245 lines
6.5 KiB
YAML
245 lines
6.5 KiB
YAML
node-feature-discovery:
|
|
enableNodeFeatureApi: true
|
|
master:
|
|
enable: true
|
|
config: ### <NFD-MASTER-CONF-START-DO-NOT-REMOVE>
|
|
# noPublish: false
|
|
# autoDefaultNs: true
|
|
# extraLabelNs: ["added.ns.io","added.kubernets.io","intel.com","devicetree.org"]
|
|
# denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
|
|
# resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
|
|
# enableTaints: false
|
|
# labelWhiteList: "foo"
|
|
# resyncPeriod: "2h"
|
|
# klog:
|
|
# addDirHeader: false
|
|
# alsologtostderr: false
|
|
# logBacktraceAt:
|
|
# logtostderr: true
|
|
# skipHeaders: false
|
|
# stderrthreshold: 2
|
|
# v: 0
|
|
# vmodule:
|
|
## NOTE: the following options are not dynamically run-time configurable
|
|
## and require a nfd-master restart to take effect after being changed
|
|
# logDir:
|
|
# logFile:
|
|
# logFileMaxSize: 1800
|
|
# skipLogHeaders: false
|
|
# leaderElection:
|
|
# leaseDuration: 15s
|
|
# # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
|
|
# renewDeadline: 10s
|
|
# # this value has to be greater than 0
|
|
# retryPeriod: 2s
|
|
# nfdApiParallelism: 10
|
|
### <NFD-MASTER-CONF-END-DO-NOT-REMOVE>
|
|
port: 8080
|
|
metricsPort: 8081
|
|
instance:
|
|
featureApi:
|
|
resyncPeriod:
|
|
denyLabelNs: []
|
|
extraLabelNs: []
|
|
resourceLabels: []
|
|
enableTaints: false
|
|
crdController: null
|
|
featureRulesController: null
|
|
nfdApiParallelism: null
|
|
deploymentAnnotations: {}
|
|
replicaCount: 1
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
serviceAccount:
|
|
create: true
|
|
name:
|
|
rbac:
|
|
create: true
|
|
service:
|
|
type: ClusterIP
|
|
port: 8080
|
|
resources:
|
|
requests:
|
|
cpu: 20m
|
|
memory: 60Mi
|
|
tolerations:
|
|
- key: "node-role.kubernetes.io/control-plane"
|
|
operator: "Equal"
|
|
value: ""
|
|
effect: "NoSchedule"
|
|
affinity:
|
|
nodeAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 1
|
|
preference:
|
|
matchExpressions:
|
|
- key: "node-role.kubernetes.io/control-plane"
|
|
operator: In
|
|
values: [""]
|
|
worker:
|
|
enable: true
|
|
config: ### <NFD-WORKER-CONF-START-DO-NOT-REMOVE>
|
|
#core:
|
|
# labelWhiteList:
|
|
# noPublish: false
|
|
# sleepInterval: 60s
|
|
# featureSources: [all]
|
|
# labelSources: [all]
|
|
# klog:
|
|
# addDirHeader: false
|
|
# alsologtostderr: false
|
|
# logBacktraceAt:
|
|
# logtostderr: true
|
|
# skipHeaders: false
|
|
# stderrthreshold: 2
|
|
# v: 0
|
|
# vmodule:
|
|
## NOTE: the following options are not dynamically run-time configurable
|
|
## and require a nfd-worker restart to take effect after being changed
|
|
# logDir:
|
|
# logFile:
|
|
# logFileMaxSize: 1800
|
|
# skipLogHeaders: false
|
|
sources:
|
|
cpu:
|
|
cpuid:
|
|
attributeWhitelist:
|
|
- "AVX512BW"
|
|
- "AVX512CD"
|
|
- "AVX512DQ"
|
|
- "AVX512F"
|
|
- "AVX512VL"
|
|
kernel:
|
|
configOpts:
|
|
- "NO_HZ"
|
|
- "X86"
|
|
- "DMI"
|
|
usb:
|
|
deviceClassWhitelist:
|
|
- "02"
|
|
- "03"
|
|
- "0e"
|
|
- "ef"
|
|
- "fe"
|
|
- "ff"
|
|
deviceLabelFields:
|
|
- "vendor"
|
|
- "device"
|
|
- "class"
|
|
pci:
|
|
deviceClassWhitelist:
|
|
- "0200"
|
|
- "01"
|
|
- "08"
|
|
- "0300"
|
|
- "0302"
|
|
deviceLabelFields:
|
|
- "vendor"
|
|
- "device"
|
|
- "class"
|
|
custom:
|
|
- # Intel integrated GPU
|
|
name: "intel-gpu"
|
|
labels:
|
|
intel.feature.node.kubernetes.io/gpu: 'true'
|
|
matchOn:
|
|
- pciId:
|
|
class: ["0300"]
|
|
vendor: ["8086"]
|
|
- # Google Coral USB Accelerator
|
|
name: google.coral
|
|
labels:
|
|
google.feature.node.kubernetes.io/coral: "true"
|
|
matchFeatures:
|
|
- feature: usb.device
|
|
matchExpressions:
|
|
vendor: { op: In, value: ["1a6e", "18d1"] }
|
|
- # Aeotec Z-Stick Gen5+
|
|
name: aeotec.zwave
|
|
labels:
|
|
aeotec.feature.node.kubernetes.io/zwave: "true"
|
|
matchFeatures:
|
|
- feature: usb.device
|
|
matchExpressions:
|
|
class: { op: In, value: ["02"] }
|
|
vendor: { op: In, value: ["0658"] }
|
|
device: { op: In, value: ["0200"] }
|
|
### <NFD-WORKER-CONF-END-DO-NOT-REMOVE>
|
|
metricsPort: 8081
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
serviceAccount:
|
|
create: true
|
|
name:
|
|
rbac:
|
|
create: true
|
|
mountUsrSrc: false
|
|
resources:
|
|
requests:
|
|
cpu: 20m
|
|
memory: 60Mi
|
|
topologyUpdater:
|
|
config: ### <NFD-TOPOLOGY-UPDATER-CONF-START-DO-NOT-REMOVE>
|
|
## key = node name, value = list of resources to be excluded.
|
|
## use * to exclude from all nodes.
|
|
## an example for how the exclude list should looks like
|
|
#excludeList:
|
|
# node1: [cpu]
|
|
# node2: [memory, example/deviceA]
|
|
# *: [hugepages-2Mi]
|
|
### <NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE>
|
|
enable: true
|
|
createCRDs: true
|
|
serviceAccount:
|
|
create: true
|
|
name:
|
|
rbac:
|
|
create: true
|
|
metricsPort: 8081
|
|
updateInterval: 60s
|
|
watchNamespace: "*"
|
|
kubeletStateDir: /var/lib/kubelet
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 0
|
|
resources:
|
|
requests:
|
|
cpu: 20m
|
|
memory: 60Mi
|
|
gc:
|
|
enable: true
|
|
replicaCount: 1
|
|
serviceAccount:
|
|
create: true
|
|
name:
|
|
rbac:
|
|
create: true
|
|
interval: 1h
|
|
resources:
|
|
requests:
|
|
cpu: 20m
|
|
memory: 60Mi
|
|
metricsPort: 8081
|
|
tls:
|
|
enable: false
|
|
certManager: false
|
|
prometheus:
|
|
enable: false
|