feat(helm): update chart node-feature-discovery ( 0.16.6 → 0.17.0 )

[ishioni-bot]

This PR contains the following updates:

Package	Update	Change
node-feature-discovery	minor	0.16.6 -> 0.17.0

---

Release Notes

kubernetes-sigs/node-feature-discovery (node-feature-discovery)

v0.17.0

Compare Source

Changelog

Configurable restrictions (EXPERIMENTAL)

The nfd-master now has configuration options to restrict its capabilities, that is what modifications on node objects are allowed. See the nfd-master configuration file reference for documentation.

Image compatibity (EXPERIMENTAL)

There is an initiative to utilize NFD to implement system compatibility requirements for container images. As part of this work NFD v0.17 includes nfd command line client for validating systems against image compatibility manifests. See the documentation for more details, including examples how to create container images with compatibility manifests and validating nodes.

See the enhancement proposal for background information and design details.

Miscellaneous

Scalability

This release contains numerous fixes to fix issues and improve the scalability of NFD in larger clusters.

DMI features

Discovery of system.dmiid.product_name was added.

CPUID features

Support for new CPUID flags were added, including AMX-FP8 and AVX-VNNI-INT16.

Helm chart

Numerous small improvements in the NFD Helm chart, mainly new configuration values (see chart parameters for documentation).

Deprecations

gRPC API

The NodeFeature API is now GA and the legacy gRPC API has been completely removed.

Hooks

Support for hooks (deprecated in v0.12 has been removed. See the customization guide for replacements.

ResourceLabels config option

The resourceLabels configuration file option (and the corresponding -resource-labels flag), deprecated in v0.13 were removed. Use NodeFeatureRule object's extendedResources field instead.

Dynamic configuration

Dynamic runt-time reconfiguration was removed. This improves robustness and consistency as some of the configuration options did not support dynamic configuration.

Upcoming changes

The separate metric and health ports will be united behind a single port and the corresponding Helm chart values will be removed in NFD v0.18. This should be invisible to most users.

