Closed jonnylangefeld closed 2 years ago
If I analyze stackdriver with a query like
protoPayload.serviceName="container.googleapis.com"
protoPayload.methodName="google.container.v1beta1.ClusterManager.UpdateCluster"
protoPayload.authenticationInfo.principalEmail="<cnrm service account>"
I see constant updates in "desiredMasterAuthorizedNetworksConfig": {}
. If I compare the diffs of those updates, I see that the only diffs are the order of cidrBlock
and displayName
(probably because it's a map?). A typical diff would look like this:
< "cidrBlock": "35.237.67.185/32",
< "displayName": "gcp-staging-cloud-nat-us-west2-4"
---
> "displayName": "gcp-staging-cloud-nat-us-west2-4",
> "cidrBlock": "35.237.67.185/32"
I couldn't quite figure out yet if the IP rotation of the api server is related to it.
Hi @jonnylangefeld thanks for reporting this along with the detailed information and reproduction steps. We will look into fixing this issue.
Hey Jonny, the infinite diff issue is now fixed in 1.23.0. The issue was due to the diff calculation on spec.minMasterVersion
detecting differences too aggressively. We are working with our sister team to solve the master authorized network config ordering issue, which was exacerbated by the min master version triggering these constant updates.
Hi @kibbles-n-bytes, any updates to the master authorized network config ordering issue?
Hi @jonnylangefeld, this issue should no longer be happening -- we checked in with our sister team and confirmed that the diff calculation should not be detecting the master authorized network config field reordering as a diff. Is this issue still affecting you?
Describe the bug As the title says. I believe it has to do with the field
masterAuthorizedNetworksConfig
. I haven't seen this happen on clusters that didn't have that parameter set. I also see log entries on Stackdriver every 10 minutes that allude tomasterAuthorizedNetworksConfig
being updated.ConfigConnector Version
1.11.1
To Reproduce Create the containercluster below
YAML snippets: