Releases: kubernetes-sigs/node-feature-discovery
v0.11.1
Changelog
Fixes an issue where the network-sriov.*
labels were not correctly set in all scenarios (#812).
List of PRs
v0.11.0
Changelog
- Detection of CPU model
- Detect Intel Control-flow Enforcement Technology (CET)
- Detect intel-iommu/version attribute of PCI devices
- Detect IBM Secure Execution (S390x)
- Helm chart:
- Support configuring
-resource-labels
for nfd-master - Configurable annotations to DaemonSet (nfd-master) and Deployment (nfd-worker)
- Create ServiceAccount for nfd-worker
- Support configuring
List of PRs
- README: bump to v0.10.0 (#720)
- scripts/update-gh-pages: fix symlink to stable version (#724)
- go.mod: bump kubernetes to v1.23.1 (#725)
- github: re-organize the release process slightly (#721)
- Fix GoLinter Issues in the files (#711)
- Multi ARCH build amd64, arm64 (#698)
- Adding missing target dep (#728)
- cloudbuild.yaml: set HOME to /root (#730)
- cloudbuild.yaml: double the timeout (#731)
- cloudbuild.yaml: increase timeout to 2400s (#733)
- cloudbuild.yaml: increase timeout to 1 hour (#734)
- cloudbuild.yaml: increase timeout to 1h 20min (#735)
- Increase timeout in test setups (#738)
- scripts: configure docker auth in push-image.sh (#739)
- cloudbuild.yaml: upgrade machine type to n1-highcpu-8 (#740)
- scripts/test-infra: separate task for multiarch image build (#742)
- nfd-master: print gRPC server error correctly (#732)
- nfd-master: do graceful stop of gRPC server (#736)
- cloudbuild.yaml: decrease timeout to 25 minutes (#741)
- docs: clarify deployment requirements (#745)
- docs: drop topology-updater cmdline help from developer guide (#748)
- README: point to v0.10.1 (#753)
- docs: update helm document to match values.yaml (#727)
- docs: fix operator deployment instructions (#726)
- scripts/prepare-release: fix upating of readme (#755)
- docs: re-fix operator deployment instructions (#762)
- docs: use new custom rule format in worker config reference (#754)
- go.mod: update to klauspost/cpuid/[email protected] (#771)
- docs: Update default K8S_NAMESPACE (#773)
- tls: require min TLS version 1.3 (#781)
- Add ServiceAccount for nfd-worker (#782)
- Additional Lint Fixes in Codebase (#779)
- Fixed the incorrect references (#769)
- source/pci: detect intel-iommu/version (#716)
- topologyupdater: Prevent crash with incorrect node id (#783)
- deployment/helm: add resourceLabels to master args (#793)
- Fix a couple typos (#796)
- apis/nfd: empty match expression set returns no features for templates (#787)
- helm: add annotations to daemonset and deployment (#794)
- Add cpu-model feature detection (#792)
- cpu: Discover IBM Secure Execution (#790)
v0.10.1
Changelog
This release enables multi-arch, providing container image for ARM64 architecture.
List of PRs
v0.10.0
Changelog
Expression-based custom label rules
We implemented new expression-based format for writing labeling rules, greatly expanding the capabilities for vendor and application specific labeling. It covers much more features than the built-in labels reveal, supports tempating and more. See new customization guide for more details.
NodeFeatureRule custom resource
We introduce new NodeFeatureRule custom resource, enabling the deployment vendor and application specific labeling rules as Kubernetes API objects. See customization guide for details.
Detection of network, storage and nvdimm devices
NFD now discovers network, block storage and nvdimm devices. No new built-in labels are introduced but the device information is available for custom label rules to use. See available features for details.
Topology-updater daemon
NFD-Topology-Updater is a new daemon that advertises topology of available and allocatable system resources via NodeResourceTopology custom resources. See the documentation for more details.
New profile label namespace
NFD now by default allows a new profile.node.kubernetes.io
label namespace (and it's sub-namespaces). This can be used in custom labels and is intended for vendor or application specific higher level "meta features".
Label names from the local source changed
NFD stopped injecting the filename of the hook/featurefile into the name of the label.
NOTE: This breaks backwards compatibility with usage scenarios that rely on implicitly prefixing the label with the filename. However, we felt that the somewhat confusing and counter-intuitive behavior needs to be changed. The suggested way to fix existing use cases is to user fully namespaced <namespace>/<name>=<value>
format (this will retain compatibility with older versions of NFD).
