Switch status writes to use k8s patch #387
Labels
enhancement
New feature or request
Comments
|
fyi @Sodman @nrjpoddar as part of stability effort for GM |
|
if done right, we can also restrict permissions for the patch to the status subresource, so GM controller no longer needs create permissions (or patch on anything but the subresource) which allows us to better use k8s rbac to protect against a potentially catastrophic bug in GM affecting routing behavior (e.g. race with read/write blowing away updates, if 409 retry logic is buggy) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
similar to solo-io/solo-kit#517
we saw at scale Gloo was being rate limit by k8s writing statuses to resources.
moving to a k8s patch can lower the api calls required, no longer using a read then write call pattern. this drastically improved status reporting at scale
The text was updated successfully, but these errors were encountered: