Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add master config file #1084

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -120,8 +120,13 @@ templates:
@# Need to prepend each line in the sample config with spaces in order to
@# fit correctly in the configmap spec.
@sed s'/^/ /' deployment/components/worker-config/nfd-worker.conf.example > nfd-worker.conf.tmp
@sed s'/^/ /' deployment/components/master-config/nfd-master.conf.example > nfd-master.conf.tmp
@sed s'/^/ /' deployment/components/topology-updater-config/nfd-topology-updater.conf.example > nfd-topology-updater.conf.tmp
@# The sed magic below replaces the block of text between the lines with start and end markers
@start=NFD-MASTER-CONF-START-DO-NOT-REMOVE; \
end=NFD-MASTER-CONF-END-DO-NOT-REMOVE; \
sed -e "/$$start/,/$$end/{ /$$start/{ p; r nfd-master.conf.tmp" \
-e "}; /$$end/p; d }" -i deployment/helm/node-feature-discovery/values.yaml
@start=NFD-WORKER-CONF-START-DO-NOT-REMOVE; \
end=NFD-WORKER-CONF-END-DO-NOT-REMOVE; \
sed -e "/$$start/,/$$end/{ /$$start/{ p; r nfd-worker.conf.tmp" \
Expand All @@ -130,6 +135,7 @@ templates:
end=NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE; \
sed -e "/$$start/,/$$end/{ /$$start/{ p; r nfd-topology-updater.conf.tmp" \
-e "}; /$$end/p; d }" -i deployment/helm/node-feature-discovery/values.yaml
@rm nfd-master.conf.tmp
@rm nfd-worker.conf.tmp
@rm nfd-topology-updater.conf.tmp

Expand Down
62 changes: 41 additions & 21 deletions cmd/nfd-master/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import (
"flag"
"fmt"
"os"
"regexp"

"k8s.io/klog/v2"

Expand All @@ -39,7 +38,7 @@ func main() {

printVersion := flags.Bool("version", false, "Print version and exit.")

args := initFlags(flags)
args, overrides := initFlags(flags)
// Inject klog flags
klog.InitFlags(flags)

Expand All @@ -55,6 +54,18 @@ func main() {
switch f.Name {
case "featurerules-controller":
klog.Warningf("-featurerules-controller is deprecated, use '-crd-controller' flag instead")
case "extra-label-ns":
args.Overrides.ExtraLabelNs = overrides.ExtraLabelNs
case "deny-label-ns":
args.Overrides.DenyLabelNs = overrides.DenyLabelNs
case "label-whitelist":
args.Overrides.LabelWhiteList = overrides.LabelWhiteList
case "resource-labels":
args.Overrides.ResourceLabels = overrides.ResourceLabels
case "enable-taints":
args.Overrides.EnableTaints = overrides.EnableTaints
case "no-publish":
args.Overrides.NoPublish = overrides.NoPublish
}
})

Expand Down Expand Up @@ -82,35 +93,23 @@ func main() {
}
}

func initFlags(flagset *flag.FlagSet) *master.Args {
args := &master.Args{
LabelWhiteList: utils.RegexpVal{Regexp: *regexp.MustCompile("")},
DenyLabelNs: map[string]struct{}{"*.kubernetes.io": {}},
}
func initFlags(flagset *flag.FlagSet) (*master.Args, *master.ConfigOverrideArgs) {
args := &master.Args{}

flagset.StringVar(&args.CaFile, "ca-file", "",
"Root certificate for verifying connections")
flagset.StringVar(&args.CertFile, "cert-file", "",
"Certificate used for authenticating connections")
flagset.Var(&args.DenyLabelNs, "deny-label-ns",
"Comma separated list of denied label namespaces")
flagset.Var(&args.ExtraLabelNs, "extra-label-ns",
"Comma separated list of allowed extra label namespaces")
flagset.StringVar(&args.Instance, "instance", "",
"Instance name. Used to separate annotation namespaces for multiple parallel deployments.")
flagset.StringVar(&args.KeyFile, "key-file", "",
"Private key matching -cert-file")
flagset.StringVar(&args.ConfigFile, "config", "/etc/kubernetes/node-feature-discovery/nfd-master.conf",
"Config file to use.")
flagset.StringVar(&args.Kubeconfig, "kubeconfig", "",
"Kubeconfig to use")
flagset.Var(&args.LabelWhiteList, "label-whitelist",
"Regular expression to filter label names to publish to the Kubernetes API server. "+
"NB: the label namespace is omitted i.e. the filter is only applied to the name part after '/'.")
flagset.BoolVar(&args.EnableNodeFeatureApi, "enable-nodefeature-api", false,
"Enable the NodeFeature CRD API for receiving node features. This will automatically disable the gRPC communication.")
flagset.BoolVar(&args.NoPublish, "no-publish", false,
"Do not publish feature labels")
flagset.BoolVar(&args.EnableTaints, "enable-taints", false,
"Enable node tainting feature")
flagset.BoolVar(&args.CrdController, "featurerules-controller", true,
"Enable NFD CRD API controller. DEPRECATED: use -crd-controller instead")
flagset.BoolVar(&args.CrdController, "crd-controller", true,
Expand All @@ -119,11 +118,32 @@ func initFlags(flagset *flag.FlagSet) *master.Args {
"Port on which to listen for connections.")
flagset.BoolVar(&args.Prune, "prune", false,
"Prune all NFD related attributes from all nodes of the cluaster and exit.")
flagset.Var(&args.ResourceLabels, "resource-labels",
"Comma separated list of labels to be exposed as extended resources.")
flagset.BoolVar(&args.VerifyNodeName, "verify-node-name", false,
"Verify worker node name against the worker's TLS certificate. "+
"Only takes effect when TLS authentication has been enabled.")
flagset.StringVar(&args.Options, "options", "",
"Specify config options from command line. Config options are specified "+
"in the same format as in the config file (i.e. json or yaml). These options")