TLS and cert-manager integration in Helm chart
NFD Helm chart now supports enabling TLS and cert-manager via the tls.enable
and tls.certManager
options. See the documentation for details.
IOMMU source deprecated
The IOMMU source has been deprecated and is now disabled by default. Thus, it's only feature label feature.node.kubernetes.io/iommu-enabled
is not available in the default configuration. To enable it, set the core.labelSources
option to the value [all, iommu]
in the nfd-worker configuration. See worker configuration for more details on configuring nfd-worker.
NOTE: the iommu_group/type
is now available as per PCI device attribute to be used for custom label rules. See the customization guide for details on using custom label rules.
Miscellaneous
- /usr/src is not mounted by default, anymore (#585)
- simplify nfd-worker configuration in Helm (#627)
- detect Intel SGX (#647)
- add additional IBM Z CPUID flags (#675)
- nfd-worker config
- fix kustomize sample overlay enabling cert-manager (#710)
List of PRs
- README: update deployment instructions to use v0.9.0 (#580)
- nfd-worker: split out gRPC connection handling (#552)
- gitignore: add kustomization.yaml (#583)
- source/custom: refactor kconfig rule internal representation (#543)
- Fix the typo in deployment-and-usage.md (#575)
- Only add kustomization.yaml in the root to .gitignore (#587)
- scripts/test-infra: verify buildability of kustomize overlays (#586)
- deployment: make /usr/src hostpath mount optional (#585)
- nfd-master: allow profile.node.kubernetes.io label ns (#548)
- Fix a link in deployment-and-usage.md (#589)
- Fix broken link for worker-conf example (#590)
- source/network: silence annoying/useless log message (#592)
- source: rename FeatureSource to LabelSource (#596)
- deployment: fix formatting of the worker conf sample (#599)
- source: make sources register themselves (#597)
- Introducing NFD Topology Updater exposing Resource hardware Topology info through CRs (#525)
- source: introduce FeatureSource interface (#601)
- Fix broken link on docs/get-started (#603)
- Utilize go generate (#602)
- Trim single quotes in parseOSRelease (#606)
- docs: remote wip note from worker configuration reference (#611)
- deployment: fix typo in overlay name (#609)
- Update developer-guide.md (#613)
- scripts/test-infra: bump golangci-lint to v1.42.1 (#615)
- docs: fix TOCs (#610)
- deployment: align topologyupdater overlays (#607)
- drop the topology updater job (#622)
- topology-updater:fix klog initialization (#625)
- docs: update dependencies (#624)
- deployment/helm: don't force sleep-interval in worker cmdline flags (#628)
- Bump to golang v1.17 (#629)
- source: fix gofmt errors (#631)
- Makefile: let gofmt-verify write changes back to files (#632)
- deployment: Simplify NFD worker configuration in Helm (#627)
- deployment: add topology updater helm chart (#623)
- docs: mention minimum required kubectl version (#635)
- Documentation capturing enablement of NFD-Topology-Updater in NFD (#526)
- resourcemonitor: aggregate and provide the memory and hugepages information (#593)
- pkg/resourcemonitor: fix typo in comment (#641)
- pkg/api/feature: small improvements (#642)
- test/e2e: make e2e tests run on single-node cluster (#643)
- test/e2e: drop /boot mount (#644)
- source: implement FeatureSource interface (#604)
- Topology-updater introduction typo fix (#645)
- deployment: Implicitly generate the worker ConfigMap name (#640)
- More topology updater documentation typo fixes (#648)
- source/custom: expression based label rules (#639)
- More extensive and expressive custom rules (#464)
- NFD-Topology-Updater: Bump NRT API to version v0.0.12 (#652)
- grpc: extend the API to send raw features (#646)
- specify CRD for custom labeling rules (#653)
- source/custom: move rule matching to pkg/apis/nfd (#654)
- pkg/apis/nfd: drop excess field from the CRD (#657)
- Update the link of slack channel (#659)
- Add code for interacting with CRD API (#655)
- deployment: clean up base/topologyupdater-daemonset (#608)
- topologyupdater: logs relevant message when feature-gate is disabled. (#633)
- nfd-master: implement controller for NodeFeatureRule CRs (#656)
- source/storage: implement FeatureSource (#649)
- Revert "test/e2e: drop /boot mount" (#664)
- CRD-based custom node labeling (#553)
- source/network: implement FeatureSource (#660)
- source/memory: implement FeatureSource (#661)
- Templating of custom label names (#550)
- source/cpu: detect Intel SGX (#647)
- source/kernel: don't advertise selinux.enabled=false (#665)
- source/memory: fix memory.numa label (#666)
- pkg/apis/nfd: stricter format checking for template labels (#668)
- Add variables to feature rule spec and support backrefs (#663)
- source/cpu: add additional IBM Z CPU Flags (#675)
- images: use k8s-staging-test-infra/gcb-docker-gcloud (#685)
- images: fix invalid k8s-staging-test-infra/gcb-docker-gcloud tag (#686)
- Makefile: Add make deploy rule (#679)
- docs: drop cmdline help from developer guide (#672)
- Lint fixes to pkg/apis (#687)
- Add deploy-prune makefile rule to ease devel processes (#667)
- Use single-dash format of cmdline flags (#671)
- source/kernel: ditch regexp in kconfig parsing (#683)
