From dfbb315522150ce6c1c6316eb3ed6cf923421423 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Thu, 19 Mar 2026 02:14:45 +1100 Subject: [PATCH] feat: migrate node-feature-discovery and inteldeviceplugins-system to platform project (#48) - Add node-feature-discovery and inteldeviceplugins-system to platform project - Convert intel-nfd-rules from local Helm chart to static NodeFeatureRule manifests - Add required Helm repositories (NFD OCI registry and Intel charts) - Create base configurations with Helm charts and overlay structures - Update platform ApplicationSet and project permissions Reviewed-on: https://git.unkin.net/unkin/argocd-apps/pulls/48 --- .../kustomization.yaml | 18 +++ .../inteldeviceplugins-system/namespace.yaml | 5 + .../values-gpu-plugin.yaml | 13 ++ .../intel-nodefeaturerules.yaml | 152 ++++++++++++++++++ .../node-feature-discovery/kustomization.yaml | 14 ++ .../node-feature-discovery/namespace.yaml | 5 + .../kustomization.yaml | 6 + .../node-feature-discovery/kustomization.yaml | 6 + argocd/applicationsets/platform.yaml | 2 + argocd/projects/platform.yaml | 4 + ci/validate-apps.sh | 2 +- 11 files changed, 226 insertions(+), 1 deletion(-) create mode 100644 apps/base/inteldeviceplugins-system/kustomization.yaml create mode 100644 apps/base/inteldeviceplugins-system/namespace.yaml create mode 100644 apps/base/inteldeviceplugins-system/values-gpu-plugin.yaml create mode 100644 apps/base/node-feature-discovery/intel-nodefeaturerules.yaml create mode 100644 apps/base/node-feature-discovery/kustomization.yaml create mode 100644 apps/base/node-feature-discovery/namespace.yaml create mode 100644 apps/overlays/au-syd1/inteldeviceplugins-system/kustomization.yaml create mode 100644 apps/overlays/au-syd1/node-feature-discovery/kustomization.yaml diff --git a/apps/base/inteldeviceplugins-system/kustomization.yaml b/apps/base/inteldeviceplugins-system/kustomization.yaml new file mode 100644 index 0000000..4a52d2e --- /dev/null +++ b/apps/base/inteldeviceplugins-system/kustomization.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + +helmCharts: + - name: intel-device-plugins-operator + repo: https://intel.github.io/helm-charts/ + releaseName: intel-device-plugins-operator + namespace: inteldeviceplugins-system + - name: intel-device-plugins-gpu + repo: https://intel.github.io/helm-charts/ + version: "0.34.1" + releaseName: intel-gpu-plugin + namespace: inteldeviceplugins-system + valuesFile: values-gpu-plugin.yaml diff --git a/apps/base/inteldeviceplugins-system/namespace.yaml b/apps/base/inteldeviceplugins-system/namespace.yaml new file mode 100644 index 0000000..3682b6e --- /dev/null +++ b/apps/base/inteldeviceplugins-system/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: inteldeviceplugins-system diff --git a/apps/base/inteldeviceplugins-system/values-gpu-plugin.yaml b/apps/base/inteldeviceplugins-system/values-gpu-plugin.yaml new file mode 100644 index 0000000..aadad36 --- /dev/null +++ b/apps/base/inteldeviceplugins-system/values-gpu-plugin.yaml @@ -0,0 +1,13 @@ +--- +name: intel-gpu-device-plugin +sharedDevNum: 4 +logLevel: 2 +enableMonitoring: true +allocationPolicy: "none" +image: + hub: intel + tag: "" # Use latest from chart +nodeSelector: + intel.feature.node.kubernetes.io/gpu: 'true' +nodeFeatureRule: true +tolerations: [] diff --git a/apps/base/node-feature-discovery/intel-nodefeaturerules.yaml b/apps/base/node-feature-discovery/intel-nodefeaturerules.yaml new file mode 100644 index 0000000..91dda7c --- /dev/null +++ b/apps/base/node-feature-discovery/intel-nodefeaturerules.yaml @@ -0,0 +1,152 @@ +--- +apiVersion: nfd.k8s-sigs.io/v1alpha1 +kind: NodeFeatureRule +metadata: + name: intel-dp-devices + namespace: node-feature-discovery +spec: + rules: + - name: "intel.dlb" + labels: + "intel.feature.node.kubernetes.io/dlb": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + device: {op: In, value: ["2710"]} + class: {op: In, value: ["0b40"]} + - feature: kernel.loadedmodule + matchExpressions: + dlb2: {op: Exists} + + - name: "intel.dsa" + labels: + "intel.feature.node.kubernetes.io/dsa": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + device: {op: In, value: ["0b25", "11fb", "1212"]} + class: {op: In, value: ["0880"]} + - feature: kernel.loadedmodule + matchExpressions: + idxd: {op: Exists} + + - name: "intel.fpga-arria10" + labels: + "intel.feature.node.kubernetes.io/fpga-arria10": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + device: {op: In, value: ["09c4"]} + class: {op: In, value: ["1200"]} + matchAny: + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + dfl_pci: {op: Exists} + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + intel_fpga_pci: {op: Exists} + + - name: "intel.gpu" + labels: + "intel.feature.node.kubernetes.io/gpu": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + class: {op: In, value: ["0300", "0380"]} + matchAny: + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + i915: {op: Exists} + - matchFeatures: + - feature: kernel.enabledmodule + matchExpressions: + i915: {op: