Release v0.13.0

[marquiz]

Release Checklist

• All OWNERS must LGTM the release proposal
• Verify that the changelog in this issue is up-to-date
• For major releases (v0.$MAJ.0) create new release branch
  • an OWNER creates a vanilla release branch with
    git branch release-0.$MAJ master
  • An OWNER pushes the new release branch with
    git push release-0.$MAJ
  • Create Prow pre-submit job configuration for the new release branch in K8s
    test-infra, submit a PR
  • Wait for the test-infra Prow config PR to be merged
• Run hack/prepare-release.sh $VERSION to turn references to point to the upcoming release
  (README, deployment templates, docs configuration, test/e2e flags), submit a PR against the release branch
• An OWNER prepares a draft release
  • Create a draft release at Github releases page
  • Write the change log into the draft release
  • Upload release artefacts generated by prepare-release.sh script above to the draft release
• An OWNER runs
  git tag -s $VERSION
  and inserts the changelog into the tag description.
• An OWNER pushes the tag with
  git push $VERSION
  • Triggers prow to build and publish a staging container image
    gcr.io/k8s-staging-nfd/node-feature-discovery:$VERSION
  • Triggers build of the documentation and publish it at
    https://kubernetes-sigs.github.io/node-feature-discovery/0.$MAJ/
• Submit a PR against k8s.io, updating registry.k8s.io/images/k8s-staging-nfd/images.yaml to promote the container images (both "full" and "minimal" variants) to production
• Wait for the PR to be merged and verify that the image (registry.k8s.io/nfd/node-feature-discovery:$VERSION) is available.
• Publish the draft release prepared at the Github releases page
  which will also trigger a Helm repo index update to add the latest release
• Add a link to the tagged release in this issue.
• Send an announcement email to [email protected] with the subject [ANNOUNCE] node-feature-discovery $VERSION is released
• Add a link to the release announcement in this issue
• For a major release (or a point release of the latest major release), update README in master branch
  • Update references e.g. by running hack/prepare-release.sh $VERSION but only committing README.md, and,
    submit a PR
  • Wait for the PR to be merged
• For a major release, create an unannotated devel tag in the master branch, on the first commit that gets merged after the release branch has been created (presumably the README update commit above), and, push the tag:
  DEVEL=v0.$(($MAJ+1)).0-devel; git tag $DEVEL master && git push $DEVEL
  This ensures that the devel builds on the master branch will have a meaningful version number.
• Close this issue

Changelog

Default image based on distroless

The default container image is now based on distroless/base. This was formerly shipped as the "minimal" image, and "v0.13.0-minimal" image tag is thus provided for backwards compatibility. A new "full" image variant (v0.13.0-full) that corresponds the previous default image is made available.

The practical user impact of this change is that support for hooks is limited to statically linked ELF binaries. Bash or Perl scripts are not supported by the default image anymore, but the new "full" image variant can be used if support for these is needed.

Config file for nfd-master

NFD-Master now supports dynamic run-time configurability through a configuration file, deployed as a ConfigMap similar to the nfd-worker. Many of the command line flags are now available as dynamically changeable config file options. Visit the documentation for more details.

Allow custom label prefixes

The restrictions on allowed label prefixes (or label namespaces) for custom labels are mostly removed. All prefixes are allowed, except for kubernetes.io/ and its sub-namespaces (i.e. *.kubernetes.io/), with the NFD-specific feature.node.kubernetes.io/ and profile.node.kubernetes.io/ (and their sub-namespaces) still being allowed.

Those wanting to have stricter policy on allowed label prefixes can use the new denyLabelNs config file option (or the corresponding -deny-label-ns command line flag) of nfd-master. To preserve the old behavior of rejecting all custom prefixes, denyLabelNs="*" can be used, with extraLabelNs config option available for allowing specific custom prefixes.

Extended resources

NFD now supports creating node extended resources from the NodeFeatureRule custom resources. See the documentation for details. With this the -resource-labels command line flag is now marked as deprecated.

Topology Updater enhancements

A new Topology-Garbage-Collector daemon for deleting obsolete NodeResourceTopology objects was added. This daemon is enabled in default deployments.

Topology-Updater reacts faster to changes in the node, making NodeResourceTopology objects more accurately track the current state of node resource status.

Topology-Updater gained the ability to report "pods fingerprint" as a single value representing the node resources status. See the new -pods-fingerprint command line flag.

Topology-Updater now supports the latest v1alpha2 version of the NodeResourceTopology API.

Deprecations

The feature.node.kubernetes.io/cpu-rdt.* labels are now marked as deprecated and will be removed in a future release. The RDT features will stay to be available for NodeFeatureRule objects to consume to create custom labels.

The -resource-labels command line flag is now deprecated and will be removed in a future release. NodeFeatureRule objects should be used for managing node extended resources, instead.