- nfd-worker: rename 'sources' config option (#673)
- source/kernel: drop length check of kconfig values (#682)
- source/kernel: unmangled kconfig values for custom rules (#684)
- scripts: increase e2e-test image poll timeout to 12mins (#688)
- scripts/test-infra: bump helm to v3.7.1 (#689)
- nfd-worker: disable sources more easily (#670)
- nfd-worker: add core.featureSources config option (#605)
- source: make per-source unit tests stricter (#691)
- source/fake: implement FeatureSource (#692)
- docs: fix mistake in md format (#693)
- test/e2e: revise usage of nfd command line flags (#690)
- source/usb: fix fallback to default label format (#694)
- source/local: log features per each hook and feature file (#696)
- source/local: don't prefix label names with the filename (#695)
- nfd-worker: drop 'custom-' prefix from matchFeatures custom rules (#697)
- Dockerfile: build grpc_health-probe from source (#707)
- Fix readiness and liveness checks (#709)
- Fix kustomization template to work with cert-manager (#710)
- Enable TLS and cert-manager created certs for helm chart (#712)
- deployment/helm: refactor nfd-master rbac parameters (#706)
- deployment/helm: disable nfr controller for parallel instances (#699)
- deployment: use new custom rule format in sample configs (#701)
- source/iommu: deprecate and disable by default (#677)
- Initial bash at new TLS docs (#713)
- docs: add customization guide (#704)
- docs: small tinkering on the TLS documentation (#714)
- source/pci: add iommu_group/type attribute (#705)
- docs: small fix in block and net features in customization guide (#715)
v0.9.0
Changelog
Switch over to kustomize
NFD now leverages kustomize for kubectl based deployments, making it easier to manage user-specific customized deployment scenarios. See deployment with kustomize in the documentation for more details.
Feature label sub-namespaces
NFD now allow the usage of sub-namespaces of the default label namespace for easier separation of vendor or application specific labels. That is, e.g. <vendor>.feature.node.kubernetes.io
is available without any extra configuration.
TLS: accept client certs based on SAN
NFD now does client certificate verification based on SAN (Subject Alternative Name) in addition to Common Name (CN). This makes the virtually broken --verify-node-name
option usable again.
Readiness and liveliness probes to nfd-master
The default kustomize and Helm deployments now enable gRPC-based readiness and liveness probes for the nfd-master containers.
Miscellaneous
- Support matching against USB device serial number in the custom feature source (#521)
- Various fixes and improvements to Helm chart deployment
- Configurable base image for manual builds (#513)
- Make nost /usr/lib and /usr/src available for nfd-worker (#519)
- Correct the names of SSE4* cpuid flags (#547)
- Detect AVX512 FP16 (#555)
List of PRs
- scripts/update-gh-pages: fix helm repo update (#486)
- github: two more steps to release process (#488)
- README: update references to version 0.8.0 (#490)
- github: update gh-pages on published releases (#489)
- docs: describe Helm repo as the primary option for Helm (#491)
- Docs: Add Table header to master/worker chart parameters (#492)
- scripts/update-gh-pages: slightly cleaner log output (#494)
- [helm] fix nfd worker tolerations value (#495)
- bump Go to 1.16 (#497)
- Helm chart: Fix configMap indenting (#496)
- scripts/prepare-release: option to only create assets (#502)
- README: update references to version 0.8.1 (#507)
- Update deps (#499)
- github: add a reminder about both image variants in the release process (#506)
- github: update release process to create a 'devel' tag (#498)
- docs: fixes in Helm documentation (#509)
- Add support for configurable runtime full and minimal images. (#513)
- Accept client certs based on SAN, not just CN (#514)
- helm: add extraLabelNs master flag (#515)
- Mount /usr inside the Pod (#519)
- Add support for using USB device serial number (#521)
- README: update references to v0.8.2 (#531)
- docs: show full version number in sidebar (#532)
- utils/dump: do not print empty header line (#542)
- source: define source names as consts (#544)
- cpuid: correct the name of SSE4* cpuid flags (#547)
- go.mod: update dependencies (#546)
- make go report happy (#538)
- chore: update tolerations and affinities to control-plane (#537)
- Straighten wrinkles in lint fixes (#551)
- go.mod: update to klauspost/cpuid/[email protected] (#555)
- Makefile: add apigen target (#541)
- Makefile: add lint target (#549)
- Remove wrong comands on documentation (#559)
- nfd-master: allow sub-namespaces of the default label ns (#536)
- helm: add readme (#564)
- Dockerfile: update go to 1.16.7 (#568)
- go.mod: update kubernetes to v1.22.0 (#569)
- Move to kustomize (#573)
- Better error reporting of kernel and cpu feature sources (#570)
- Add Readiness and liveliness probes to nfd-master (#563)
- cstate/pstate: Skip check on non intel arches (#571)
- docs: clarify the cpu.cstate feature (#572)
v0.8.2
Changelog
This is a maintenance release fixing handling of TLS client certificates and adding Helm support for --extra-label-ns
command line flag.
