Kubernetes made my latency 10x higher


17 bookmarks. First posted by pdudits 23 days ago.


KIAM [a Kubernetes IAM API helper] happens to provide short-lived credentials to Pods, which makes sense as it’s fair to assume that the average lifetime of a Pod is shorter than EC2 instances. The default is precisely 15 min.

But if you put both defaults together, you have a problem. Each certificate provided to the application has a 15 min expiration time. The AWS Java SDK will force refreshing any certificate with less than 15 min expiration time left.

The result is that every request will be forced to refresh the temporary certificate, which requires two calls to the AWS API that add a huge latency penalty to each request. We later found a feature request in the AWS Java SDK that mentions this same issue.

The fix was easy. We reconfigured KIAM to request credentials with a longer expiration period. Once this change was applied, requests started being served without involving the AWS Metadata service and returned to an even lower latency than in EC2.
kubernetes  kiam  defaults  aws  latency  performance  ec2 
11 days ago by jm
Kubernetes made my latency 10x higher
from twitter_favs
14 days ago by varnothing
Last week my team was busy with the migration of one microservice to ourcentral platform, which bundles CI/CD, a Kubernetes based runtime,metrics and other g...
galo_navarro  microservices  netapinotes  kubernetes  aws  dns  testing 
21 days ago by mreinbold
Networking is fun they said. Containers make it easier they said...
from twitter_favs
23 days ago by jey
Networking is fun they said. Containers make it easier they said...https://t.co/mxfI9bZEjk

— Martin Thompson () October 30, 2019

http://twitter.com/mjpt777/status/1189587240516763648
from twitter_favs
23 days ago by pdudits
Networking is fun they said. Containers make it easier they said...
from twitter_favs
23 days ago by skchrko