--- /dev/null
+# Integrated Cloud Native
+
+Work in progress
+
+For more information refer - https://wiki.akraino.org/pages/viewpage.action?pageId=11995140
--- /dev/null
+1. Installed Ubuntu 16.04, Kubeadm, Kubelet, and Kubectl on baremetal
+2. Cloned repo "https://github.com/kubernetes-sigs/node-feature-discovery.git"- git clone https://github.com/kubernetes-sigs/node-feature-discovery.git
+3. Create nfd ns - kubectl create namespace node-feature-discovery
+4. Use nfd ns - kubectl config set-context --current --namespace=node-feature-discovery
+5. Apply nfd for single baremetal server - kubectl apply -f nfd-daemonset-combined.yaml.template
--- /dev/null
+# This template contains an example of running nfd-master and nfd-worker in the
+# same pod.
+#
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: nfd-master
+ namespace: node-feature-discovery
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: nfd-master
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - patch
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: nfd-master
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: nfd-master
+subjects:
+- kind: ServiceAccount
+ name: nfd-master
+ namespace: node-feature-discovery
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ app: nfd
+ name: nfd
+ namespace: node-feature-discovery
+spec:
+ selector:
+ matchLabels:
+ app: nfd
+ template:
+ metadata:
+ labels:
+ app: nfd
+ spec:
+ serviceAccount: nfd-master
+ hostNetwork: true
+ containers:
+ - env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ image: quay.io/kubernetes_incubator/node-feature-discovery:v0.4.0
+ name: nfd-master
+ command:
+ - "nfd-master"
+ - env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ image: quay.io/kubernetes_incubator/node-feature-discovery:v0.4.0
+ name: nfd-worker
+ command:
+ - "nfd-worker"
+ args:
+ - "--sleep-interval=60s"
+ volumeMounts:
+ - name: host-boot
+ mountPath: "/host-boot"
+ readOnly: true
+ - name: host-os-release
+ mountPath: "/host-etc/os-release"
+ readOnly: true
+ - name: host-sys
+ mountPath: "/host-sys"
+ - name: source-d
+ mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
+ - name: features-d
+ mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
+ volumes:
+ - name: host-boot
+ hostPath:
+ path: "/boot"
+ - name: host-os-release
+ hostPath:
+ path: "/etc/os-release"
+ - name: host-sys
+ hostPath:
+ path: "/sys"
+ - name: source-d
+ hostPath:
+ path: "/etc/kubernetes/node-feature-discovery/source.d/"
+ - name: features-d
+ hostPath:
+ path: "/etc/kubernetes/node-feature-discovery/features.d/"
--- /dev/null
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: node-feature-discovery # NFD namespace
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: nfd-master
+ namespace: node-feature-discovery
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: nfd-master
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - patch
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: nfd-master
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: nfd-master
+subjects:
+- kind: ServiceAccount
+ name: nfd-master
+ namespace: node-feature-discovery
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ app: nfd-master
+ name: nfd-master
+ namespace: node-feature-discovery
+spec:
+ selector:
+ matchLabels:
+ app: nfd-master
+ template:
+ metadata:
+ labels:
+ app: nfd-master
+ spec:
+ serviceAccount: nfd-master
+ nodeSelector:
+ node-role.kubernetes.io/master: ""
+ tolerations:
+ - key: "node-role.kubernetes.io/master"
+ operator: "Equal"
+ value: ""
+ effect: "NoSchedule"
+ containers:
+ - env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ image: quay.io/kubernetes_incubator/node-feature-discovery:v0.4.0
+ name: nfd-master
+ command:
+ - "nfd-master"
+## Enable TLS authentication
+## The example below assumes having the root certificate named ca.crt stored in
+## a ConfigMap named nfd-ca-cert, and, the TLS authentication credentials stored
+## in a TLS Secret named nfd-master-cert.
+## Additional hardening can be enabled by specifying --verify-node-name in
+## args, in which case every nfd-worker requires a individual node-specific
+## TLS certificate.
+# args:
+# - "--ca-file=/etc/kubernetes/node-feature-discovery/trust/ca.crt"
+# - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
+# - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
+# volumeMounts:
+# - name: nfd-ca-cert
+# mountPath: "/etc/kubernetes/node-feature-discovery/trust"
+# readOnly: true
+# - name: nfd-master-cert
+# mountPath: "/etc/kubernetes/node-feature-discovery/certs"
+# readOnly: true
+# volumes:
+# - name: nfd-ca-cert
+# configMap:
+# name: nfd-ca-cert
+# - name: nfd-master-cert
+# secret:
+# secretName: nfd-master-cert
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: nfd-master
+ namespace: node-feature-discovery
+spec:
+ selector:
+ app: nfd-master
+ ports:
+ - protocol: TCP
+ port: 8080
+ type: ClusterIP
--- /dev/null
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ app: nfd-worker
+ name: nfd-worker
+ namespace: node-feature-discovery
+spec:
+ selector:
+ matchLabels:
+ app: nfd-worker
+ template:
+ metadata:
+ labels:
+ app: nfd-worker
+ spec:
+ hostNetwork: true
+ dnsPolicy: ClusterFirstWithHostNet
+ containers:
+ - env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ image: quay.io/kubernetes_incubator/node-feature-discovery:v0.4.0
+ name: nfd-worker
+ command:
+ - "nfd-worker"
+ args:
+ - "--sleep-interval=60s"
+ - "--server=nfd-master:8080"
+## Enable TLS authentication (1/3)
+## The example below assumes having the root certificate named ca.crt stored in
+## a ConfigMap named nfd-ca-cert, and, the TLS authentication credentials stored
+## in a TLS Secret named nfd-worker-cert
+# - "--ca-file=/etc/kubernetes/node-feature-discovery/trust/ca.crt"
+# - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
+# - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
+ volumeMounts:
+ - name: host-boot
+ mountPath: "/host-boot"
+ readOnly: true
+ - name: host-os-release
+ mountPath: "/host-etc/os-release"
+ readOnly: true
+ - name: host-sys
+ mountPath: "/host-sys"
+ - name: source-d
+ mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
+ - name: features-d
+ mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
+## Enable TLS authentication (2/3)
+# - name: nfd-ca-cert
+# mountPath: "/etc/kubernetes/node-feature-discovery/trust"
+# readOnly: true
+# - name: nfd-worker-cert
+# mountPath: "/etc/kubernetes/node-feature-discovery/certs"
+# readOnly: true
+ volumes:
+ - name: host-boot
+ hostPath:
+ path: "/boot"
+ - name: host-os-release
+ hostPath:
+ path: "/etc/os-release"
+ - name: host-sys
+ hostPath:
+ path: "/sys"
+ - name: source-d
+ hostPath:
+ path: "/etc/kubernetes/node-feature-discovery/source.d/"
+ - name: features-d
+ hostPath:
+ path: "/etc/kubernetes/node-feature-discovery/features.d/"
+## Enable TLS authentication (3/3)
+# - name: nfd-ca-cert
+# configMap:
+# name: nfd-ca-cert
+# - name: nfd-worker-cert
+# secret:
+# secretName: nfd-worker-cert
--- /dev/null
+#!/usr/bin/env bash
+set -ex
+
+
--- /dev/null
+#!/usr/bin/env bash
+set -xe
--- /dev/null
+#!/bin/bash
+set -xe