overrides := &master.ConfigOverrideArgs{
LabelWhiteList: &utils.RegexpVal{},
DenyLabelNs: &utils.StringSetVal{},
ExtraLabelNs: &utils.StringSetVal{},
ResourceLabels: &utils.StringSetVal{},
}
flagset.Var(overrides.ExtraLabelNs, "extra-label-ns",
"Comma separated list of allowed extra label namespaces")
flagset.Var(overrides.LabelWhiteList, "label-whitelist",
"Regular expression to filter label names to publish to the Kubernetes API server. "+
"NB: the label namespace is omitted i.e. the filter is only applied to the name part after '/'.")
overrides.EnableTaints = flagset.Bool("enable-taints", false,
"Enable node tainting feature")
overrides.NoPublish = flagset.Bool("no-publish", false,
"Do not publish feature labels")
flagset.Var(overrides.DenyLabelNs, "deny-label-ns",
"Comma separated list of denied label namespaces")
flagset.Var(overrides.ResourceLabels, "resource-labels",
"Comma separated list of labels to be exposed as extended resources.")

return args
return args, overrides
}
3 changes: 0 additions & 3 deletions deployment/base/master/master-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,3 @@ spec:
failureThreshold: 10
command:
- "nfd-master"
args: []
volumeMounts: []
volumes: []
4 changes: 4 additions & 0 deletions deployment/components/common/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,3 +35,7 @@ patches:
target:
labelSelector: app=nfd
name: nfd
- path: master-mounts.yaml
target:
labelSelector: app=nfd
name: nfd-master
13 changes: 13 additions & 0 deletions deployment/components/common/master-mounts.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
- op: add
path: /spec/template/spec/volumes
value:
- name: nfd-master-conf
configMap:
name: nfd-master-conf

- op: add
path: /spec/template/spec/containers/0/volumeMounts
value:
- name: nfd-master-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
10 changes: 10 additions & 0 deletions deployment/components/master-config/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component

generatorOptions:
disableNameSuffixHash: true

configMapGenerator:
- files:
- nfd-master.conf=nfd-master.conf.example
name: nfd-master-conf
6 changes: 6 additions & 0 deletions deployment/components/master-config/nfd-master.conf.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# noPublish: false
# extraLabelNs: ["added.ns.io","added.kubernets.io"]
# denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
# resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
# enableTaints: false
# labelWhiteList: "foo"
10 changes: 10 additions & 0 deletions deployment/helm/node-feature-discovery/templates/master.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -109,10 +109,20 @@ spec:
- name: nfd-master-cert
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
readOnly: true
- name: nfd-master-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
volumes:
- name: nfd-master-cert
secret:
secretName: nfd-master-cert
- name: nfd-master-conf
configMap:
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
items:
- key: nfd-master.conf
path: nfd-master.conf

## /TLS ##
{{- end }}
{{- with .Values.master.nodeSelector }}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
data:
nfd-master.conf: |-
{{- .Values.master.config | toYaml | nindent 4 }}
8 changes: 8 additions & 0 deletions deployment/helm/node-feature-discovery/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,14 @@ namespaceOverride: ""
enableNodeFeatureApi: false

master:
config: ### <NFD-MASTER-CONF-START-DO-NOT-REMOVE>
# noPublish: false
# extraLabelNs: ["added.ns.io","added.kubernets.io"]
# denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
# resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
# enableTaints: false
# labelWhiteList: "foo"
### <NFD-MASTER-CONF-END-DO-NOT-REMOVE>
# The TCP port that nfd-master listens for incoming requests. Default: 8080
port: 8080
instance:
Expand Down
1 change: 1 addition & 0 deletions deployment/overlays/default-combined/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,4 @@ resources:
components:
- ../../components/worker-config
- ../../components/common
- ../../components/master-config
1 change: 1 addition & 0 deletions deployment/overlays/default-job/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@ resources:
components:
- ../../components/worker-config
- ../../components/common
- ../../components/master-config
1 change: 1 addition & 0 deletions deployment/overlays/default/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,4 @@ resources:
components:
- ../../components/worker-config
- ../../components/common
- ../../components/master-config
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,4 @@ components:
- ../../components/common
- ../../components/topology-updater
- ../../components/topology-updater-config
- ../../components/master-config
1 change: 1 addition & 0 deletions docs/deployment/helm.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,7 @@ We have introduced the following Chart parameters.
| `master.annotations` | dict | {} | NFD master pod [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) |
| `master.affinity` | dict | | NFD master pod required [node affinity](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) |
| `master.deploymentAnnotations` | dict | {} | NFD master deployment [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) |
| `master.config` | dict | | NFD master [configuration](../reference/master-configuration-reference) |

### Worker pod parameters

Expand Down
28 changes: 28 additions & 0 deletions docs/reference/master-commandline-reference.md
Original file line number Diff line number Diff line change
Expand Up @@ -268,6 +268,34 @@ Example:
nfd-master -resource-labels=vendor-1.com/feature-1,vendor-2.io/feature-2
```

### -config

The `-config` flag specifies the path of the nfd-master configuration file to
use.

Default: /etc/kubernetes/node-feature-discovery/nfd-master.conf

Example:

```bash
nfd-master -config=/opt/nfd/master.conf
```

### -options

The `-options` flag may be used to specify and override configuration file
options directly from the command line. The required format is the same as in
the config file i.e. JSON or YAML. Configuration options specified via this
flag will override those from the configuration file:

Default: *empty*

Example:

```bash
nfd-master -options='{"noPublish": true}'
```

### Logging

The following logging-related flags are inherited from the
Expand Down
Loading