Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate reducing memory usage on systems with many resources (secrets, configmaps, pvcs, etc) #766

Open
tesshuflower opened this issue Jun 7, 2023 · 1 comment
Open

Investigate reducing memory usage on systems with many resources (secrets, configmaps, pvcs, etc) #766

tesshuflower opened this issue Jun 7, 2023 · 1 comment
Assignees
@tesshuflower
Labels
enhancement New feature or request

Comments

@tesshuflower
Copy link
Contributor

tesshuflower commented Jun 7, 2023
edited

Describe the feature you'd like to have.

VolSync is an operator that watches resources across all namespaces - and watches many different resource types. On systems with many resources the memory usage can balloon.

Most likely cause of this are when a system has many secrets (configmaps, pvcs also potential causes).

VolSync currently watches the following:

https://github.com/backube/volsync/blob/main/controllers/replicationdestination_controller.go#L159-L166

but there are other resources too - such as:

  • configmaps

The controller-runtime client will add a watch on these as soon as they are queried for.

What is the value to the end user? (why is it a priority?)

How will we know we have a good solution? (acceptance criteria)

Additional context

Potential solutions:

  • https://sdk.operatorframework.io/docs/best-practices/designing-lean-operators/

    • Option to filter out resources from the cache by label or field
    • Note that the (potentially dangerous) part of this is anything that is filtered out becomes "invisible" to the client.
    • For secrets/configmaps/pvcs we do need to query for user created resources - so this may not be viable unless when querying we bypass the cache (i.e. use a client w/ reader that doesn't go to the cache for these queries)
    • This may be particularly useful for resources that VolSync creates and then watches (jobs, services, serviceaccounts, roles, rolebindings)
      • need to confirm but I don't think we care about watching/querying any of those resources that aren't created by VolSync.
      • potential gotcha here - does this break any createOrUpdate operations for example if a resources with the same name exists but has been filtered out by the cache?).
      • Guessing resources in the list above are less problematic from a memory perspective than secrets, configmaps.

  • Another potential option is to disable caching for certain resource types - see an example here: https://github.com/external-secrets/external-secrets/pull/729/files

  • Can also cache with metadata only (I think this is used in the external secrets update above as well?):
    ✨ metadata-only watches kubernetes-sigs/controller-runtime#1174

All these potentially have issues with causing more API traffic if we're doing a lot of reconciles if we have to get the resources every time.
@tesshuflower tesshuflower added the enhancement New feature or request label Jun 7, 2023
@tesshuflower
Copy link
Contributor Author

/assign @tesshuflower

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tesshuflower tesshuflower

Labels
enhancement New feature or request
Projects
VolSync project tracking
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tesshuflower