Miscellaneous

New CPU features:

• X86_64
  • Intel Sierra Forest: AVXIFMA, AVXNECONVERT, AVXVNNIINT8, CMPCCXADD, WRMSRNS and MSRLIST
  • number of Intel TDX keys
  • amount Intel SGX EPC (Encrypted Page Cache) memory
  • AMD SEV, including number of ASIDs (Address Space Identifiers), and number of ES (Encrypted State) IDs
• PPC64
  • IBM Nest Accelerator for GZIP
• RDT: number of L3 CLOSID

Kernel: new kernel.enabledmodule feature that lists both loaded dynamic modules and modules built into the kernel.

List of PRs

• docs: mention NodeFeature as an extension point (docs: mention NodeFeature as an extension point #1009)
• docs: fix typo in CRD name (docs: fix typo in CRD name #1011)
• Use single-dash format for nfd cmdline flags (Use single-dash format for nfd cmdline flags #1013)
• README: update to latest release v0.12.0 (README: update to latest release v0.12.0 #1014)
• dockerfile: update grpc-health-probe to v0.4.14 (dockerfile: update grpc-health-probe to v0.4.14 #1015)
• Add common utility function for getting node name (Add common utility function for getting node name #1018)
• topology-updater: move code (topology-updater: move code #1019)
• apis/nfd: make all fields in NodeFeatureSpec optional (apis/nfd: make all fields in NodeFeatureSpec optional #1017)
• worker: move code (worker: move code #1020)
• Bump cpuid to v2.2.3 (Bump cpuid to v2.2.3 #1023)
• Docs: mention tainting in the intro section (Docs: mention tainting in the intro section #1021)
• test/e2e: more comprehensive test for NodeFeature objects (test/e2e: more comprehensive test for NodeFeature objects #1016)
• Add missing TopologyManagerPolicy (Add missing TopologyManagerPolicy #1026)
• Add NRT garbage collector (Add NRT garbage collector #1024)
• e2e: append _test suffix to test files (e2e: append _test suffix to test files #1029)
• e2e: init docker image (e2e: init docker image #1028)
• nfd-master: always start gRPC server (nfd-master: always start gRPC server #1034)
• docs: fix internal cross-page references by injecting .md (docs: fix internal cross-page references by injecting .md #1030)
• docs: Fix link for Helm docs (docs: Fix link for Helm docs #1040)
• cpu: support for detecting nx-gzip coprocessor feature (cpu: support for detecting nx-gzip coprocessor feature #956)
• README: update to release v0.12.1 (README: update to release v0.12.1 #1042)
• helm: make master port configurable (helm: make master port configurable #1044)
• test: move out unit testing from Dockerfile (test: move out unit testing from Dockerfile #1047)
• deployment: disable service links in NFD master pod (deployment: disable service links in NFD master pod #1045)
• topology-updater: nrt-api Update to v1alpha2 (topology-updater: nrt-api Update to v1alpha2 #1053)
• Change nfd-worker to use Ticker instead of After. (Change nfd-worker to use Ticker instead of After. #1050)
• images: base the default image on distroless/base (images: base the default image on distroless/base #1027)
• Add discovery duration logging (Add discovery duration logging #1055)
• OWNERS: Update Ethyling username to jjacobelli (OWNERS: Update Ethyling username to jjacobelli #1056)
• Advertise TopologyManger policy and scope as Attributes in NRT api v1alpha2 (Advertise TopologyManger policy and scope as Attributes in NRT api v1alpha2 #1054)
• feat: add deny-label-ns flag which supports wildcard (feat: add deny-label-ns flag which supports wildcard #1051)
• Fix some typos (Fix some typos #1058)
• scripts/test-infra: bump golangci-lint to v1.51.1 (scripts/test-infra: bump golangci-lint to v1.51.1 #1061)
• GO Update version to 1.20 (GO Update version to 1.20 #1059)
• source/cpu: fix build flags of cpuid detection (source/cpu: fix build flags of cpuid detection #1063)
• go.mod: bump cpuid to v2.2.4 (go.mod: bump cpuid to v2.2.4 #1064)
• docs: describe nfd-topology-gc in introduction.md (docs: describe nfd-topology-gc in introduction.md #1062)
• test/e2e: rename ginkgo focus for tests (test/e2e: rename ginkgo focus for tests #1065)
• topology-updater:compute pod set fingerprint (topology-updater:compute pod set fingerprint #1049)
• test/e2e: cleanup NodeFeature objects before/after tests (test/e2e: cleanup NodeFeature objects before/after tests #1074)
• test/e2e: reduce worker wait-for-ready period to 2s (test/e2e: reduce worker wait-for-ready period to 2s #1073)
• docs: fix usage customization guide typos (docs: fix usage customization guide typos #1066)
• test: add code coverage reporting (test: add code coverage reporting #1069)
• helm: fix topology-updater rbac (helm: fix topology-updater rbac #1078)
