Add per-component hostNetwork support for all DaemonSet operands

[calmkart]

Summary

• Add per-component hostNetwork support for all DaemonSet operands in ClusterPolicy CRD
• Previously only DCGMExporter supported this; now all 16 DaemonSet components support it
• Each component gets an optional hostNetwork boolean field, following the existing DCGMExporter pattern

Test plan

• Unit tests added for applyHostNetworkConfig helper (nil/true/false cases)
• All existing controller tests pass
• make generate and make manifests run successfully
• Build passes cleanly

Description

Previously, only DCGMExporter supported configuring hostNetwork through the ClusterPolicy CRD. This commit extends hostNetwork support to all remaining DaemonSet components: Driver, VGPUManager, Toolkit, DevicePlugin, SandboxDevicePlugin, KataDevicePlugin, DCGM, NodeStatusExporter, GPUFeatureDiscovery, MIGManager, KataManager, VFIOManager, CCManager, VGPUDeviceManager, and Validator.

Each component's Spec type now includes an optional HostNetwork *bool field following the same pattern as DCGMExporterSpec. When enabled, the controller sets hostNetwork: true and DNSPolicy: ClusterFirstWithHostNet on the corresponding DaemonSet pod spec.

Changes:

• Add HostNetwork field to 15 component Spec types in ClusterPolicy CRD
• Add applyHostNetworkConfig helper and call it in 17 Transform functions
• Add hostNetwork values and Helm template rendering for all components
• Regenerate deepcopy functions and CRD manifests
• Add unit tests for applyHostNetworkConfig

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[calmkart]

@cdesiniotis @karthikvetrivel @tariq1890 PTAL, Thanks!

[tariq1890]

/ok to test f847562

[rahulait]

Thanks @calmkart. Given that driver daemonset can be run in host network namespace when provisioned using clusterpolicy, I would like to have the same change done for driver daemonset when its provisioned via nvidiadriver CR. So basically adding the changes here:

