to address:
"Incorrect conversion of an unsigned 32-bit integer from to a lower bit
size type int without an upper bound check."
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
klog has added ktesting/textlogger and is going to deprecate
klogr. The deprecation is going to trigger golangci-lint (staticcheck)
errors so rework the logging and move to ktesting/textlogger.
The commit also fixes the loglevel setting with operator.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Additional objects are shared between device plugin CRs. Once the last
CR is removed, the additional objects are also removed.
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
Differentiate objects by adding cr names as suffixes
Drop kind book keeping and related functions from controllers
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
NFD v0.14+ doesn't support binary NFD hooks by default, so there is
a need to move the label creation away from the GPU nfdhook.
Move extended resource label creation to plugin, and drop labels that were
already marked deprecated (platform_gen, media_version etc.).
Drop init-container from deployment files and operator. It is still possible
to use an initcontainer, but the default deployments do not support it.
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
FPGA and SGX webhooks mutate container resources which
are immutable. Therefore, stop processing pod updates
and act on creation only.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Proper SELinux labels are required for the plugins to run in SELinux
enabled clusters like openshift. These labels are custom made for
plugins and are part of container-selinux package.
Signed-off-by: Manish Regmi <manish.regmi@intel.com>
golangci-lint version < v1.53.0 used nakedret linter that did not check
return values in conditionals. That got changed in v1.53.0 and some
of our code starts failing because of naked returns from conditionals.
Update the code to get nakedret linter passing.
Signed-off-by: Hyeongju Johannes Lee <hyeongju.lee@intel.com>
setInitContainer() adds "init-sriov-numvfs" to initContainers
but uses initcontainerName constant to search where to add
the QAT configMap volumeMount. Fix by moving all code to use
the const.
It was also noticed in the controller logs that setting Pod
Volumes is not idempotent but broken DaemonSet gets created:
""intel-device-plugins-manager: Reconciler error "err="DaemonSet.apps
\"intel-qat-plugin\" is invalid: spec.template.spec.volumes[6].name:
Duplicate value: \"qat-config\"" controller="qatdeviceplugin"
controllerGroup="deviceplugin.intel.com"
Finally, change 'qat-config' to 'intel-qat-config-volume' to
better describe that it's a volume.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
k8s 1.27.x triggers build errors on controller-runtime 0.14.x
so we will need to update to 0.15.x at the same time.
Changes include:
* k8s e2e framework moved to use Ginkgo context so we add
test context to all our test nodes.
* adapt Ginkgo parameter modifications.
* adapt SGX admissionwebhook to InjectDecoder removal.
* adapt deviceplugins and FPGA CRDs to controller-runtime
API changes.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
In large clusters and with resource management, the load
from gpu-plugins can become heavy for the api-server.
This change will start fetching pod listings from kubelet
and use api-server as a backup. Any other error than timeout
will also move the logic back to using api-server.
Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
When more than one device ID is Allocate()'d to a container,
Envs/Annotations for all but the last device ID get lost because
their cresp.* maps are (re-)instantiated on each loop.
Fix it by doing that only once.
Fixes: 55f3e17
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
NFD hooks are deprecated and going away:
https://github.com/kubernetes-sigs/node-feature-discovery/issues/856
This makes the mount names more future-proof, and shows where later
changes need to be done (to change operator mount directory, and
switch hook-using deployments e.g. to feature files).
Signed-off-by: Eero Tamminen <eero.t.tamminen@intel.com>