• deployment: fixes for mounting kubelet config (deployment: fixes for mounting kubelet config #1080)
• Update worker-configuration-reference.md (Update worker-configuration-reference.md #1076)
• scripts/test-infra: bump golangci-lint to v1.51.2 (scripts/test-infra: bump golangci-lint to v1.51.2 #1082)
• test: implement e2e test of the deny-label-ns flag (test: implement e2e test of the deny-label-ns flag #1070)
• go.mod: update kubernetes to v1.26.2 (go.mod: update kubernetes to v1.26.2 #1077)
• pkg/utils: add UnmarshalJSON method to StringSetVal (pkg/utils: add UnmarshalJSON method to StringSetVal #1087)
• codegen: fix code-generation (codegen: fix code-generation #1083)
• kustomize: trim prune overlay (kustomize: trim prune overlay #1090)
• gitignore: ignore codecov coverage report (gitignore: ignore codecov coverage report #1085)
• topology-updater: reactive updates (topology-updater: reactive updates #1031)
• chore: add debug dump of nfd worker configuration (chore: add debug dump of nfd worker configuration #1092)
• feat: add enableTaints to helm chart (feat: add enableTaints to helm chart #1091)
• cpu: expose AMD SEV support (cpu: expose AMD SEV support #1097)
• cpu: Expose the total number of keys for TDX (cpu: Expose the total number of keys for TDX #1079)
• go.mod: update kubernetes to v1.26.3 (go.mod: update kubernetes to v1.26.3 #1106)
• README: update to release v0.12.2 (README: update to release v0.12.2 #1112)
• feat: add master config file (feat: add master config file #1084)
• test/e2e: fix node cleanup function (test/e2e: fix node cleanup function #1115)
• source/cpu: deprecate cpu-rdt.* labels (source/cpu: deprecate cpu-rdt.* labels #1114)
• test/e2e: wait for CRD deletion to complete (test/e2e: wait for CRD deletion to complete #1116)
• test/e2e: refactor nfd pod configuration (test/e2e: refactor nfd pod configuration #1117)
• nfd-master: disallow unprefixed and kubernetes taints (nfd-master: disallow unprefixed and kubernetes taints #1118)
• nfd-master: fix node update (nfd-master: fix node update #1119)
• Advertise RDT L3 num_closid (Advertise RDT L3 num_closid #1100)
• Create extended resources with NodeFeatureRule (Create extended resources with NodeFeatureRule #1099)
• Dockerfile: bump grpc-health-probe to v0.4.17 (Dockerfile: bump grpc-health-probe to v0.4.17 #1121)
• docs: add missing mentions of extended resources and taints (docs: add missing mentions of extended resources and taints #1122)
• nfd-master: increase controller resync period to 1 hour (nfd-master: increase controller resync period to 1 hour #1123)
• nfd-master: re-try on node update failures (nfd-master: re-try on node update failures #1127)
• Makefile: set e2e test timeout to 1 hour (Makefile: set e2e test timeout to 1 hour #1128)
• feat: support builtin kernel mods (feat: support builtin kernel mods #1086)
• nfd-master: deprecate the -resource-labels flag (nfd-master: deprecate the -resource-labels flag #1126)
• source/cpu: don't create cpu-security.tdx.total_keys label (source/cpu: don't create cpu-security.tdx.total_keys label #1130)
• cpu: Expose SGX EPC resource (cpu: Expose SGX EPC resource #1129)
• e2e: add codecov uploader configuration (e2e: add codecov uploader configuration #1095)
• OWNERS: add PiotrProkop as a reviewer (OWNERS: add PiotrProkop as a reviewer #1140)
• Dockerfile: bump grpc-health-probe to v0.4.18 (Dockerfile: bump grpc-health-probe to v0.4.18 #1145)
• cpu: expose the total number of AMD SEV ASID and ES ( cpu: expose the total number of AMD SEV ASID and ES #1149)
• hack/prepare-release.sh: fix name of one e2e test file (hack/prepare-release.sh: fix name of one e2e test file #1151)

[marquiz]

Milestone: https://github.com/kubernetes-sigs/node-feature-discovery/milestone/7

My thinking was to cut a release around the end of March. With the content whatever we've managed to merge by then

[ArangoGutierrez]

++

[adrianchiris]

+1

[fmuyassarov]

+1

[jjacobelli]

/lgtm

[ArangoGutierrez]

For Topology-updater interests
/cc @ffromani

[ArangoGutierrez]

[eduardo@fedora ~]$ polluntiltrue "skopeo list-tags docker://registry.k8s.io/nfd/node-feature-discovery |grep  v0.13" 3
        "v0.13.0",
        "v0.13.0-full",
        "v0.13.0-minimal",

[marquiz]

GitHub release page:
https://github.com/kubernetes-sigs/node-feature-discovery/releases/tag/v0.13.0

Release announcement email:
https://groups.google.com/a/kubernetes.io/g/dev/c/yU2IiJPZwIk

[ArangoGutierrez]

/close

[k8s-ci-robot]

@ArangoGutierrez: Closing this issue.

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.