List of PRs
v0.8.1
v0.8.0
Changelog
Major
NFD Helm repository
NFD now hosts a Helm chart repository as a new deployment option. Installation of the latest release can be as simple as:
helm repo add nfd http://kubernetes-sigs.github.io/node-feature-discovery/charts
helm repo update
helm install nfd/node-feature-discovery --namespace node-feature-discovery --create-namespace --generate-name
See the documentation for more detailed instructions.
Dynamic TLS certificate updates
Support for dynamic TLS certificate updates was added. This enables e.g. the usage of cert-manager for certificate rotation. See the documentation for more details.
Improved worker configuration
Now most of the nfd-worker options (e.g. sleep-interval) are dynamically configurable via the configuration file. Most of the corresponding command line flags have been marked as deprecated. See documentation of the core config options for more details.
Minimal container image variant
NFD now has a "minimal" variant of container image, based on distroless/base. The minimal image provides enhanced security and reduced image footprint, but, limits the nfd-worker hook support to statically linked binaries only. See the documentation for more details.
Support multiple parallel NFD instances
New -instance
command line flag for nfd-master was added, making it possible to run multiple deployments of NFD in parallel.
Nodename rule to custom source
A new nodename
rule was added to the quiver to enable creation of user-specific labels based on node name. See the documentation for detailed description and examples.
Additional CPU pstate and cstate features
New CPU features labels were added:
- feature.node.kubernetes.io/cpu-pstate.status
- feature.node.kubernetes.io/cpu-pstate.scaling_governor
- feature.node.kubernetes.io/cpu-cstate.enabled
Klog for logging
NFD switched to klog-based logging, greatly improving logging and debugging capabilities. Moreover, most of the logger related options in nfd-worker are dynamically adjustable through the config file, making it possible to e.g. control the verbosity of nfd-worker instances at run-time.
Miscellaneous
- Switch to flags package in command line arg parsing (#444)
- Update
klauspost/cpuid
to v2.0.2 (#421) - nfd-worker: stop masking crashes in feature discovery (#458)
List of PRs
- Cherry-pick: github: update new-release issue template (#416)
- github: workflow fixes (#419)
- README: update references to v0.7.0 (#420)
- go.mod: update to klauspost/cpuid/[email protected] (#421)
- Set imagePullPolicy in the deployment templates to Always (#430)
- Change the worker conf update mechanism of templates (#434)
- scripts/test-infra: update golangci-lint to v1.36.0 (#436)
- Replace improper usage of filepath.Join with path.Join (#435)
- Update gogo/protobuf and golang.org/x/text (#438)
- nfd-worker: use fsnotify for watching for config file changes (#432)
- nfd-master: implement --instance flag (#431)
- Update OWNERS file (#441)
- nfd-worker: add core config (#433)
- Add helm chart for NFD (#423)
- Add NFD master '--instance' flag support to Helm chart (#443)
- Fix daemonset deployment template (#446)
- Fix NFD master chart template (#447)
- Switch to flags package in command line arg parsing (#444)
- Added nodename rule to custom source (#429)
- docs: align docs with the single-dash command line flags (#449)
- docs: enable markdown linting (#451)
- nfd-master: switch to klog (#445)
- nfd-worker: switch to klog (#450)
- test/e2e: make openshift bits optional (#452)
- Logging fixes (#453)
- scripts/test-infra: enable helm linting (#455)
- nfd-worker: stop masking crashes in feature discovery (#458)
- logs should all be lower case when possible (#454)
- source: drop stale BoolFeatureValue type (#459)
- Makefile: increase golangci-lint timeout to 7min (#461)
- nfd-worker: improve log messages of config handling (#460)
- pkg/utils: fix possible segfault in RegexpVal.Set (#462)
- github: limit gh-pages build of tags to (final) semver releases (#466)
- logging: set grpc to use klog for logging (#465)