gpu-operator/api/nvidia/v1alpha1/nvidiadriver_types.go

Lines 40 to 206 in b0d0c16

	type NVIDIADriverSpec struct {
	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
	// Important: Run "make" to regenerate code after modifying this file
	// +kubebuilder:validation:Enum=gpu;vgpu;vgpu-host-manager
	// +kubebuilder:default=gpu
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="driverType is an immutable field. Please create a new NvidiaDriver resource instead when you want to change this setting."
	DriverType DriverType `json:"driverType"`
	// UsePrecompiled indicates if deployment of NVIDIA Driver using pre-compiled modules is enabled
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Enable NVIDIA Driver deployment using pre-compiled modules"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch"
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="usePrecompiled is an immutable field. Please create a new NvidiaDriver resource instead when you want to change this setting."
	UsePrecompiled *bool `json:"usePrecompiled,omitempty"`
	// Deprecated: This field is no longer honored by the gpu-operator. Please use KernelModuleType instead.
	// UseOpenKernelModules indicates if the open GPU kernel modules should be used
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Enable use of open GPU kernel modules"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch,urn:alm:descriptor:com.tectonic.ui:hidden"
	UseOpenKernelModules *bool `json:"useOpenKernelModules,omitempty"`
	// KernelModuleType represents the type of driver kernel modules to be used when installing the GPU driver.
	// Accepted values are auto, proprietary and open. NOTE: If auto is chosen, it means that the recommended kernel module
	// type is chosen based on the GPU devices on the host and the driver branch used
	// +kubebuilder:validation:Enum=auto;open;proprietary
	// +kubebuilder:default=auto
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Kernel Module Type"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.description="Kernel Module Type"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:select:auto,urn:alm:descriptor:com.tectonic.ui:select:open,urn:alm:descriptor:com.tectonic.ui:select:proprietary"
	KernelModuleType string `json:"kernelModuleType,omitempty"`
	// NVIDIA Driver container startup probe settings
	StartupProbe *ContainerProbeSpec `json:"startupProbe,omitempty"`
	// NVIDIA Driver container liveness probe settings
	LivenessProbe *ContainerProbeSpec `json:"livenessProbe,omitempty"`
	// NVIDIA Driver container readiness probe settings
	ReadinessProbe *ContainerProbeSpec `json:"readinessProbe,omitempty"`
	// GPUDirectRDMA defines the spec for NVIDIA Peer Memory driver
	GPUDirectRDMA *GPUDirectRDMASpec `json:"rdma,omitempty"`
	// GPUDirectStorage defines the spec for GDS driver
	GPUDirectStorage *GPUDirectStorageSpec `json:"gds,omitempty"`
	// GDRCopy defines the spec for GDRCopy driver
	GDRCopy *GDRCopySpec `json:"gdrcopy,omitempty"`
	// NVIDIA Driver repository
	// +kubebuilder:validation:Optional
	Repository string `json:"repository,omitempty"`
	// NVIDIA Driver container image name
	// +kubebuilder:default=nvcr.io/nvidia/driver
	Image string `json:"image"`
	// NVIDIA Driver version (or just branch for precompiled drivers)
	// +kubebuilder:validation:Optional
	Version string `json:"version,omitempty"`
	// Image pull policy
	// +kubebuilder:validation:Optional
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Image Pull Policy"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:imagePullPolicy"
	ImagePullPolicy string `json:"imagePullPolicy,omitempty"`
	// Image pull secrets
	// +kubebuilder:validation:Optional
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Image pull secrets"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:io.kubernetes:Secret"
	ImagePullSecrets []string `json:"imagePullSecrets,omitempty"`
	// Manager represents configuration for NVIDIA Driver Manager initContainer
	Manager DriverManagerSpec `json:"manager,omitempty"`
	// Optional: Define resources requests and limits for each pod
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Resource Requirements"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:resourceRequirements"
	Resources *ResourceRequirements `json:"resources,omitempty"`
	// Optional: List of arguments
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Arguments"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:text"
	Args []string `json:"args,omitempty"`
	// Optional: List of environment variables
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Environment Variables"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:text"
	Env []EnvVar `json:"env,omitempty"`
	// Optional: Custom repo configuration for NVIDIA Driver container
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Repo Configuration For NVIDIA Driver Container"
	RepoConfig *DriverRepoConfigSpec `json:"repoConfig,omitempty"`
	// Optional: Custom certificates configuration for NVIDIA Driver container
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Certificates Configuration For NVIDIA Driver Container"
	CertConfig *DriverCertConfigSpec `json:"certConfig,omitempty"`
	// Optional: Licensing configuration for NVIDIA vGPU licensing
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Licensing Configuration For NVIDIA vGPU Driver Container"
	LicensingConfig *DriverLicensingConfigSpec `json:"licensingConfig,omitempty"`
	// Optional: Virtual Topology Daemon configuration for NVIDIA vGPU drivers
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Virtual Topology Daemon Configuration For vGPU Driver Container"
	VirtualTopologyConfig *VirtualTopologyConfigSpec `json:"virtualTopologyConfig,omitempty"`
	// Optional: Kernel module configuration parameters for the NVIDIA Driver
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Kernel module configuration parameters for the NVIDIA driver"
	KernelModuleConfig *KernelModuleConfigSpec `json:"kernelModuleConfig,omitempty"`
	// Optional: SecretEnv represents the name of the Kubernetes Secret with secret environment variables for the NVIDIA Driver
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Name of the Kubernetes Secret with secret environment variables for the NVIDIA Driver"
	SecretEnv string `json:"secretEnv,omitempty"`
	// +kubebuilder:validation:Optional
	// NodeSelector specifies a selector for installation of NVIDIA driver
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// +kubebuilder:validation:Optional
	// Affinity specifies node affinity rules for driver pods
	NodeAffinity *corev1.NodeAffinity `json:"nodeAffinity,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Map of string keys and values that can be used to organize and categorize
	// (scope and select) objects. May match selectors of replication controllers
	// and services.
	Labels map[string]string `json:"labels,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Annotations is an unstructured key value map stored with a resource that may be
	// set by external tools to store and retrieve arbitrary metadata. They are not
	// queryable and should be preserved when modifying objects.
	Annotations map[string]string `json:"annotations,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set tolerations
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Tolerations"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:io.kubernetes:Tolerations"
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set priorityClassName
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="PriorityClassName"
	PriorityClassName string `json:"priorityClassName,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set pod-level security context for driver pod
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="PodSecurityContext"
	PodSecurityContext *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
	}

https://github.com/NVIDIA/gpu-operator/blob/main/manifests/state-driver/0500_daemonset.yaml

And then to nvidiadriver template: https://github.com/NVIDIA/gpu-operator/blob/main/deployments/gpu-operator/templates/nvidiadriver.yaml

Also, this PR needs to be rebased from main as some of our CI checks have changed and would require the PR to be rebased so that they can be run.

