deployment: add topology updater helm chart #623
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @zwpaper. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
needs-ok-to-test
k8s-ci-robot
added
the
size/L
|
/assign @marquiz I have tested locally, it should work as expected |
There was a problem hiding this comment.
Nice work @zwpaper 👍 Sorry for the delay, but I was secretly hoping to get #608 merged and then align this with it 😇
Some comments but I think this generally looks good.
Ping @eliaskoromilas: you have taken a look at our helm deployment and providing valuable feedback. Maybe you could take a look at this PR, too.
/ok-to-test
| - "--kubelet-config-file=/host-var/lib/kubelet/config.yaml" | ||
| - "--podresources-socket=/host-var/lib/kubelet/pod-resources/kubelet.sock" | ||
| - "--sleep-interval={{ .Values.topologyUpdater.updateInterval }}" | ||
| - "--watch-namespace=*" |
There was a problem hiding this comment.
These should be configurable parameters, similar to what we have for NFD master.
There was a problem hiding this comment.
all args now could be configurated by value.yaml,
the --kubelet-config-file and --podresources-socket is using the file mounted from hostpath, so that the config is updating the volume part.
k8s-ci-robot
added
ok-to-test
|
Thanks @marquiz, actually I do have some comments on this. I think it would be wise to completely separate the two I would use the existing The pattern I would use, e.g. in the cluster role binding file, would look like this: {{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-master
...
{{- end }}
---
{{- if .Values.topologyUpdater.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
...
{{- end }}This also means that the related serviceAccount:
create: true
annotations: {}
name:
rbac:
create: true
topologyUpdater:
serviceAccount:
create: true
annotations: {}
name:
rbac:
create: trueOf course it's also recommended to move the existing I also noticed that |
Agree 👍
Makes sense
Perhaps. But I think that should be the subject of another PR.
|
I agree addressing this separately. I doubled checked, |
Woops, you're actually right 🤦 So |
|
I created #630 to track the enhancements discussed above. Feel free to submit PRs 😉 |
|
thanks for the review! @marquiz and @eliaskoromilas but I have one more question, do we really need the those two seem to be duplicated with |
|
the build test seems to find some --- ./source/cpu/cstate_stub.go.orig 2021-10-22 04:05:28.008781087 +0000
+++ ./source/cpu/cstate_stub.go 2021-10-22 04:05:28.008781087 +0000
@@ -1,3 +1,4 @@
+//go:build !amd64
// +build !amd64there are no |
Yeah, let's handle that in a separate PR.
Ach, that was caused by a recent bump to go v1.17 (and wasn't catched by the CI at the transition). Fixed by #631. We need to merge that and then rebase your PR. |
| - "--kubelet-config-file=/host-var/lib/kubelet/config.yaml" | ||
| - "--podresources-socket=/host-var/lib/kubelet/pod-resources/kubelet.sock" |
There was a problem hiding this comment.
These two should be parameterized, too (or dropped)
There was a problem hiding this comment.
like I said here #623 (comment), those two args are mounted from hostpath, and point to the path inside the container, I have parameterized the hostpath under volume so that users could update those 2 args to the correct hostpath
There was a problem hiding this comment.
These are the defaults so no need to specify in the helm chart and they should be dropped (like other cmdline flags that are not changed from default). Unless make them configurable
There was a problem hiding this comment.
ok, mounted the files to default location and drop the two args
zwpaper
force-pushed
the
master
branch
2 times, most recently
from
dce38c6
to
1fb927a
Compare
| {{- end }} | ||
| volumeMounts: | ||
| - name: kubelet-config | ||
| mountPath: /var/lib/kubelet/config.yaml |
There was a problem hiding this comment.
Need to mount under /host-var for the container
| mountPath: /var/lib/kubelet/config.yaml | |
| mountPath: /host-var/lib/kubelet/config.yaml |
| - name: kubelet-config | ||
| mountPath: /var/lib/kubelet/config.yaml | ||
| - name: kubelet-podresources-sock | ||
| mountPath: /var/lib/kubelet/pod-resources/kubelet.sock |
There was a problem hiding this comment.
| mountPath: /var/lib/kubelet/pod-resources/kubelet.sock | |
| mountPath: /host-var/lib/kubelet/pod-resources/kubelet.sock |
There was a problem hiding this comment.
Ooops, I checked the code and found the default value is set to /var/lib, so I changed that.
but after you point out, and retest, it's /host-var/ 🤦🏻♂️, my bad.
changed back.
|
hi @marquiz, done squash commits😁 |
k8s-ci-robot
added
the
needs-rebase
Signed-off-by: Wei Zhang <kweizh@gmail.com>
k8s-ci-robot
removed
the
needs-rebase
|
haha, I used to clean up all the commit-msg body, but I saw your word |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: marquiz, zwpaper The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
fix #616
there are details in the helm chart to help review easier:
createCRDsis true"") by default, it means the same NS with helm chart installed