You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sorry if this is documented somewhere but I havent been able to find it
Im experimenting with config connector and im trying to create a custom role for my config connector gsa that is scoped very tightly
What I have been doing is deploying, checking error messages for missing perms, updating the perms, waiting for config connector to retry to create/modify/delete the resource
This has been working but sometimes I have to wait a little while for it to retry. What is the retry interval and is it configurable? will re-applying the same manifest cause config connector to immediately retry creating the resource?
another example: at one point I didnt give config connector enough access to delete a resource so the finalizer hang until I gave it the right access and waited for config connector to retry deleting the resource
The text was updated successfully, but these errors were encountered:
What is the retry interval and is it configurable?
On a successful apply, config connector will re-reconcile the resource after 10 mins; that being said, any drift between k8s CR and the underlying resource will be corrected on the next reconciliation.
However, if the initial reconciliation fails for some reason, config connector will retry on it with exponential backoff with 10-mins max
Currently it's not configurable.
will re-applying the same manifest cause config connector to immediately retry creating the resource?
Unfortunately no; applying the exact same manifest will not trigger an UPDATE on k8s api-sever, then config connector will be notified to reconcile. The workaround is to modify the metadata.labels to trigger an immediate retry.
Sorry if this is documented somewhere but I havent been able to find it
Im experimenting with config connector and im trying to create a custom role for my config connector gsa that is scoped very tightly
What I have been doing is deploying, checking error messages for missing perms, updating the perms, waiting for config connector to retry to create/modify/delete the resource
This has been working but sometimes I have to wait a little while for it to retry. What is the retry interval and is it configurable? will re-applying the same manifest cause config connector to immediately retry creating the resource?
another example: at one point I didnt give config connector enough access to delete a resource so the finalizer hang until I gave it the right access and waited for config connector to retry deleting the resource
The text was updated successfully, but these errors were encountered: