Skip to content

Commit

Permalink
Merge pull request #1305 from marquiz/devel/nf-gc
Browse files Browse the repository at this point in the history
Garbage collection of NodeFeature objects
  • Loading branch information
k8s-ci-robot authored Aug 28, 2023
2 parents 6d95e59 + a15b569 commit e1f90a2
Show file tree
Hide file tree
Showing 29 changed files with 590 additions and 162 deletions.
18 changes: 9 additions & 9 deletions cmd/nfd-topology-gc/main.go → cmd/nfd-gc/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,13 @@ import (

"k8s.io/klog/v2"

nfdtopologygarbagecollector "sigs.k8s.io/node-feature-discovery/pkg/nfd-topology-gc"
nfdgarbagecollector "sigs.k8s.io/node-feature-discovery/pkg/nfd-gc"
"sigs.k8s.io/node-feature-discovery/pkg/version"
)

const (
// ProgramName is the canonical name of this program
ProgramName = "nfd-topology-gc"
ProgramName = "nfd-gc"
)

func main() {
Expand All @@ -50,10 +50,10 @@ func main() {
klog.InfoS("version not set! Set -ldflags \"-X sigs.k8s.io/node-feature-discovery/pkg/version.version=`git describe --tags --dirty --always`\" during build or run.")
}

// Get new TopologyGC instance
gc, err := nfdtopologygarbagecollector.New(args)
// Get new garbage collector instance
gc, err := nfdgarbagecollector.New(args)
if err != nil {
klog.ErrorS(err, "failed to initialize topology garbage collector instance")
klog.ErrorS(err, "failed to initialize nfd garbage collector instance")
os.Exit(1)
}

Expand All @@ -63,7 +63,7 @@ func main() {
}
}

func parseArgs(flags *flag.FlagSet, osArgs ...string) *nfdtopologygarbagecollector.Args {
func parseArgs(flags *flag.FlagSet, osArgs ...string) *nfdgarbagecollector.Args {
args := initFlags(flags)

_ = flags.Parse(osArgs)
Expand All @@ -76,11 +76,11 @@ func parseArgs(flags *flag.FlagSet, osArgs ...string) *nfdtopologygarbagecollect
return args
}

func initFlags(flagset *flag.FlagSet) *nfdtopologygarbagecollector.Args {
args := &nfdtopologygarbagecollector.Args{}
func initFlags(flagset *flag.FlagSet) *nfdgarbagecollector.Args {
args := &nfdgarbagecollector.Args{}

flagset.DurationVar(&args.GCPeriod, "gc-interval", time.Duration(1)*time.Hour,
"Interval between which Garbage Collector will try to cleanup any missed but already obsolete NodeResourceTopology. [Default: 1h]")
"interval between cleanup of obsolete api objects")
flagset.StringVar(&args.Kubeconfig, "kubeconfig", "",
"Kubeconfig to use")

Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfd-topology-gc
name: nfd-gc
rules:
- apiGroups:
- ""
Expand All @@ -23,3 +23,10 @@ rules:
verbs:
- delete
- list
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
verbs:
- delete
- list
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: nfd-topology-gc
name: nfd-gc
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nfd-topology-gc
name: nfd-gc
subjects:
- kind: ServiceAccount
name: nfd-topology-gc
name: nfd-gc
namespace: default
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfd-topology-gc
name: nfd-gc
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,21 @@ kind: Deployment
metadata:
labels:
app: nfd
name: nfd-topology-gc
name: nfd-gc
spec:
selector:
matchLabels:
app: nfd-topology-gc
app: nfd-gc
template:
metadata:
labels:
app: nfd-topology-gc
app: nfd-gc
spec:
dnsPolicy: ClusterFirstWithHostNet
serviceAccount: nfd-topology-gc
serviceAccount: nfd-gc
containers:
- name: nfd-topology-gc
- name: nfd-gc
image: gcr.io/k8s-staging-nfd/node-feature-discovery:master
imagePullPolicy: Always
command:
- "nfd-topology-gc"
- "nfd-gc"
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,7 @@ kind: Kustomization
namespace: node-feature-discovery

resources:
- topology-gc.yaml
- gc-clusterrole.yaml
- gc-clusterrolebinding.yaml
- gc-serviceaccount.yaml
- gc.yaml
9 changes: 0 additions & 9 deletions deployment/base/rbac-topology-gc/kustomization.yaml

This file was deleted.

