Configure the controller manager rate limit
This pages describes how to configure the overall rate limit (token bucket rate limit) for the controller manager in Config Connector.
Configure the rate limit for namespaced controller manager
If Config Connector is configured to run in
namespaced mode, you can
use the NamespacedControllerReconciler
custom resource to configure the rate
limit of the cnrm-controller-manager
controller's Kubernetes client
in your designated namespace. You can configure rate limit for this
controller in Config Connector version 1.119 and later.
Create a file named
configure-rate-limit.yaml
and copy the following YAML into it:apiVersion: customize.core.cnrm.cloud.google.com/v1alpha1 kind: NamespacedControllerReconciler metadata: name: cnrm-controller-manager # name must not contain the namespace ID suffix namespace: NAMESPACE spec: rateLimit: qps: 80 # the default value is 20 burst: 40 # the default value is 30
Replace
NAMESPACE
with the name of your namespace.Use
kubectl apply
to apply the rate limit configuration to your cluster:kubectl apply -f configure-rate-limit.yaml
Verify the configuration is successful by running the following command:
kubectl get namespacedcontrollerreconciler cnrm-controller-manager -n NAMESPACE -o jsonpath='{.status.healthy}'
The output should display
status.healthy
field set totrue
.Verify that the
--qps
and--burst
flags are added to thecnrm-controller-manager
controller's manager container by running the following command:kubectl describe statefulsets cnrm-controller-manager -n cnrm-system
The output should contain the following:
Containers: manager: Image: gcr.io/gke-release/cnrm/controller:fd4c42c Port: 23232/TCP Host Port: 0/TCP Command: /configconnector/manager Args: --qps=80 --burst=40 --scoped-namespace=config-control --prometheus-scrape-endpoint=:8888