Helm: Use informer to list helm secrets to improve performance #6354
Conversation
Could you point me to the file where the watch for Secrets in
Yes, wrapping the |
Helm stores its state in secrets inside the cluster. Instead of listing these secrets before every reconciliation of every release, we use an informer to query a local secrets list. This significantly reduced the load on the kubernetes apiserver and etcd Signed-off-by: Luca Berneking <l.berneking@mittwald.de>
| Any new updates? Somehow @joelanford was automatically removed as a reviewer when "re-requesting" the review. |
There was a problem hiding this comment.
@Lucaber Thanks for the contribution! Apologies for this PR getting lost in the weeds of other PRs. I'll try to get this pushed through.
/lgtm
3 participants
Description of the change:
Helm stores its state in secrets inside the cluster.
Instead of listing these secrets before every reconciliation of every release, we use an informer to query a local secrets list.
Whats the current status of the helm-operator-plugins repo, should I also create a MR there?
Motivation for the change:
We are running 2 helm-operators with 50 CRs each in a namespace with over 1000 secrets.
Listing these secrets, even with a filter, takes more than 1 second.
Running multiple of these list queries in parallel generates a high load on the kubernetes apiserver and etcd.
Combined with the default reconcile period of 1m this results in a constant high load.
Before and After metrics (after installing this MR on the first and second helm-operator in the cluster):
This issue was primarily noticed due to a very high load and network traffic between the kubernetes etcd instances.
Checklist
If the pull request includes user-facing changes, extra documentation is required:
changelog/fragments(seechangelog/fragments/00-template.yaml)website/content/en/docs