feat(helm): update chart node-feature-discovery ( 0.16.6 → 0.17.0 )

[kireque-bot]

This PR contains the following updates:

Package	Update	Change
node-feature-discovery	minor	0.16.6 -> 0.17.0

---

Release Notes

kubernetes-sigs/node-feature-discovery (node-feature-discovery)

v0.17.0

Compare Source

Changelog

Configurable restrictions (EXPERIMENTAL)

The nfd-master now has configuration options to restrict its capabilities, that is what modifications on node objects are allowed. See the nfd-master configuration file reference for documentation.

Image compatibity (EXPERIMENTAL)

There is an initiative to utilize NFD to implement system compatibility requirements for container images. As part of this work NFD v0.17 includes nfd command line client for validating systems against image compatibility manifests. See the documentation for more details, including examples how to create container images with compatibility manifests and validating nodes.

See the enhancement proposal for background information and design details.

Miscellaneous

Scalability

This release contains numerous fixes to fix issues and improve the scalability of NFD in larger clusters.

DMI features

Discovery of system.dmiid.product_name was added.

CPUID features

Support for new CPUID flags were added, including AMX-FP8 and AVX-VNNI-INT16.

Helm chart

Numerous small improvements in the NFD Helm chart, mainly new configuration values (see chart parameters for documentation).

Deprecations

gRPC API

The NodeFeature API is now GA and the legacy gRPC API has been completely removed.

Hooks

Support for hooks (deprecated in v0.12 has been removed. See the customization guide for replacements.

ResourceLabels config option

The resourceLabels configuration file option (and the corresponding -resource-labels flag), deprecated in v0.13 were removed. Use NodeFeatureRule object's extendedResources field instead.

Dynamic configuration

Dynamic runt-time reconfiguration was removed. This improves robustness and consistency as some of the configuration options did not support dynamic configuration.

Upcoming changes

The separate metric and health ports will be united behind a single port and the corresponding Helm chart values will be removed in NFD v0.18. This should be invisible to most users.