- Dockerfile: add minimal image (#469)
- docs: unify capitalization of headings (#470)
- Support TLS certificate updates (#442)
- pkg/utils: show correct source file in gRPC logs (#475)
- Support for additional cpu features (#463)
- use cert-manager for TLS (#379)
- docs: describe deployment of the minimal image (#471)
- nfd-worker: don't log labels returned by sources by default (#474)
- docs: updates to documentation of Helm parameters (#472)
- docs: fix some internal references (#480)
- Host NFD Helm repo in gh-pages (#457)
- github: update new-release issue template assignees (#482)
- docs: document all config file options (#481)
- Remove --sleep-interval flag from worker deployment templates (#483)
- source/custom: dump config in more human-readable form (#473)
v0.7.0
For deployment and usage instructions see the Project Documentation
Changelog
With this release the NFD container image registry was changed from quay.io to k8s.gcr.io which is managed by the Kubernetes community. New images will be available under k8s.gcr.io/nfd registry.
Documentation is was converted from one monolithic README into HTML served by GitHub pages at:
https://kubernetes-sigs.github.io/node-feature-discovery
Major Changes
- Add kconfig and cpuid rules to the
custom
feature source (#334) - Support for ARM/Aarch32 cpuid (#322)
- Add
--prune
flag to nfd-master (#326) - Update cpuid, support for Intel Sapphire Rapids (#406)
Misc
- Shortcut to enable all feature sources with
--sources=all
(#356) - Fix bug in kernel version number sanitization (#402)
- Fix sporadic worker restarts (#336)
- Deployment templates create and mount a nfd-worker.conf ConfigMap (#386)
- Container image and deployment hardening (#325, #395)
- Change default namespace in the deployment specs to node-feature-discovery (#365)
- Use Kubernetes v1.19 and Golang v1.15
- Make build customization through Makefile variables more coherent (#351, #355, #404)
- Documentation moved to https://kubernetes-sigs.github.io/node-feature-discovery
- Container image hosting moved to k8s.gcr.io
- CI moved from TravisCI to Kubernetes test-infra
v0.6.0
Changelog
Major changes
- New
custom
feature source (#290). Introduces a new feature source that allows creating user-defined labels based on configurable matcher rules. See README for detailed description and examples. - Support USB device discovery (#310). Adds a new configurable
usb
feature source advertising USB devices and a newUsbId
rule type to thecustom
source. See the documentation of USB source and UsbId custom rule for more details. - Experimental support for extended resources (#291). Makes it possible to configure nfd-master to advertise specific features as extended resources instead of node labels. See README for more details.
- PCI: add
sriov.capable
attribute for PCI devices that support SR-IOV (#288) - Change suggested nfd-master deployment from Daemonset to Deployment (#294)
- Support run-time configuration file updates (#304)
- Perform network feature discovery under host sysfs (#317). Removes the need to use hostNetwork on nfd-worker pods.
- Support cpuid for ARM/Aarch32 (#322)
Miscellaneous
- Do not publish empty OS version labels (#299)
- Handle forbidden symbols in kernel version label (#309)
- Unify behaviour of
--label-whitelist
across nfd-worker and nfd-master (#307). On nfd-worker, the label namespace is now ignored, i.e. the filter is applied on the name part after/
. - Documentation improvements (#284, #285, #316, #323)
- Improved end-to-end tests and integration with the CI (#186, #292)
- Update to klauspost/cpuid to v1.2.3 for improved CPUID detecttion (#279)
- Update to Kubernetes v.1.17 (#282)
Deployment
For complete documentation see the v0.6.0 release
For quick start, you can use the provided template specs to deploy the NFD release image with the default configuration in the default namespace:
export NFD_VERSION=v0.6.0
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/$NFD_VERSION/nfd-master.yaml.template
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/$NFD_VERSION/nfd-worker-daemonset.yaml.template