T-Kukawka
commented
1 year ago We will first test it for v18 and v19 with initiator app to see actual impact
Open T-Kukawka opened 1 year ago
T-Kukawka
commented
1 year ago We will first test it for v18 and v19 with initiator app to see actual impact
nprokopic
commented
1 year ago We will first test it for v18 and v19 with initiator app to see actual impact
@T-Kukawka did you try this out?
T-Kukawka
commented
1 year ago i think it was even @silenteh idea as far as i know - but we did not test it :(
We have witnessed a lot of cases where the k8s api is flooded by the events, either from kyverno or nginx.
In order to avoid such situations in the future where the amount of events overloads the k8s api we can add a feature for admission controller to rate limit the events based on: https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#eventratelimit.
This can be configured by namespace, user, server or SourceAndObject. This solution should mitigate issues for overloaded API in cases of spikes in events send towards it.