling.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Spec defines the rules to be evaluated.
properties:
rules:
description: Rules is a list of node customization rules.
items:
description: Rule defines a rule for node customization such as
labeling.
properties:
annotations:
additionalProperties:
type: string
description: Annotations to create if the rule matches.
type: object
extendedResources:
additionalProperties:
type: string
description: ExtendedResources to create if the rule matches.
type: object
labels:
additionalProperties:
type: string
description: Labels to create if the rule matches.
type: object
labelsTemplate:
description: |-
LabelsTemplate specifies a template to expand for dynamically generating
multiple labels. Data (after template expansion) must be keys with an
optional value (<key>[=<value>]) separated by newlines.
type: string
matchAny:
description: MatchAny specifies a list of matchers one of which
must match.
items:
description: MatchAnyElem specifies one sub-matcher of MatchAny.
properties:
matchFeatures:
description: MatchFeatures specifies a set of matcher
terms all of which must match.
items:
description: |-
FeatureMatcherTerm defines requirements against one feature set. All
requirements (specified as MatchExpressions) are evaluated against each
element in the feature set.
properties:
feature:
description: Feature is the name of the feature
set to match against.
type: string
matchExpressions:
additionalProperties:
description: |-
MatchExpression specifies an expression to evaluate against a set of input
values. It contains an operator that is applied when matching the input and
an array of values that the operator evaluates the input against.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
description: |-
MatchExpressions is the set of per-element expressions evaluated. These
match against the value of the specified elements.
type: object
matchName:
description: |-
MatchName in an expression that is matched against the name of each
element in the feature set.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
required:
- feature
type: object
type: array
required:
- matchFeatures
type: object
type: array
matchFeatures:
description: MatchFeatures specifies a set of matcher terms
all of which must match.
items:
description: |-
FeatureMatcherTerm defines requirements against one feature set. All
requirements (specified as MatchExpressions) are evaluated against each
element in the feature set.
properties:
feature:
description: Feature is the name of the feature set to
match against.
type: string
matchExpressions:
additionalProperties:
description: |-
MatchExpression specifies an expression to evaluate against a set of input
values. It contains an operator that is applied when matching the input and
an array of values that the operator evaluates the input against.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
description: |-
MatchExpressions is the set of per-element expressions evaluated. These
match against the value of the specified elements.
type: object
matchName:
description: |-
MatchName in an expression that is matched against the name of each
element in the feature set.
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Ge
- Lt
- Le
- GtLt
- GeLe
- IsTrue
- IsFalse
type: string
type:
description: |-
Type defines the value type for specific operators.
The currently supported type is 'version' for Gt,Ge,Lt,Le,GtLt,GeLe operators.
type: string
value:
description: |-
Value is the list of values that the operand evaluates the input
against. Value should be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly one element if the
operator is Gt or Lt and exactly two elements if the operator is GtLt.
In other cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
required:
- feature
type: object
type: array
name:
description: Name of the rule.
type: string
taints:
description: Taints to create if the rule matches.
items:
description: |-
The node this Taint is attached to has the "effect" on
any pod that does not tolerate the Taint.
properties:
effect:
description: |-
Required. The effect of the taint on pods
that do not tolerate the taint.
Valid effects are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Required. The taint key to be applied to
a node.
type: string
timeAdded:
description: |-
TimeAdded represents the time at which the taint was added.
It is only written for NoExecute taints.
format: date-time
type: string
value:
description: The taint value corresponding to the taint
key.
type: string
required:
- effect
- key
type: object
type: array
vars:
additionalProperties:
type: string
description: |-
Vars is the variables to store if the rule matches. Variables do not
directly inflict any changes in the node object. However, they can be
referenced from other rules enabling more complex rule hierarchies,
without exposing intermediary output values as labels.
type: object
varsTemplate:
description: |-
VarsTemplate specifies a template to expand for dynamically generating
multiple variables. Data (after template expansion) must be keys with an
optional value (<key>[=<value>]) separated by newlines.