List of PRs

• Update readme to v0.16.0 release (#​1722)
• topology-updater: properly handle IPv6 from NODE_ADDRESS (#​1729)
• helm: remove defaults CPU limits (#​1728)
• build(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#​1738)
• Fix the problem with starting the master with empty cache (#​1739)
• build(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 (#​1742)
• ensure post-delete-job's service account matches ref in job spec (#​1746)
• Dockerfile: fix FromAs Casing (#​1753)
• build(deps): bump github.com/klauspost/cpuid/v2 from 2.2.7 to 2.2.8 (#​1744)
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#​1745)
• build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#​1743)
• Update README to v0.16.1 (#​1756)
• Document AVXVNNIINT16 cpuid feature (#​1749)
• scripts: refresh e2e-presubmit test script (#​1758)
• build(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 (#​1760)
• docs: describe Kubernetes version compatibility in versions page (#​1764)
• scripts/test-infra: drop the unused build-image script (#​1762)
• scripts/test-infra: run postsubmit e2e test in kind (#​1763)
• nfd-master: fix typos (#​1765)
• Simplify code (#​1766)
• scripts/test-infra: setup kind in e2e-test (#​1767)
• README: update module name in go report card badge (#​1768)
• deployment/helm: enable specifying additional cmdline args (#​1726)
• cloudbuild: increase the image build timeout (#​1770)
• Use worker DS OwnerReference for NF's (#​1755)
• README: update to v0.16.2 (#​1783)
• Drop the -enable-nodefeature-api flag (#​1780)
• fix: take into consideration possibility of having empty line in swap file (#​1781)
• nfd-worker: change TestRun to use NodeFeature API (#​1788)
• go.mod: update kubernetes to v1.30.2 and klog to v2.130.1 (#​1786)
• Helm: Add revision history limit for master replica (#​1782)
• test/e2e: set topology-updater sleep-interval in podfingerprint test (#​1792)
• helm: drop trailing whitespace from values.yaml (#​1790)
• docs: reformat tables of helm parameters (#​1791)
• test/e2e: specify -sleep-interval in topology-updater exclude-memory test (#​1793)
• README: update to v0.16.3 (#​1794)
• feature-gates: mark NodeFeatureAPI as GA (#​1778)
• scripts/test-infra: bump golangci-lint to v1.59.1 (#​1795)
• scripts/test-infra: bump helm to v3.15.3 (#​1796)
• Helm: Add revision history limit for worker daemonset (#​1797)
• Dockerfile: cache go modules on build (#​1798)
• build(deps): bump k8s.io/kubernetes from 1.30.2 to 1.30.3 in the k8sio group (#​1804)
• helm: add configurable liveness&readiness probes for master topology-updater and worker (#​1801)
• nfd-master: check nfd api informer cache sync result (#​1809)
• nfd-gc: check that node informer cache sync succeeded (#​1812)
• build(deps): bump github.com/onsi/gomega from 1.33.1 to 1.34.0 (#​1819)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.19.0 to 2.19.1 (#​1818)
• Docs: Fixed feature-gates reference (#​1822)
• nfd-master: tweak list options for NodeFeature informer (#​1811)
• Docs: Fix the link to feature gates documentation (#​1821)
• nfd-gc: only fetch object metadata (#​1813)
• nfd-gc: use paging when listing CRs (#​1815)
• build(deps): bump github.com/onsi/gomega from 1.34.0 to 1.34.1 (#​1824)
• Add helm migration guide (#​1807)
• docs: use jekyll-rtd-theme from a ruby gem (#​1829)
• tilt: sync up builder go version with project go.mod (#​1827)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.0 (#​1831)
• build(deps): bump golang.org/x/time from 0.5.0 to 0.6.0 (#​1832)
• README: update to v0.16.4 (#​1834)
• test/e2e: simplify TestMain (#​1835)
• nfd-master: explicit state variable for the node updater pool (#​1844)
• nfd-master: use only unbuffered chans in the nfd api-controller (#​1843)
• nfd-master: proper shutdown of nfd api informers (#​1848)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.0 to 2.20.1 (#​1853)
• test/e2e: drop the pod security admission hack (#​1854)
• scripts/test-infra: bump golangci-lint to v1.60.3 (#​1859)
• Drop dynamic run-time reconfiguration (#​1847)
• build(deps): bump github.com/onsi/gomega from 1.34.1 to 1.34.2 (#​1862)
• build(deps): bump github.com/opencontainers/runc from 1.1.13 to 1.1.14 (#​1864)
• Bump Go to v1.23 (#​1858)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2 (#​1870)