List of PRs

• Update readme to v0.16.0 release (#​1722)
• topology-updater: properly handle IPv6 from NODE_ADDRESS (#​1729)
• helm: remove defaults CPU limits (#​1728)
• build(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#​1738)
• Fix the problem with starting the master with empty cache (#​1739)
• build(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 (#​1742)
• ensure post-delete-job's service account matches ref in job spec (#​1746)
• Dockerfile: fix FromAs Casing (#​1753)
• build(deps): bump github.com/klauspost/cpuid/v2 from 2.2.7 to 2.2.8 (#​1744)
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#​1745)
• build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#​1743)
• Update README to v0.16.1 (#​1756)
• Document AVXVNNIINT16 cpuid feature (#​1749)
• scripts: refresh e2e-presubmit test script (#​1758)
• build(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 (#​1760)
• docs: describe Kubernetes version compatibility in versions page (#​1764)
• scripts/test-infra: drop the unused build-image script (#​1762)
• scripts/test-infra: run postsubmit e2e test in kind (#​1763)
• nfd-master: fix typos (#​1765)
• Simplify code (#​1766)
• scripts/test-infra: setup kind in e2e-test (#​1767)
• README: update module name in go report card badge (#​1768)
• deployment/helm: enable specifying additional cmdline args (#​1726)
• cloudbuild: increase the image build timeout (#​1770)
• Use worker DS OwnerReference for NF's (#​1755)
• README: update to v0.16.2 (#​1783)
• Drop the -enable-nodefeature-api flag (#​1780)
• fix: take into consideration possibility of having empty line in swap file (#​1781)
• nfd-worker: change TestRun to use NodeFeature API (#​1788)
• go.mod: update kubernetes to v1.30.2 and klog to v2.130.1 (#​1786)
• Helm: Add revision history limit for master replica (#​1782)
• test/e2e: set topology-updater sleep-interval in podfingerprint test (#​1792)
• helm: drop trailing whitespace from values.yaml (#​1790)
• docs: reformat tables of helm parameters (#​1791)
• test/e2e: specify -sleep-interval in topology-updater exclude-memory test (#​1793)
• README: update to v0.16.3 (#​1794)
• feature-gates: mark NodeFeatureAPI as GA (#​1778)
• scripts/test-infra: bump golangci-lint to v1.59.1 (#​1795)
• scripts/test-infra: bump helm to v3.15.3 (#​1796)
• Helm: Add revision history limit for worker daemonset (#​1797)
• Dockerfile: cache go modules on build (#​1798)
• build(deps): bump k8s.io/kubernetes from 1.30.2 to 1.30.3 in the k8sio group (#​1804)
• helm: add configurable liveness&readiness probes for master topology-updater and worker (#​1801)
• nfd-master: check nfd api informer cache sync result (#​1809)
• nfd-gc: check that node informer cache sync succeeded (#​1812)
• build(deps): bump github.com/onsi/gomega from 1.33.1 to 1.34.0 (#​1819)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.19.0 to 2.19.1 (#​1818)
• Docs: Fixed feature-gates reference (#​1822)
• nfd-master: tweak list options for NodeFeature informer (#​1811)
• Docs: Fix the link to feature gates documentation (#​1821)
• nfd-gc: only fetch object metadata (#​1813)
• nfd-gc: use paging when listing CRs (#​1815)
• build(deps): bump github.com/onsi/gomega from 1.34.0 to 1.34.1 (#​1824)
• Add helm migration guide (#​1807)
• docs: use jekyll-rtd-theme from a ruby gem (#​1829)
• tilt: sync up builder go version with project go.mod (#​1827)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.0 (#​1831)
• build(deps): bump golang.org/x/time from 0.5.0 to 0.6.0 (#​1832)
• README: update to v0.16.4 (#​1834)
• test/e2e: simplify TestMain (#​1835)
• nfd-master: explicit state variable for the node updater pool (#​1844)
• nfd-master: use only unbuffered chans in the nfd api-controller (#​1843)
• nfd-master: proper shutdown of nfd api informers (#​1848)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.0 to 2.20.1 (#​1853)
• test/e2e: drop the pod security admission hack (#​1854)
• scripts/test-infra: bump golangci-lint to v1.60.3 (#​1859)
• Drop dynamic run-time reconfiguration (#​1847)
• build(deps): bump github.com/onsi/gomega from 1.34.1 to 1.34.2 (#​1862)
• build(deps): bump github.com/opencontainers/runc from 1.1.13 to 1.1.14 (#​1864)
• Bump Go to v1.23 (#​1858)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2 (#​1870)
• build(deps): bump golang.org/x/net from 0.28.0 to 0.29.0 (#​1867)
• source/system: Add reading product name information (#​1871)
• nfd-master: cleanup updater-pool method args (#​1876)
• helm: rename args chart value to extraArgs (#​1880)
• helm: rename args to extraArgs in values.yaml (#​1881)
• source/network: Ignore bonding_masters interface during scanning (#​1856)
• build(deps): bump github.com/jaypipes/ghw from 0.12.0 to 0.13.0 (#​1869)
• Add helm values to configure hostNetwork and additional env vars (#​1878)
• Add parameter to configure health endpoint port (#​1885)
• Add .idea/ to gitignore (#​1886)
• nfd-gc: drop one duplicate import from tests (#​1888)
• test/e2e: use ptr.To to get pointer to bool (#​1836)
• docs: quote shell snippets containing urls with query parameters (#​1895)
• build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 (#​1900)
• build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0 (#​1899)
• Template exposed health port in helm chart (#​1904)
• github: specify workflow permissions (#​1906)
• README: update to v0.16.5 (#​1909)
• build(deps): bump github.com/opencontainers/runc from 1.1.14 to 1.1.15 (#​1916)
• Move testdata to root (#​1921)
• Convert testdata to an empty go module (#​1924)
• Add separate helm values for the liveness and readiness probes (#​1913)
• feat/nfd-master: configure CR restrictions (#​1592)
• build(deps): bump github.com/opencontainers/runc from 1.1.15 to 1.2.0 (#​1923)
• Drop NFD gRPC API (#​1910)
• build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (#​1917)
• go.mod: bump kubernetes to v1.31 (#​1837)
• tests: better assertion message in nfd-gc unit tests (#​1816)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0 (#​1937)
• build(deps): bump github.com/onsi/gomega from 1.34.2 to 1.35.1 (#​1938)
• build(deps): bump github.com/opencontainers/runc from 1.2.0 to 1.2.1 (#​1940)
• nfd-master: drop stale unreachable deprecation notices (#​1942)
• Docs: remove gRPC (#​1943)
• Taints: mark stable (#​1944)
• Drop support for hooks (#​1941)
• build(deps): bump google.golang.org/grpc from 1.63.2 to 1.67.1 (#​1898)
• build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0 (#​1939)
• Doc: Fix tilt up issue in feature discovering in developer guide (#​1889)
• Deprecate separate metrics and health port args (#​1948)
• Release template: Document tagging for API submodule (#​1945)
• go.mod: bump cpuid to v2.2.9 (#​1949)
• nfd-master: drop resourceLabels (#​1950)
• docs: minor update in the feature gates table (#​1951)
• build(deps): bump golang.org/x/net from 0.30.0 to 0.31.0 (#​1952)
• build(deps): bump golang.org/x/time from 0.7.0 to 0.8.0 (#​1953)
• build(deps): bump google.golang.org/grpc from 1.67.1 to 1.68.0 (#​1954)
• build(deps): bump github.com/opencontainers/runc from 1.2.1 to 1.2.2 (#​1957)
• build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#​1960)
• Document AMXFP8 cpuid feature (#​1935)
• go.mod: bump kubernetes patch version (#​1962)
• pkg/utils: drop fswatcher (#​1961)
• chore: add metrics system prefix (#​1956)
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 (#​1959)
• build(deps): bump github.com/onsi/gomega from 1.35.1 to 1.36.0 (#​1966)
• build(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1 (#​1969)
• build(deps): bump golang.org/x/net from 0.31.0 to 0.32.0 (#​1968)
• NFD image compatibility proposal (#​1845)
• deployment: add startupProbe for nfd-master (#​1810)
• scripts/update-gh-pages: fix release version parsing (#​1974)
• nfd-master: check that namespace informer cache sync succeeded (#​1965)
• Fix version parsing (#​1977)
• Makefile: fix version parsing (#​1981)
• nfd-worker: Add an option to disable setting the owner references (#​1860)
• Cleanup for NodeFeature API being GA (#​1976)
• build(deps): bump google.golang.org/grpc from 1.68.1 to 1.69.0 (#​1983)
• build(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#​1986)
• build(deps): bump github.com/onsi/gomega from 1.36.0 to 1.36.1 (#​1984)
• build(deps): bump github.com/opencontainers/runc from 1.2.2 to 1.2.3 (#​1985)
• go.mod: bump kubernetes to v1.32 (#​1987)
• Drop protobuf definitions and protobuf code generation (#​1989)
• Introduce nfd client for image compatibilty (#​1932)
• Remove errors for nodes without NodeFeatures (#​1988)
• go.mod: bump golang.org/x/net to v0.33.0 (#​1991)