type: string
required:
- name
type: object
type: array
required:
- rules
type: object
required:
- spec
type: object
served: true
storage: true
---
# Source: node-feature-discovery/templates/namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: node-feature-discovery
labels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/part-of: node-feature-discovery
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-feature-discovery
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-feature-discovery-gc
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-feature-discovery-worker
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/nfd-master-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: node-feature-discovery-master-conf
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
data:
nfd-master.conf: |-
null
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/nfd-worker-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: node-feature-discovery-worker-conf
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
data:
nfd-worker.conf: |-
sources:
cpu:
cpuid:
attributeWhitelist:
- AVX512BW
- AVX512CD
- AVX512DQ
- AVX512F
- AVX512VL
custom:
- labels:
intel.feature.node.kubernetes.io/gpu: "true"
matchOn:
- pciId:
class:
- "0300"
vendor:
- "8086"
name: intel-gpu
kernel:
configOpts:
- NO_HZ
- X86
- DMI
pci:
deviceClassWhitelist:
- "0200"
- "01"
- "08"
- "0300"
- "0302"
deviceLabelFields:
- vendor
- device
- class
usb:
deviceClassWhitelist:
- "02"
- "03"
- 0e
- ef
- fe
- ff
deviceLabelFields:
- vendor
- device
- class
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
resources:
- namespaces
verbs:
- watch
- list
- apiGroups:
- ""
resources:
- nodes
- nodes/status
verbs:
- get
- patch
- update
- list
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
- nodefeaturerules
- nodefeaturegroups
verbs:
- get
- list
- watch
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeaturegroups/status
verbs:
- patch
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
resourceNames:
- "nfd-master.nfd.kubernetes.io"
verbs:
- get
- update
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: node-feature-discovery-gc
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/proxy
verbs:
- get
- apiGroups:
- topology.node.k8s.io
resources:
- noderesourcetopologies
verbs:
- delete
- list
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
verbs:
- delete
- list
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: node-feature-discovery
subjects:
- kind: ServiceAccount
name: node-feature-discovery
namespace: node-feature-discovery
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: node-feature-discovery-gc
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: node-feature-discovery-gc
subjects:
- kind: ServiceAccount
name: node-feature-discovery-gc
namespace: node-feature-discovery
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: node-feature-discovery-worker
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
verbs:
- create
- get
- update
- delete
- apiGroups:
- ""
resources:
- pods
verbs:
- get
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: node-feature-discovery-worker
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: node-feature-discovery-worker
subjects:
- kind: ServiceAccount
name: node-feature-discovery-worker
namespace: node-feature-discovery
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/worker.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-feature-discovery-worker
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
role: worker
spec:
revisionHistoryLimit:
selector:
matchLabels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: worker
template:
metadata:
labels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: worker
annotations:
checksum/config: 0ff3ad6ed18d5d7f9cd6e7d703e20338b50f37fe59fddf7cf6a5a57525292ed8
spec:
dnsPolicy: ClusterFirstWithHostNet
imagePullSecrets:
serviceAccountName: node-feature-discovery-worker
securityContext:
{}
hostNetwork: false
containers:
- name: worker
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
image: "registry.k8s.io/nfd/node-feature-discovery:v0.18.3"
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 5
failureThreshold: 10
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
resources:
limits:
memory: 512Mi
requests:
cpu: 20m
memory: 60Mi
command:
- "nfd-worker"
args:
# Go over featureGate and add the feature-gate flag
- "-feature-gates=NodeFeatureGroupAPI=true"
- "-port=8080"
ports:
- containerPort: 8080
name: http
volumeMounts:
- name: host-boot
mountPath: "/host-boot"
readOnly: true
- name: host-os-release
mountPath: "/host-etc/os-release"
readOnly: true
- name: host-sys
mountPath: "/host-sys"
readOnly: true
- name: host-usr-lib
mountPath: "/host-usr/lib"
readOnly: true
- name: host-lib
mountPath: "/host-lib"
readOnly: true
- name: host-proc-swaps
mountPath: "/host-proc/swaps"
readOnly: true
- name: features-d
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
readOnly: true
- name: nfd-worker-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
volumes:
- name: host-boot
hostPath:
path: "/boot"
- name: host-os-release
hostPath:
path: "/etc/os-release"
- name: host-sys
hostPath:
path: "/sys"
- name: host-usr-lib
hostPath:
path: "/usr/lib"
- name: host-lib
hostPath:
path: "/lib"
- name: host-proc-swaps
hostPath:
path: "/proc/swaps"
- name: features-d