10 changes: 5 additions & 5 deletions deployment/helm/node-feature-discovery/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -96,12 +96,12 @@ Create the name of the service account which topologyUpdater will use
{{- end -}}

{{/*
Create the name of the service account which topologyGC will use
Create the name of the service account which nfd-gc will use
*/}}
{{- define "node-feature-discovery.topologyGC.serviceAccountName" -}}
{{- if .Values.topologyGC.serviceAccount.create -}}
{{ default (printf "%s-topology-gc" (include "node-feature-discovery.fullname" .)) .Values.topologyGC.serviceAccount.name }}
{{- define "node-feature-discovery.gc.serviceAccountName" -}}
{{- if .Values.gc.serviceAccount.create -}}
{{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.topologyGC.serviceAccount.name }}
{{ default "default" .Values.gc.serviceAccount.name }}
{{- end -}}
{{- end -}}
13 changes: 10 additions & 3 deletions deployment/helm/node-feature-discovery/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ rules:
- update
{{- end }}

---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down Expand Up @@ -80,12 +80,12 @@ rules:
- update
{{- end }}

{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
name: {{ include "node-feature-discovery.fullname" . }}-gc
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
rules:
Expand All @@ -109,4 +109,11 @@ rules:
verbs:
- delete
- list
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
verbs:
- delete
- list
{{- end }}
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ subjects:
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}

---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand All @@ -33,20 +33,20 @@ subjects:
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}

{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
name: {{ include "node-feature-discovery.fullname" . }}-gc
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
name: {{ include "node-feature-discovery.fullname" . }}-gc
subjects:
- kind: ServiceAccount
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}
Original file line number Diff line number Diff line change
@@ -1,36 +1,36 @@
{{- if and .Values.topologyGC.enable .Values.topologyUpdater.enable -}}
{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
name: {{ include "node-feature-discovery.fullname" . }}-gc
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: topology-gc
role: gc
spec:
replicas: {{ .Values.topologyGC.replicaCount | default 1 }}
replicas: {{ .Values.gc.replicaCount | default 1 }}
selector:
matchLabels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
role: topology-gc
role: gc
template:
metadata:
labels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
role: topology-gc
role: gc
annotations:
{{- toYaml .Values.topologyGC.annotations | nindent 8 }}
{{- toYaml .Values.gc.annotations | nindent 8 }}
spec:
serviceAccountName: {{ .Values.topologyGC.serviceAccountName | default "nfd-topology-gc" }}
serviceAccountName: {{ .Values.gc.serviceAccountName | default "nfd-gc" }}
dnsPolicy: ClusterFirstWithHostNet
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.topologyGC.podSecurityContext | nindent 8 }}
{{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
containers:
- name: topology-gc
- name: gc
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
env:
Expand All @@ -39,25 +39,29 @@ spec:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-topology-gc"
- "nfd-gc"
args:
{{- if .Values.topologyGC.interval | empty | not }}
- "-gc-interval={{ .Values.topologyGC.interval }}"
{{- if .Values.gc.interval | empty | not }}
- "-gc-interval={{ .Values.gc.interval }}"
{{- end }}
resources:
{{- toYaml .Values.topologyGC.resources | nindent 12 }}
{{- toYaml .Values.gc.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.topologyGC.securityContext | nindent 12 }}
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true

{{- with .Values.topologyGC.nodeSelector }}
{{- with .Values.gc.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyGC.affinity }}
{{- with .Values.gc.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyGC.tolerations }}
{{- with .Values.gc.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ metadata:
{{- end }}
{{- end }}

---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
Expand All @@ -27,23 +27,23 @@ metadata:
{{- end }}
{{- end }}

{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.serviceAccount.create .Values.topologyUpdater.enable }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
{{- with .Values.topologyUpdater.serviceAccount.annotations }}
{{- with .Values.gc.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

---
{{- if .Values.worker.serviceAccount.create }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
Expand Down
8 changes: 1 addition & 7 deletions deployment/helm/node-feature-discovery/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -450,7 +450,7 @@ topologyUpdater:
affinity: {}
podSetFingerprint: true

topologyGC:
gc:
enable: true
replicaCount: 1

Expand All @@ -464,12 +464,6 @@ topologyGC:
interval: 1h

podSecurityContext: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true

resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,12 @@ namespace: node-feature-discovery
resources:
- ../../base/rbac
- ../../base/rbac-topologyupdater
- ../../base/rbac-topology-gc
- ../../base/nfd-crds
- ../../base/master
- ../../base/worker-daemonset
- ../../base/noderesourcetopologies-crd
- ../../base/topologyupdater-daemonset
- ../../base/topology-gc
- ../../base/gc
- namespace.yaml

components:
Expand Down
Loading

0 comments on commit e1f90a2

Please sign in to comment.