[calmkart]

Thanks @calmkart. Given that driver daemonset can be run in host network namespace when provisioned using clusterpolicy, I would like to have the same change done for driver daemonset when its provisioned via nvidiadriver CR. So basically adding the changes here:

gpu-operator/api/nvidia/v1alpha1/nvidiadriver_types.go

Lines 40 to 206 in b0d0c16

	type NVIDIADriverSpec struct {
	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
	// Important: Run "make" to regenerate code after modifying this file
	// +kubebuilder:validation:Enum=gpu;vgpu;vgpu-host-manager
	// +kubebuilder:default=gpu
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="driverType is an immutable field. Please create a new NvidiaDriver resource instead when you want to change this setting."
	DriverType DriverType `json:"driverType"`
	// UsePrecompiled indicates if deployment of NVIDIA Driver using pre-compiled modules is enabled
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Enable NVIDIA Driver deployment using pre-compiled modules"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch"
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="usePrecompiled is an immutable field. Please create a new NvidiaDriver resource instead when you want to change this setting."
	UsePrecompiled *bool `json:"usePrecompiled,omitempty"`
	// Deprecated: This field is no longer honored by the gpu-operator. Please use KernelModuleType instead.
	// UseOpenKernelModules indicates if the open GPU kernel modules should be used
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Enable use of open GPU kernel modules"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch,urn:alm:descriptor:com.tectonic.ui:hidden"
	UseOpenKernelModules *bool `json:"useOpenKernelModules,omitempty"`
	// KernelModuleType represents the type of driver kernel modules to be used when installing the GPU driver.
	// Accepted values are auto, proprietary and open. NOTE: If auto is chosen, it means that the recommended kernel module
	// type is chosen based on the GPU devices on the host and the driver branch used
	// +kubebuilder:validation:Enum=auto;open;proprietary
	// +kubebuilder:default=auto
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Kernel Module Type"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.description="Kernel Module Type"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:select:auto,urn:alm:descriptor:com.tectonic.ui:select:open,urn:alm:descriptor:com.tectonic.ui:select:proprietary"
	KernelModuleType string `json:"kernelModuleType,omitempty"`
	// NVIDIA Driver container startup probe settings
	StartupProbe *ContainerProbeSpec `json:"startupProbe,omitempty"`
	// NVIDIA Driver container liveness probe settings
	LivenessProbe *ContainerProbeSpec `json:"livenessProbe,omitempty"`
	// NVIDIA Driver container readiness probe settings
	ReadinessProbe *ContainerProbeSpec `json:"readinessProbe,omitempty"`
	// GPUDirectRDMA defines the spec for NVIDIA Peer Memory driver
	GPUDirectRDMA *GPUDirectRDMASpec `json:"rdma,omitempty"`
	// GPUDirectStorage defines the spec for GDS driver
	GPUDirectStorage *GPUDirectStorageSpec `json:"gds,omitempty"`
	// GDRCopy defines the spec for GDRCopy driver
	GDRCopy *GDRCopySpec `json:"gdrcopy,omitempty"`
	// NVIDIA Driver repository
	// +kubebuilder:validation:Optional
	Repository string `json:"repository,omitempty"`
	// NVIDIA Driver container image name
	// +kubebuilder:default=nvcr.io/nvidia/driver
	Image string `json:"image"`
	// NVIDIA Driver version (or just branch for precompiled drivers)
	// +kubebuilder:validation:Optional
	Version string `json:"version,omitempty"`
	// Image pull policy
	// +kubebuilder:validation:Optional
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Image Pull Policy"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:imagePullPolicy"
	ImagePullPolicy string `json:"imagePullPolicy,omitempty"`
	// Image pull secrets
	// +kubebuilder:validation:Optional
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Image pull secrets"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:io.kubernetes:Secret"
	ImagePullSecrets []string `json:"imagePullSecrets,omitempty"`
	// Manager represents configuration for NVIDIA Driver Manager initContainer
	Manager DriverManagerSpec `json:"manager,omitempty"`
	// Optional: Define resources requests and limits for each pod
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Resource Requirements"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:resourceRequirements"
	Resources *ResourceRequirements `json:"resources,omitempty"`
	// Optional: List of arguments
