Deprioritize resync operations#728
Conversation
cert-manager-prow
Bot
added
the
dco-signoff: yes
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
cert-manager-prow
Bot
added
the
needs-ok-to-test
|
Hi @alandiegosantos. Thanks for your PR. I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
cert-manager-prow
Bot
added
the
size/S
In this controller, the resync of the istio-ca-root configmap is not a priority compared with the events derived from namespace operations or change in the root CA. The resync operation also impacts clusters with thousands of namespaces, taking tenths of minutes to loop through all the configmaps, slowing the provisioning of the configmap on new namespaces. So, this MR updates the controller to use WithLowPriorityWhenUnchanged, reducing the priority of the resync if the configmap is unchanged. The PriorityQueue are default in controller-runtime v0.23, so no other change is necessary. Signed-off-by: Alan Diego dos Santos <alandiegosantos@gmail.com>
alandiegosantos
force-pushed
the
depriority_resync
branch
from
1b53173 to
6d1af78
Compare
There was a problem hiding this comment.
Pull request overview
Updates the ConfigMap controller’s event handling to deprioritize expensive resync/list-driven reconciles when the istio-ca-root-cert ConfigMap content is unchanged, improving responsiveness for namespace-driven provisioning on large clusters.
Changes:
- Switch the ConfigMap watch from
For(...)to an explicitWatches(...)so the handler can be wrapped. - Wrap
EnqueueRequestForObjectwithhandler.WithLowPriorityWhenUnchangedto reduce priority for unchanged resync/list events. - Keep metadata-only caching and the existing name-based predicate for the target ConfigMap.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
/ok-to-test |
cert-manager-prow
Bot
added
ok-to-test
and removed
needs-ok-to-test
|
/retest |
|
@alandiegosantos: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
I tried to test this locally and got the following error. It is probably the same reason the tests are all failing.
Coincidentally, I recently implemented changes in my environment to solve the same problem and created PR 752 with how I approached it. This pull request and my pull request do two different things. I think if this pull request can be updated to eliminate the error, then both can live side by side.
|
cert-manager-prow
Bot
added
the
needs-rebase
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
In this controller, the re-sync of the istio-ca-root configmap is not a priority compared with the events derived from namespace operations or the change in the root CA. The resync might take tenths of minutes in clusters with thousands of namespaces, slowing the provisioning of the configmap on new namespaces.
So, this MR updates the controller to use WithLowPriorityWhenUnchanged, reducing the priority of the re-sync if the configmap is unchanged. PriorityQueues are default in controller-runtime v0.23, so no other change is necessary.