Skip to content

Commit

Permalink
reactive updates: add an option to disable the feature
Browse files Browse the repository at this point in the history
Access to the kubelet state directory may raise concerns in some setups, added an option to disable it.
The feature is enabled by default.

Signed-off-by: Talor Itzhak <[email protected]>
  • Loading branch information
Tal-or committed Mar 12, 2023
1 parent 46acfc1 commit 2d7890b
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
2 changes: 2 additions & 0 deletions docs/reference/topology-updater-commandline-reference.md
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,8 @@ nfd-topology-updater -pods-fingerprint
The `-kubelet-state-dir` specifies the path to the Kubelet state directory,
where state and checkpoint files are stored.
The files are mount as read-only and cannot be change by the updater.
Enabled by default.
Passing an empty string will disable the watching.

Default: /host-var/lib/kubelet

Expand Down
10 changes: 6 additions & 4 deletions pkg/nfd-topology-updater/nfd-topology-updater.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,11 +96,13 @@ type nfdTopologyUpdater struct {
// NewTopologyUpdater creates a new NfdTopologyUpdater instance.
func NewTopologyUpdater(args Args, resourcemonitorArgs resourcemonitor.Args, policy, scope string) (NfdTopologyUpdater, error) {
eventSource := make(chan kubeletnotifier.Info)
ntf, err := kubeletnotifier.New(resourcemonitorArgs.SleepInterval, eventSource, args.KubeletStateDir)
if err != nil {
return nil, err
if args.KubeletStateDir != "" {
ntf, err := kubeletnotifier.New(resourcemonitorArgs.SleepInterval, eventSource, args.KubeletStateDir)
if err != nil {
return nil, err
}
go ntf.Run()
}
go ntf.Run()
nfd := &nfdTopologyUpdater{
args: args,
resourcemonitorArgs: resourcemonitorArgs,
Expand Down

0 comments on commit 2d7890b

Please sign in to comment.