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Arguments"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:text"
	Args []string `json:"args,omitempty"`
	// Optional: List of environment variables
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Environment Variables"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:com.tectonic.ui:text"
	Env []EnvVar `json:"env,omitempty"`
	// Optional: Custom repo configuration for NVIDIA Driver container
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Repo Configuration For NVIDIA Driver Container"
	RepoConfig *DriverRepoConfigSpec `json:"repoConfig,omitempty"`
	// Optional: Custom certificates configuration for NVIDIA Driver container
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Certificates Configuration For NVIDIA Driver Container"
	CertConfig *DriverCertConfigSpec `json:"certConfig,omitempty"`
	// Optional: Licensing configuration for NVIDIA vGPU licensing
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Licensing Configuration For NVIDIA vGPU Driver Container"
	LicensingConfig *DriverLicensingConfigSpec `json:"licensingConfig,omitempty"`
	// Optional: Virtual Topology Daemon configuration for NVIDIA vGPU drivers
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Custom Virtual Topology Daemon Configuration For vGPU Driver Container"
	VirtualTopologyConfig *VirtualTopologyConfigSpec `json:"virtualTopologyConfig,omitempty"`
	// Optional: Kernel module configuration parameters for the NVIDIA Driver
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Kernel module configuration parameters for the NVIDIA driver"
	KernelModuleConfig *KernelModuleConfigSpec `json:"kernelModuleConfig,omitempty"`
	// Optional: SecretEnv represents the name of the Kubernetes Secret with secret environment variables for the NVIDIA Driver
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Name of the Kubernetes Secret with secret environment variables for the NVIDIA Driver"
	SecretEnv string `json:"secretEnv,omitempty"`
	// +kubebuilder:validation:Optional
	// NodeSelector specifies a selector for installation of NVIDIA driver
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// +kubebuilder:validation:Optional
	// Affinity specifies node affinity rules for driver pods
	NodeAffinity *corev1.NodeAffinity `json:"nodeAffinity,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Map of string keys and values that can be used to organize and categorize
	// (scope and select) objects. May match selectors of replication controllers
	// and services.
	Labels map[string]string `json:"labels,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Annotations is an unstructured key value map stored with a resource that may be
	// set by external tools to store and retrieve arbitrary metadata. They are not
	// queryable and should be preserved when modifying objects.
	Annotations map[string]string `json:"annotations,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set tolerations
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="Tolerations"
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.x-descriptors="urn:alm:descriptor:com.tectonic.ui:advanced,urn:alm:descriptor:io.kubernetes:Tolerations"
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set priorityClassName
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="PriorityClassName"
	PriorityClassName string `json:"priorityClassName,omitempty"`
	// +kubebuilder:validation:Optional
	// Optional: Set pod-level security context for driver pod
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="PodSecurityContext"
	PodSecurityContext *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
	}

https://github.com/NVIDIA/gpu-operator/blob/main/manifests/state-driver/0500_daemonset.yaml
And then to nvidiadriver template: https://github.com/NVIDIA/gpu-operator/blob/main/deployments/gpu-operator/templates/nvidiadriver.yaml

Also, this PR needs to be rebased from main as some of our CI checks have changed and would require the PR to be rebased so that they can be run.

@rahulait rebase done && update for driver done, PTAL

[rahulait]

/ok to test 1d3c36b

[rahulait]

It looks like bundle/manifests is missing updated CRD schema change for nvidiadriver?

[calmkart]

It looks like bundle/manifests is missing updated CRD schema change for nvidiadriver?

fixed

[rahulait]

/ok to test 1917379

[rahulait]

LGTM

[tariq1890]

@calmkart Can you squash your commit history ?

[calmkart]

@calmkart Can you squash your commit history ?

@tariq1890 ok, all done

[tariq1890]

/ok to test 092ddba

[tariq1890]

/cherry-pick release-26.3

[github-actions]

🤖 Backport PR created for release-26.3: #2286 ✅