Skip to content

v0.12.0

Compare
Choose a tag to compare
@marquiz marquiz released this 21 Dec 16:54
· 1273 commits to master since this release
v0.12.0
d614a3f

Changelog

Node tainting

NFD now supports node tainting. NodeFeatureRule custom resource was extended to create taints. See documentation for more information.

NodeFeature CRD

(EXPERIMENTAL) NFD defines new NodeFeature custom resource for communicating node features and node labeling requests and they can be used for implementing 3rd party extensions. Support for NodeFeature API is disabled by default in this release but will be enabled and is intended to replace the gRPC API between nfd-worker and nfd-master in the future.

See documentation for more details.

Improvements in topology-updater

NFD-Topology-Updater is now a standalone component, not depending on nfd-master, anymore. Topology-updater got support for configuration file, with one config option excludeList for filtering out resources from accounting. Topology-updater also now supports retrieving kubelet config from configz API endpoint (by default) and received a bunch of bug fixes.

Deprecations

  • deprecated IOMMU feature source has been removed
  • custom hooks are being deprecated and will be disabled and eventually dropped in future releases. Default behavior is not changed in this release but sources.local.hooksEnabled worker configuration option can be used to disable them. Suggested replacement for hooks in the future will be NodeFeature custom resources (still experimenta).
  • security-related labels were re-organized
    • feature.node.kubernetes.io/cpu-sgx.enabled is now deprecated, superseded by feature.node.kubernetes.io/cpu-security.sgx.enabled
    • feature.node.kubernetes.io/cpu-se.enabled is now replaced, superseded by feature.node.kubernetes.io/cpu-security.se.enabled
  • -featurerules-controller flag of nfd-master is now deprecated, use -crd-controller instead
  • some already deprecaterd worker command line flags were removed:
    • -sleep-interval (use core.sleepInterval config file option instead)
    • -label-whitelist (use core.labelWhiteList config file option instead)
    • -sources (use -label-sources flag instead)

Miscellaneous

  • Improved documentation, major restructuring of deployment and usage docs
  • ignore operational state of network interfaces when detecting
    network labels – fixes issues with network SR-IOV labels in some scenarios (#814)
  • new CPU features
    • Intel TDX
    • CPUID
      • TME, AMXFP16 and PREFETCHI
      • AVXVNNI (non-AVX512)
      • Better detection of features that have both AVX512 and non-AVX512 versions (GFNI, VAES, VPCLMULQDQ)
      • Major update for ARM, POWER, and Z features
  • Helm: improved management of CRDs, now supports --skip-crds
  • switched over to registry.k8s.io container image registry

