image: repository: k8s.gcr.io/nfd/node-feature-discovery # This should be set to 'IfNotPresent' for released version pullPolicy: IfNotPresent # tag, if defined will use the given image tag, else Chart.AppVersion will be used # tag imagePullSecrets: [] serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: nameOverride: "" fullnameOverride: "" master: instance: replicaCount: 1 podSecurityContext: {} # fsGroup: 2000 securityContext: allowPrivilegeEscalation: false capabilities: drop: [ "ALL" ] readOnlyRootFilesystem: true runAsNonRoot: true # runAsUser: 1000 service: type: ClusterIP port: 8080 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: - key: "node-role.kubernetes.io/master" operator: "Equal" value: "" effect: "NoSchedule" annotations: {} affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: - key: "node-role.kubernetes.io/master" operator: In values: [""] worker: configmapName: nfd-worker-conf config: | sources: custom: - name: "iavf" matchOn: - pciId: class: ["0200"] vendor: ["8086"] device: ["1574", "1580", "1583", "1584", "1587", "1588", "37ce", "37cf", "37d0", "37d1", "37d2", "37d3"] - name: "qat" matchOn: - pciId: class: ["0b40"] vendor: ["8086"] device: ["0435", "37c8", "6f54", "19e2"] pci: deviceClassWhitelist: - "03" - "12" - "0200" - "0b40" deviceLabelFields: - "class" - "vendor" - "device" #sources: # cpu: # cpuid: ## NOTE: whitelist has priority over blacklist # attributeBlacklist: # - "BMI1" # - "BMI2" # - "CLMUL" # - "CMOV" # - "CX16" # - "ERMS" # - "F16C" # - "HTT" # - "LZCNT" # - "MMX" # - "MMXEXT" # - "NX" # - "POPCNT" # - "RDRAND" # - "RDSEED" # - "RDTSCP" # - "SGX" # - "SSE" # - "SSE2" # - "SSE3" # - "SSE4.1" # - "SSE4.2" # - "SSSE3" # attributeWhitelist: # kernel: # kconfigFile: "/path/to/kconfig" # configOpts: # - "NO_HZ" # - "X86" # - "DMI" # pci: # deviceClassWhitelist: # - "0200" # - "03" # - "12" # deviceLabelFields: # - "class" # - "vendor" # - "device" # - "subsystem_vendor" # - "subsystem_device" # usb: # deviceClassWhitelist: # - "0e" # - "ef" # - "fe" # - "ff" # deviceLabelFields: # - "class" # - "vendor" # - "device" # custom: # - name: "my.kernel.feature" # matchOn: # - loadedKMod: ["example_kmod1", "example_kmod2"] # - name: "my.pci.feature" # matchOn: # - pciId: # class: ["0200"] # vendor: ["15b3"] # device: ["1014", "1017"] # - pciId : # vendor: ["8086"] # device: ["1000", "1100"] # - name: "my.usb.feature" # matchOn: # - usbId: # class: ["ff"] # vendor: ["03e7"] # device: ["2485"] # - usbId: # class: ["fe"] # vendor: ["1a6e"] # device: ["089a"] # - name: "my.combined.feature" # matchOn: # - pciId: # vendor: ["15b3"] # device: ["1014", "1017"] # loadedKMod : ["vendor_kmod1", "vendor_kmod2"] podSecurityContext: {} # fsGroup: 2000 securityContext: allowPrivilegeEscalation: false capabilities: drop: [ "ALL" ] readOnlyRootFilesystem: true runAsNonRoot: true # runAsUser: 1000 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: {} annotations: {} # sleepTime is the sleep interval in seconds between consecutive worker runs sleepTime: 60 ## RBAC parameteres ## https://kubernetes.io/docs/reference/access-authn-authz/rbac/ ## rbac: create: true serviceAccountName: ## Annotations for the Service Account ## serviceAccountAnnotations: {}