-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🐛 Prevent KCP to create many private keys for each reconcile #8617
🐛 Prevent KCP to create many private keys for each reconcile #8617
Conversation
Thanks for this @fabriziopandini ! I have validated the patch and it is a huge improvement! 🎉 Here is the dashboard view with the patch applied idling at 10 clusters: The flame graph also confirms that we no longer have the 4 big blocks where it generated the private keys. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice.
I didn't expect it to be that straightforward. I assumed we have to cache something that actually expires.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice.
I didn't expect it to be that straightforward. I assumed we have to cache something that expires.
bf35756
to
5a8e9e1
Compare
/cherry-pick release-1.4 |
@fabriziopandini: once the present PR merges, I will cherry-pick it on top of release-1.4 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/cherry-pick release-1.3 |
@fabriziopandini: once the present PR merges, I will cherry-pick it on top of release-1.3 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test pull-cluster-api-e2e-main-full |
@fabriziopandini: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test pull-cluster-api-e2e-full-main |
/lgtm /hold |
LGTM label has been added. Git tree hash: 0e5f440696a1980bc912393a2b68cb8dd1ba15e7
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: sbueringer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
also the full E2E are green |
@fabriziopandini: new pull request created: #8619 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@fabriziopandini: #8617 failed to apply on top of branch "release-1.3":
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/area provider/control-plane-kubeadm |
What this PR does / why we need it:
When connecting to etcd on the workload clusters KCP creates a temporary certificate, however, one step of this operation, creating the private key for the new certificate, is CPU-consuming (see data on #8602 for more details).
This PR adds a private key to the clusterAccessor in the ClusterCacheTracker, created once for each cluster, so that KCP can re-use it at every reconciliation/in all the reconcile methods.
Which issue(s) this PR fixes:
Fixes #8602
cc @sbueringer @lentzi90