List of PRs

  • docs: remove fixed release tag in developer guide (#798)
  • scripts/update-gh-pages: adjust commit message body (#800)
  • scripts/test-infra: bump golangci-lint to v1.45.2 (#804)
  • Bump Go to 1.18 (#785)
  • Dockerfile: update builder image to Go v1.18.1 (#807)
  • docs: fix operator deployment instructions (#811)
  • cpu: add cpuid stub for non-linux platforms (#808)
  • source/network: ignore interface operational state (#814)
  • docs: update x86 cpuid feature list (#818)
  • docs: small typo fix in cpuid feature list (#824)
  • README: update to v0.11.1 (#825)
  • github: small fix in new-release issue template (#822)
  • scripts/test-e2e: update aws-iam-authenticator to v0.5.7 (#834)
  • go.mod: update kubernetes to v1.24.2 (#835)
  • go.mod: update github.com/klauspost/cpuid to v2.0.14 (#837)
  • test/e2e: fix checking of nfd-master annotation (#839)
  • test/e2e: update e2e-test example config (#840)
  • test/e2e: change node-specific config to a list (#841)
  • source/fake: fix name of fake flag feature (#843)
  • Drop the iommu source (#827)
  • helm: add namespace override for multi-namespace deployments (#831)
  • dockerfile: update builder image to golang v1.18 (#836)
  • go.mod: update github.com/google/go-cmp to v0.5.8 (#838)
  • go.mod: update github.com/klauspost/cpuid to v2.1.0 (#851)
  • Move e2e-test helpers to a separate package (#854)
  • test/e2e: refactor setup and cleanup (#847)
  • Improvements to scripts/prepare-release.sh (#846)
  • Containerized auto-generation (#829)
  • Revert type hack in api (#845)
  • topology updater: add e2e tests (#528)
  • nfd-master: fix incorrect log messages in crd controller (#860)
  • nfd-master: more fixes to log messages (#861)
  • logging: do not use %w with klog.Errorf (#868)
  • helm: rename "manifests" subdir to "crds" (#862)
  • helm: add priorityClassName to worker (#867)
  • Fix templates for NodeFeatureRule with MatchAny (#865)
  • README: update to v0.11.2 (#874)
  • scripts/test-e2e: install kubectl (#877)
  • README: reconfigure prow badges (#878)
  • cpu: re-organize security features (#833)
  • Run local markdown tests inside an isolated container (#882)
  • Add Tilt option for developing NFD (#880)
  • Bump golang to v1.19 (#887)
  • Lint fixes (#889)
  • Update registry to registry.k8s.io (#890)
  • Update kubernetes to v1.25.0 (#888)
  • docs: fix incorrect shell snippet for removing labels (#892)
  • scripts: move hacky scripts to hack directory (#885)
  • nfd-master: drop cleanup of ancient incubator labels (#897)
  • Config option to disable hooks (#871)
  • Add Netlify configuration file (#895)
  • nfd-master: log if node was modified (or not) (#898)
  • Set shortName for NodeFeatureRule CRD (#901)
  • cpu: Discover Intel TDX (#830)
  • nfd-worker: rename some symbols (#905)
  • nfd-master: rename crd controller (#906)
  • apis/nfd: move annotation and label consts from nfd-master (#904)
  • pkg/api/feature: rename types (#908)
  • pkg/utils: move hostpath helpers from source to utils (#909)
  • test/e2e: fix segfault in case no e2e config file is specified (#891)
  • nfd-worker: refactor gRPC connection logic (#907)
  • nfd-master: refactor gRPC into a separate method (#911)
  • test/e2e: add tests for NodeFeatureRules (#848)
  • OWNERS: add fmuyassarov as a reviewer (#918)
  • Tiltfile: update builder image to golang:1.19-bullseye (#915)
  • Update base image to Debian bullseye (#916)
  • Error strings should not be capitalized (#921)
  • Standardize "k8s.io/api/core/v1" package short name (#920)
  • Update CPU flags for ARM, POWER, and Z (#919)
  • apis/nfd: migrate pkg/api/feature (#912)
  • cpu: ignore unknown cpuid flags on non-x86 (#914)
  • topology-updater: continue looping on scan error (#929)
  • Bump Kubernetes to v1.25.3 (#930)
  • apis/nfd: flatten the structure of features data type (#925)
  • source/usb: scan host sysfs (#933)
  • apis/nfd: fix NodeFeatureRule templating (#935)
  • Stop using the beta.kubernetes.io/os and arch labels (#937)
  • Increase allowed image build timeout for 500s (#936)
  • Increase image waiting timeout (#938)
  • README: update deployment instructions to use v0.11.3 (#946)
  • docs: update the name of the base image (#948)
  • add ephemeral environment for e2e test execution (#917)
  • docs: restructure docs (#950)
  • Add argument to updateNodeFeatures method to pass client from caller (#952)
  • cpu: fix 32-bit ARMv8 CPU flags (#927)
  • nfd-topology-updater: retrieve kubelet config from API /configz (#842)
  • docs: update github-pages gem to v227 (#959)
  • test/e2e: fix topologu-updater cmdline args (#960)
  • e2e: topologyupdater: fix and stabilize tests (#961)
  • topology-updater: introduce exclude-list (#949)
  • test/e2e: more flexible pod spec generation (#964)
  • test/e2e: add helper for creating new configmaps (#965)
  • e2e: add SecurityContext to master (#966)
  • nfd-worker: drop deprecated command line flags (#968)
  • docs: revise topology-updater helm chart rbac parameters (#969)
  • docs: document helm chart params related to worker serviceaccount (#970)
  • test/e2e: remove dropped -sleep-interval arg (#971)
  • deployment: drop stale nfd-api-crds.yaml (#972)
  • e2e: move pod utils to a seperate package (#967)
  • docs: better document custom resources (#974)
  • docs: simplify quick-start page (#973)
  • scripts/mdlint: update mdlint to v0.12.0 (#977)
  • docs: small update to customization guide (#976)
  • test/e2e: no pod restart policy of nfd-worker by default (#975)
  • helm: drop NodeFeatureRule CRD from templates (#978)
  • Allow optionally setting node taints defined on the NodeFeatureRule CR (#910)
  • nfd-master svc should select only nfd-master pods (#981)
  • go.mod: update to klauspost/cpuid to v2.2.2 (#982)
  • helm: fix mount name of topology-updater config (#979)
  • docs: remove non-existent nodeFeatureRule.createCRD parameter (#983)
  • nfd-topology-updater: update NodeResourceTopology objects directly (#980)
  • nfd-worker: detect the namespace it is running in (#984)
  • Bump go.mod k8s.io to 1.26 (#987)
  • nfd-master: add error checking for CRD controller creation (#988)
  • Introduce NodeFeature CRD (#986)
  • nfd-master: rename -featurerules-controller flag to -crd-controller (#991)
  • nfd-master: fix creation of the -enable-nodefeature-api flag (#992)
  • test/e2e: fix creation of NFD CRDs (#993)
  • nfd-master: implement ratelimiter for nfd api updates (#990)
  • E2E: default kubeconfig location to ${HOME}/.kube/config (#994)
  • nfd-master: handle multiple NodeFeature objects (#989)
  • test/e2e: create CRDs once in the beginning of the tests (#997)
  • test/e2e: fix mistake in ginkgo focus (#1000)
  • E2E: default seccompProfile to runtimeDefault for nfd worker (#995)
  • docs: document NodeFeature API (#903)
  • E2E: parameterize container image and tag (#996)
  • test/e2e: drop pod security enforcement label from the test namespace (#1002)
  • nfd-master: update all nodes at startup when NodeFeature API enabled (#998)
  • test/e2e: don't expect control-plane nodes to be labeled (#1004)
  • nfd-master: update node if no NodeFeature objects are present (#999)
  • test/e2e: drop host-usr-src mount (#1003)
  • Add E2E test for NFD tainting feature (#932)
  • test/e2e: add basic e2e-tests for NodeFeature API (#1001)
  • Simplify usage of ObjectMeta fields (#1005)
  • docs: better document differences between deployment methods (#1006)