search

ottoyiu / k8s-ec2-srcdst

A Kubernetes Controller that will ensure that the EC2 Source Destination Check (source-dest-check attribute) is disabled on nodes within the cluster.
Apache License 2.0
18 stars 8 forks source link

has k8s-ec2-srcdst any self-healing? #1

Closed felipejfc closed 7 years ago

felipejfc commented 7 years ago

is it possible that the cache informer loses the update on some node somehow?

if so, I think that we should also have a periodic check on all nodes for self healing them...

what do you think @ottoyiu ?

ottoyiu commented 7 years ago

The informer has a resync period set to 60 seconds, which should trigger the OnUpdate handler even without any actual changes. This should catch any missed events on nodes. https://github.com/ottoyiu/k8s-ec2-srcdst/blob/master/pkg/controller/srcdst_controller.go#L46

as documented here: https://github.com/kubernetes/client-go/blob/450baa5d60f8d6a251c7682cb6f86e939b750b2d/tools/cache/controller.go#L270

Have you run into any scenarios where the controller/cache informer missed an update?

felipejfc commented 7 years ago

No, I haven't... Just to be sure as I'm running a very important production cluster with it now