hostPath:
path: "/etc/kubernetes/node-feature-discovery/features.d/"
- name: nfd-worker-conf
configMap:
name: node-feature-discovery-worker-conf
items:
- key: nfd-worker.conf
path: nfd-worker.conf
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/master.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: node-feature-discovery-master
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
role: master
spec:
replicas: 2
revisionHistoryLimit:
selector:
matchLabels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: master
template:
metadata:
labels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: master
annotations:
checksum/config: b0be1066d37d3a4f8bb03f39cdd2b6a637625f710dfec507062ad559ec43a4dc
spec:
dnsPolicy: ClusterFirstWithHostNet
imagePullSecrets:
serviceAccountName: node-feature-discovery
enableServiceLinks: false
securityContext:
{}
hostNetwork: false
containers:
- name: master
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
image: "registry.k8s.io/nfd/node-feature-discovery:v0.18.3"
imagePullPolicy: IfNotPresent
startupProbe:
httpGet:
path: /healthz
port: http
failureThreshold: 30
livenessProbe:
httpGet:
path: /healthz
port: http
readinessProbe:
httpGet:
path: /healthz
port: http
failureThreshold: 10
ports:
- containerPort: 8080
name: http
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-master"
resources:
limits:
memory: 4Gi
requests:
cpu: 20m
memory: 60Mi
args:
- "-enable-leader-election"
# Go over featureGates and add the feature-gate flag
- "-feature-gates=NodeFeatureGroupAPI=true"
- "-port=8080"
volumeMounts:
- name: nfd-master-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
volumes:
- name: nfd-master-conf
configMap:
name: node-feature-discovery-master-conf
items:
- key: nfd-master.conf
path: nfd-master.conf
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: In
values:
- ""
weight: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/nfd-gc.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: node-feature-discovery-gc
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
role: gc
spec:
replicas: 1
revisionHistoryLimit:
selector:
matchLabels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: gc
template:
metadata:
labels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
role: gc
spec:
serviceAccountName: node-feature-discovery-gc
dnsPolicy: ClusterFirstWithHostNet
imagePullSecrets:
securityContext:
{}
hostNetwork: false
containers:
- name: gc
image: "registry.k8s.io/nfd/node-feature-discovery:v0.18.3"
imagePullPolicy: "IfNotPresent"
livenessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 5
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-gc"
args:
- "-gc-interval=1h"
resources:
limits:
memory: 1Gi
requests:
cpu: 20m
memory: 60Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true
ports:
- name: http
containerPort: 8080
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/prometheus.yaml
# Prometheus Monitor Service (Metrics)
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: node-feature-discovery
labels:
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
spec:
podMetricsEndpoints:
- honorLabels: true
interval: 10s
path: /metrics
port: http
scheme: http
namespaceSelector:
matchNames:
- node-feature-discovery
selector:
matchExpressions:
- {key: app.kubernetes.io/instance, operator: In, values: ["node-feature-discovery"]}
- {key: app.kubernetes.io/name, operator: In, values: ["node-feature-discovery"]}
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/post-delete-job.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-feature-discovery-prune
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/post-delete-job.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: node-feature-discovery-prune
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/status
verbs:
- get
- patch
- update
- list
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/post-delete-job.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: node-feature-discovery-prune
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: node-feature-discovery-prune
subjects:
- kind: ServiceAccount
name: node-feature-discovery-prune
namespace: node-feature-discovery
---
# Source: node-feature-discovery/charts/node-feature-discovery/templates/post-delete-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: node-feature-discovery-prune
namespace: node-feature-discovery
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
annotations:
"helm.sh/hook": post-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
spec:
template:
metadata:
labels:
helm.sh/chart: node-feature-discovery-0.18.3
app.kubernetes.io/name: node-feature-discovery
app.kubernetes.io/instance: node-feature-discovery
app.kubernetes.io/version: "v0.18.3"
app.kubernetes.io/managed-by: Helm
role: prune
spec:
serviceAccountName: node-feature-discovery-prune
imagePullSecrets:
containers:
- name: nfd-master
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
image: "registry.k8s.io/nfd/node-feature-discovery:v0.18.3"
imagePullPolicy: IfNotPresent
command:
- "nfd-master"
args:
- "-prune"
restartPolicy: Never
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: In
values:
- ""
weight: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
resources:
limits:
memory: 4Gi
requests:
cpu: 20m
memory: 60Mi
Reference in New Issue View Git Blame Copy Permalink