github-actions[bot]
commented
1 month ago This issue is stale because it has been open for 365 days with no activity.
Open evan2645 opened 1 year ago
github-actions[bot]
commented
1 month ago This issue is stale because it has been open for 365 days with no activity.
hiyosi
commented
1 month ago In my view, there is a problem of datastore connection due to the authorization process when large numbers of agents make requests at short intervals.
e.g. https://github.com/spiffe/spire/blob/main/pkg/server/endpoints/middleware.go#L70
A configurable agent sync interval has been important for larger deployments because the overhead of a frequent full synchronization can be high at scale. At the same time, increasing the sync interval has come with lots of side-effects (https://github.com/spiffe/spire/pull/4479 for example)
Recent work in https://github.com/spiffe/spire/issues/3496 is drastically reducing the synchronization overhead. And if that work is successful, we should be able to deprecate a configurable sync interval. Are there any good reasons to keep this config around after #3496 is complete?