(Full Changelog: kubernetes-sigs/node-feature-discovery@v0.17.0-devel...v0.17.0)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[ishioni-bot]

--- kubernetes/talos/apps/kube-system/node-feature-discovery/app Kustomization: flux-system/kube-system-node-feature-discovery HelmRelease: kube-system/node-feature-discovery

+++ kubernetes/talos/apps/kube-system/node-feature-discovery/app Kustomization: flux-system/kube-system-node-feature-discovery HelmRelease: kube-system/node-feature-discovery

@@ -13,13 +13,13 @@

     spec:
       chart: node-feature-discovery
       sourceRef:
         kind: HelmRepository
         name: node-feature-discovery
         namespace: flux-system
-      version: 0.16.6
+      version: 0.17.0
   install:
     crds: CreateReplace
   interval: 30m
   upgrade:
     crds: CreateReplace
   values:

[ishioni-bot]

--- HelmRelease: kube-system/node-feature-discovery ClusterRole: kube-system/node-feature-discovery

+++ HelmRelease: kube-system/node-feature-discovery ClusterRole: kube-system/node-feature-discovery

@@ -5,12 +5,19 @@

   name: node-feature-discovery
   labels:
     app.kubernetes.io/name: node-feature-discovery
     app.kubernetes.io/instance: node-feature-discovery
     app.kubernetes.io/managed-by: Helm
 rules:
+- apiGroups:
+  - ''
+  resources:
+  - namespaces
+  verbs:
+  - watch
+  - list
 - apiGroups:
   - ''
   resources:
   - nodes
   - nodes/status
   verbs:
--- HelmRelease: kube-system/node-feature-discovery DaemonSet: kube-system/node-feature-discovery-worker

+++ HelmRelease: kube-system/node-feature-discovery DaemonSet: kube-system/node-feature-discovery-worker

