1641815 – service-serving-cert-signer is making high amounts of requests

Bug 1641815 - service-serving-cert-signer is making high amounts of requests

Summary: service-serving-cert-signer is making high amounts of requests

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	apiserver-auth
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	4.1.0
Assignee:	Matt Rogers
QA Contact:	scheng
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-10-22 20:48 UTC by Juan Vallejo
Modified:	2020-01-08 15:35 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-04 10:40:48 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:0758	0	None	None	None	2019-06-04 10:40:56 UTC

Description Juan Vallejo 2018-10-22 20:48:45 UTC

Description of problem:

The service-serving-cert-signer is making over 30,000 requests within the span of 2 hours (since bringing up a cluster using the installer).

For comparison, the apiserver performs 24,000 requests within the same time period.

Comment 1 Matt Rogers 2018-10-30 01:31:28 UTC

Hi Juan, try running your metrics with docker.io/mrogers950/origin-service-serving-cert-signer:limittest ? This is an image built with https://github.com/openshift/service-serving-cert-signer/pull/37. We should see a reduction in the amount of API requests over time.

Comment 2 Neelesh Agrawal 2019-01-25 21:19:42 UTC

I think we had couple of rounds of reduction on request-load. Is this still an active issue? Can this be closed now?

Comment 3 Matt Rogers 2019-01-25 21:34:33 UTC

Yes, the operator no longer continually sync loops, which was the root cause of our constant API hammering.

Comment 8 errata-xmlrpc 2019-06-04 10:40:48 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758

Note You need to log in before you can comment on or make changes to this bug.