A new feature has been introduced that labels worker nodes
where the application is set to run as a daemonset.
Additionally, the role and role binding have been updated to
clusterrole and clusterrolebinding, respectively. This enables
the daemonset to access pods clusterwide for collecting pod
info and vf metrics data.
This commit includes labeling on both the sysinv side and the
Kubernetes side. On an AIO machine, the given nodes have been
labeled. In a Multinode setup, all nodes with worker
subfunctions have been labeled. In all configurations,
daemonset running pods have clusterwide access to read pod
info.
Test Plan:
- PASSED: The build process completed with the creation of a
Debian package.
- PASSED: The content of the Debian package was extracted and
the presence of the Helm chart tar file was confirmed.
- PASSED: AIO-SX lab app was successfully uploaded, applied,
removed, and deleted using the 'system application' commands.
- PASSED: AIO-DX lab app was successfully uploaded, applied,
removed, and deleted using the 'system application' commands.
- PASSED: STANDARD lab app was successfully uploaded, applied,
removed, and deleted using the 'system application' commands.
- PASSED: It was verified that pods are running on the worker
node only with labels.
- PASSED: After deletion, all the Helm charts and all K8s
resources have been removed.
- PASSED: On AIO simplex, the nodes have been labeled. On
multinode setup, nodes with personality worker have been
labeled.
- PASSED: On AIO-SX and STANDARD lab, service accounts have
access to read pod info. Verified with 'kubectl auth can-i get
pods --as="system:serviceaccount:node-interface-metrics-exporter:node-interface-metrics-exporter-sa"'.
Story: 2010918
Task: 49479
Change-Id: I45312823651ab8e092440d4c006d105cc305b02e
Signed-off-by: AbhishekJ <abhishek.jaiswal@windriver.com>