@@ -33,23 +33,23 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         livenessProbe:
           grpc:
             port: 8082
           initialDelaySeconds: 10
         readinessProbe:
-          failureThreshold: 10
           grpc:
             port: 8082
           initialDelaySeconds: 5
+          failureThreshold: 10
         env:
         - name: NODE_NAME
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
         - name: POD_NAME
@@ -66,13 +66,12 @@

           requests:
             cpu: 5m
             memory: 50Mi
         command:
         - nfd-worker
         args:
-        - -feature-gates=NodeFeatureAPI=true
         - -feature-gates=NodeFeatureGroupAPI=false
         - -metrics=8081
         - -grpc-health=8082
         ports:
         - containerPort: 8081
           name: metrics
@@ -94,15 +93,12 @@

         - name: host-lib
           mountPath: /host-lib
           readOnly: true
         - name: host-proc-swaps
           mountPath: /host-proc/swaps
           readOnly: true
-        - name: source-d
-          mountPath: /etc/kubernetes/node-feature-discovery/source.d/
-          readOnly: true
         - name: features-d
           mountPath: /etc/kubernetes/node-feature-discovery/features.d/
           readOnly: true
         - name: nfd-worker-conf
           mountPath: /etc/kubernetes/node-feature-discovery
           readOnly: true
@@ -122,15 +118,12 @@

       - name: host-lib
         hostPath:
           path: /lib
       - name: host-proc-swaps
         hostPath:
           path: /proc/swaps
-      - name: source-d
-        hostPath:
-          path: /etc/kubernetes/node-feature-discovery/source.d/
       - name: features-d
         hostPath:
           path: /etc/kubernetes/node-feature-discovery/features.d/
       - name: nfd-worker-conf
         configMap:
           name: node-feature-discovery-worker-conf
--- HelmRelease: kube-system/node-feature-discovery Deployment: kube-system/node-feature-discovery-master

+++ HelmRelease: kube-system/node-feature-discovery Deployment: kube-system/node-feature-discovery-master

@@ -34,26 +34,26 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
+        startupProbe:
+          grpc:
+            port: 8082
+          failureThreshold: 30
         livenessProbe:
           grpc:
             port: 8082
-          initialDelaySeconds: 10
         readinessProbe:
-          failureThreshold: 10
           grpc:
             port: 8082
-          initialDelaySeconds: 5
+          failureThreshold: 10
         ports:
-        - containerPort: 8080
-          name: grpc
         - containerPort: 8081
           name: metrics
         - containerPort: 8082
           name: health
         env:
         - name: NODE_NAME
@@ -66,14 +66,13 @@

           limits:
             memory: 100Mi
           requests:
             cpu: 20m
             memory: 50Mi
         args:
-        - -crd-controller=true
-        - -feature-gates=NodeFeatureAPI=true
+        - -enable-leader-election
         - -feature-gates=NodeFeatureGroupAPI=false
         - -metrics=8081
         - -grpc-health=8082
         volumeMounts:
         - name: nfd-master-conf
           mountPath: /etc/kubernetes/node-feature-discovery
--- HelmRelease: kube-system/node-feature-discovery Deployment: kube-system/node-feature-discovery-gc

+++ HelmRelease: kube-system/node-feature-discovery Deployment: kube-system/node-feature-discovery-gc

@@ -27,13 +27,13 @@

       serviceAccountName: node-feature-discovery-gc
       dnsPolicy: ClusterFirstWithHostNet
       securityContext: {}
       hostNetwork: false
       containers:
       - name: gc
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         env:
         - name: NODE_NAME
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
--- HelmRelease: kube-system/node-feature-discovery Job: kube-system/node-feature-discovery-prune

+++ HelmRelease: kube-system/node-feature-discovery Job: kube-system/node-feature-discovery-prune

@@ -27,13 +27,13 @@

           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
-        image: registry.k8s.io/nfd/node-feature-discovery:v0.16.6
+        image: registry.k8s.io/nfd/node-feature-discovery:v0.17.0
         imagePullPolicy: IfNotPresent
         command:
         - nfd-master
         args:
         - -prune
       restartPolicy: Never

[ishioni-bot]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ COPYPASTE	jscpd	yes		no	1.02s
✅ REPOSITORY	git_diff	yes		no	0.03s
✅ REPOSITORY	secretlint	yes		no	2.36s
✅ YAML	prettier	1		0	0.36s
✅ YAML	yamllint	1		0	0.35s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by