• build(deps): bump golang.org/x/net from 0.28.0 to 0.29.0 (#​1867)
• source/system: Add reading product name information (#​1871)
• nfd-master: cleanup updater-pool method args (#​1876)
• helm: rename args chart value to extraArgs (#​1880)
• helm: rename args to extraArgs in values.yaml (#​1881)
• source/network: Ignore bonding_masters interface during scanning (#​1856)
• build(deps): bump github.com/jaypipes/ghw from 0.12.0 to 0.13.0 (#​1869)
• Add helm values to configure hostNetwork and additional env vars (#​1878)
• Add parameter to configure health endpoint port (#​1885)
• Add .idea/ to gitignore (#​1886)
• nfd-gc: drop one duplicate import from tests (#​1888)
• test/e2e: use ptr.To to get pointer to bool (#​1836)
• docs: quote shell snippets containing urls with query parameters (#​1895)
• build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 (#​1900)
• build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0 (#​1899)
• Template exposed health port in helm chart (#​1904)
• github: specify workflow permissions (#​1906)
• README: update to v0.16.5 (#​1909)
• build(deps): bump github.com/opencontainers/runc from 1.1.14 to 1.1.15 (#​1916)
• Move testdata to root (#​1921)
• Convert testdata to an empty go module (#​1924)
• Add separate helm values for the liveness and readiness probes (#​1913)
• feat/nfd-master: configure CR restrictions (#​1592)
• build(deps): bump github.com/opencontainers/runc from 1.1.15 to 1.2.0 (#​1923)
• Drop NFD gRPC API (#​1910)
• build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (#​1917)
• go.mod: bump kubernetes to v1.31 (#​1837)
• tests: better assertion message in nfd-gc unit tests (#​1816)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0 (#​1937)
• build(deps): bump github.com/onsi/gomega from 1.34.2 to 1.35.1 (#​1938)
• build(deps): bump github.com/opencontainers/runc from 1.2.0 to 1.2.1 (#​1940)
• nfd-master: drop stale unreachable deprecation notices (#​1942)
• Docs: remove gRPC (#​1943)
• Taints: mark stable (#​1944)
• Drop support for hooks (#​1941)
• build(deps): bump google.golang.org/grpc from 1.63.2 to 1.67.1 (#​1898)
• build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0 (#​1939)
• Doc: Fix tilt up issue in feature discovering in developer guide (#​1889)
• Deprecate separate metrics and health port args (#​1948)
• Release template: Document tagging for API submodule (#​1945)
• go.mod: bump cpuid to v2.2.9 (#​1949)
• nfd-master: drop resourceLabels (#​1950)
• docs: minor update in the feature gates table (#​1951)
• build(deps): bump golang.org/x/net from 0.30.0 to 0.31.0 (#​1952)
• build(deps): bump golang.org/x/time from 0.7.0 to 0.8.0 (#​1953)
• build(deps): bump google.golang.org/grpc from 1.67.1 to 1.68.0 (#​1954)
• build(deps): bump github.com/opencontainers/runc from 1.2.1 to 1.2.2 (#​1957)
• build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#​1960)
• Document AMXFP8 cpuid feature (#​1935)
• go.mod: bump kubernetes patch version (#​1962)
• pkg/utils: drop fswatcher (#​1961)
• chore: add metrics system prefix (#​1956)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 (#​1959)
• build(deps): bump github.com/onsi/gomega from 1.35.1 to 1.36.0 (#​1966)
• build(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1 (#​1969)
• build(deps): bump golang.org/x/net from 0.31.0 to 0.32.0 (#​1968)
• NFD image compatibility proposal (#​1845)
• deployment: add startupProbe for nfd-master (#​1810)
• scripts/update-gh-pages: fix release version parsing (#​1974)
• nfd-master: check that namespace informer cache sync succeeded (#​1965)
• Fix version parsing (#​1977)
• Makefile: fix version parsing (#​1981)
• nfd-worker: Add an option to disable setting the owner references (#​1860)
• Cleanup for NodeFeature API being GA (#​1976)
• build(deps): bump google.golang.org/grpc from 1.68.1 to 1.69.0 (#​1983)
• build(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#​1986)
• build(deps): bump github.com/onsi/gomega from 1.36.0 to 1.36.1 (#​1984)
• build(deps): bump github.com/opencontainers/runc from 1.2.2 to 1.2.3 (#​1985)
• go.mod: bump kubernetes to v1.32 (#​1987)
• Drop protobuf definitions and protobuf code generation (#​1989)
• Introduce nfd client for image compatibilty (#​1932)
• Remove errors for nodes without NodeFeatures (#​1988)
• go.mod: bump golang.org/x/net to v0.33.0 (#​1991)