Exists} + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + xe: {op: Exists} + - matchFeatures: + - feature: kernel.enabledmodule + matchExpressions: + xe: {op: Exists} + + - name: "intel.iaa" + labels: + "intel.feature.node.kubernetes.io/iaa": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + device: {op: In, value: ["0cfe", "1216"]} + class: {op: In, value: ["0880"]} + - feature: kernel.loadedmodule + matchExpressions: + idxd: {op: Exists} + + - name: "intel.qat" + labels: + "intel.feature.node.kubernetes.io/qat": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + device: {op: In, value: ["37c8", "4940", "4942", "4944", "4946", "4948"]} + class: {op: In, value: ["0b40"]} + - feature: kernel.loadedmodule + matchExpressions: + intel_qat: {op: Exists} + matchAny: + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + vfio_pci: {op: Exists} + - matchFeatures: + - feature: kernel.enabledmodule + matchExpressions: + vfio-pci: {op: Exists} + + - name: "intel.sgx" + labels: + "intel.feature.node.kubernetes.io/sgx": "true" + extendedResources: + sgx.intel.com/epc: "@cpu.security.sgx.epc" + matchFeatures: + - feature: cpu.cpuid + matchExpressions: + SGX: {op: Exists} + SGXLC: {op: Exists} + - feature: cpu.security + matchExpressions: + sgx.enabled: {op: IsTrue} + - feature: kernel.config + matchExpressions: + X86_SGX: {op: Exists} + + - name: "intel.npu" + labels: + "intel.feature.node.kubernetes.io/npu": "true" + matchFeatures: + - feature: pci.device + matchExpressions: + vendor: {op: In, value: ["8086"]} + class: {op: In, value: ["1200"]} + device: { + op: In, + value: ["7e4c", "643e", "ad1d", "7d1d"] + } + matchAny: + - matchFeatures: + - feature: kernel.loadedmodule + matchExpressions: + intel_vpu: {op: Exists} + - matchFeatures: + - feature: kernel.enabledmodule + matchExpressions: + intel_vpu: {op: Exists} diff --git a/apps/base/node-feature-discovery/kustomization.yaml b/apps/base/node-feature-discovery/kustomization.yaml new file mode 100644 index 0000000..b9e7686 --- /dev/null +++ b/apps/base/node-feature-discovery/kustomization.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - intel-nodefeaturerules.yaml + +helmCharts: + - name: node-feature-discovery + repo: oci://gcr.io/k8s-staging-nfd/charts + version: "0.0.0-master" + releaseName: node-feature-discovery + namespace: node-feature-discovery diff --git a/apps/base/node-feature-discovery/namespace.yaml b/apps/base/node-feature-discovery/namespace.yaml new file mode 100644 index 0000000..c1c9c63 --- /dev/null +++ b/apps/base/node-feature-discovery/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: node-feature-discovery diff --git a/apps/overlays/au-syd1/inteldeviceplugins-system/kustomization.yaml b/apps/overlays/au-syd1/inteldeviceplugins-system/kustomization.yaml new file mode 100644 index 0000000..1495e94 --- /dev/null +++ b/apps/overlays/au-syd1/inteldeviceplugins-system/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../../base/inteldeviceplugins-system diff --git a/apps/overlays/au-syd1/node-feature-discovery/kustomization.yaml b/apps/overlays/au-syd1/node-feature-discovery/kustomization.yaml new file mode 100644 index 0000000..e9c6063 --- /dev/null +++ b/apps/overlays/au-syd1/node-feature-discovery/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../../base/node-feature-discovery diff --git a/argocd/applicationsets/platform.yaml b/argocd/applicationsets/platform.yaml index 122bad6..a77be79 100644 --- a/argocd/applicationsets/platform.yaml +++ b/argocd/applicationsets/platform.yaml @@ -16,6 +16,8 @@ spec: - path: apps/overlays/*/cert-manager - path: apps/overlays/*/cnpg-system - path: apps/overlays/*/externaldns + - path: apps/overlays/*/inteldeviceplugins-system + - path: apps/overlays/*/node-feature-discovery - path: apps/overlays/*/reflector-system - path: apps/overlays/*/reloader-system - path: apps/overlays/*/jfrog diff --git a/argocd/projects/platform.yaml b/argocd/projects/platform.yaml index b103a23..b8d9a93 100644 --- a/argocd/projects/platform.yaml +++ b/argocd/projects/platform.yaml @@ -14,6 +14,8 @@ spec: - https://charts.jetstack.io - https://kubernetes-sigs.github.io/external-dns/ - https://cloudnative-pg.github.io/charts + - oci://gcr.io/k8s-staging-nfd/charts + - https://intel.github.io/helm-charts/ destinations: - namespace: '*-system' server: https://kubernetes.default.svc @@ -27,6 +29,8 @@ spec: server: https://kubernetes.default.svc - namespace: 'jfrog' server: https://kubernetes.default.svc + - namespace: 'node-feature-discovery' + server: https://kubernetes.default.svc - namespace: 'puppet' server: https://kubernetes.default.svc - namespace: 'woodpecker' diff --git a/ci/validate-apps.sh b/ci/validate-apps.sh index bfdcbf1..9772aae 100755 --- a/ci/validate-apps.sh +++ b/ci/validate-apps.sh @@ -18,6 +18,6 @@ while IFS= read -r -d "" k; do -summary \ -output pretty \ -verbose \ - -skip CustomResourceDefinition \ + -skip CustomResourceDefinition,GpuDevicePlugin \ "${schema_args[@]}" done < <(find apps/overlays -name kustomization.yaml -print0)