(Full Changelog: kubernetes-sigs/node-feature-discovery@v0.17.0-devel...v0.17.0)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[kireque-bot]

--- kubernetes/main/apps/system/node-feature-discovery/app Kustomization: flux-system/node-feature-discovery HelmRelease: system/node-feature-discovery

+++ kubernetes/main/apps/system/node-feature-discovery/app Kustomization: flux-system/node-feature-discovery HelmRelease: system/node-feature-discovery

@@ -14,13 +14,13 @@

       chart: node-feature-discovery
       interval: 30m
       sourceRef:
         kind: HelmRepository
         name: kubernetes-sigs-nfd
         namespace: flux-system
-      version: 0.16.6
+      version: 0.17.0
   install:
     crds: CreateReplace
   interval: 30m
   upgrade:
     crds: CreateReplace
   values:

[kireque-bot]

--- HelmRelease: system/node-feature-discovery ClusterRole: system/node-feature-discovery

+++ HelmRelease: system/node-feature-discovery ClusterRole: system/node-feature-discovery

@@ -5,12 +5,19 @@

   name: node-feature-discovery
   labels:
     app.kubernetes.io/name: node-feature-discovery
     app.kubernetes.io/instance: node-feature-discovery
     app.kubernetes.io/managed-by: Helm
 rules:
+- apiGroups:
+  - ''
+  resources:
+  - namespaces
+  verbs:
+  - watch
+  - list
 - apiGroups:
   - ''
   resources:
   - nodes
   - nodes/status
   verbs:
--- HelmRelease: system/node-feature-discovery DaemonSet: system/node-feature-discovery-worker

+++ HelmRelease: system/node-feature-discovery DaemonSet: system/node-feature-discovery-worker

@@ -33,23 +33,23 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         livenessProbe:
           grpc:
             port: 8082
           initialDelaySeconds: 10
         readinessProbe:
-          failureThreshold: 10
           grpc:
             port: 8082
           initialDelaySeconds: 5
+          failureThreshold: 10
         env:
         - name: NODE_NAME
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
         - name: POD_NAME
@@ -66,13 +66,12 @@

           requests:
             cpu: 5m
             memory: 48Mi
         command:
         - nfd-worker
         args:
-        - -feature-gates=NodeFeatureAPI=true
         - -feature-gates=NodeFeatureGroupAPI=false
         - -metrics=8081
         - -grpc-health=8082
         ports:
         - containerPort: 8081
           name: metrics
@@ -94,15 +93,12 @@

         - name: host-lib
           mountPath: /host-lib
           readOnly: true
         - name: host-proc-swaps
           mountPath: /host-proc/swaps
           readOnly: true
-        - name: source-d
-          mountPath: /etc/kubernetes/node-feature-discovery/source.d/
-          readOnly: true
         - name: features-d
           mountPath: /etc/kubernetes/node-feature-discovery/features.d/
           readOnly: true
         - name: nfd-worker-conf
           mountPath: /etc/kubernetes/node-feature-discovery
           readOnly: true
@@ -122,15 +118,12 @@

       - name: host-lib
         hostPath:
           path: /lib
       - name: host-proc-swaps
         hostPath:
           path: /proc/swaps
-      - name: source-d
-        hostPath:
-          path: /etc/kubernetes/node-feature-discovery/source.d/
       - name: features-d
         hostPath:
           path: /etc/kubernetes/node-feature-discovery/features.d/
       - name: nfd-worker-conf
         configMap:
           name: node-feature-discovery-worker-conf
--- HelmRelease: system/node-feature-discovery Deployment: system/node-feature-discovery-master

+++ HelmRelease: system/node-feature-discovery Deployment: system/node-feature-discovery-master

@@ -34,26 +34,26 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
+        startupProbe:
+          grpc:
+            port: 8082
+          failureThreshold: 30
         livenessProbe:
           grpc:
             port: 8082
-          initialDelaySeconds: 10
         readinessProbe:
-          failureThreshold: 10
           grpc:
             port: 8082
-          initialDelaySeconds: 5
+          failureThreshold: 10
         ports:
-        - containerPort: 8080
-          name: grpc
         - containerPort: 8081
           name: metrics
         - containerPort: 8082
           name: health
         env:
         - name: NODE_NAME
@@ -66,14 +66,13 @@

           limits:
             memory: 51Mi
           requests:
             cpu: 21m
             memory: 51Mi
         args:
-        - -crd-controller=true
-        - -feature-gates=NodeFeatureAPI=true
+        - -enable-leader-election
         - -feature-gates=NodeFeatureGroupAPI=false
         - -metrics=8081
         - -grpc-health=8082
         volumeMounts:
         - name: nfd-master-conf
           mountPath: /etc/kubernetes/node-feature-discovery
--- HelmRelease: system/node-feature-discovery Deployment: system/node-feature-discovery-gc

+++ HelmRelease: system/node-feature-discovery Deployment: system/node-feature-discovery-gc

@@ -27,13 +27,13 @@

       serviceAccountName: node-feature-discovery-gc
       dnsPolicy: ClusterFirstWithHostNet
       securityContext: {}
       hostNetwork: false
       containers:
       - name: gc
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         env:
         - name: NODE_NAME
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
--- HelmRelease: system/node-feature-discovery Job: system/node-feature-discovery-prune

+++ HelmRelease: system/node-feature-discovery Job: system/node-feature-discovery-prune

@@ -27,13 +27,13 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         command:
         - nfd-master
         args:
         - -prune
       restartPolicy: Never