cluster-autoscaler caches workload cluster kubeconfig #4784
Description
Which component are you using?: cluster-autoscaler
What version of the component are you using?: 1.21.2
What k8s version are you using (kubectl version)?:
kubectl version Output
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.5", GitCommit:"c285e781331a3785a7f436042c65c5641ce8a9e9", GitTreeState:"archive", BuildDate:"2022-03-17T21:14:47Z", GoVersion:"go1.18", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21+", GitVersion:"v1.21.5-eks-bc4871b", GitCommit:"5236faf39f1b7a7dabea8df12726f25608131aa9", GitTreeState:"clean", BuildDate:"2021-10-29T23:32:16Z", GoVersion:"go1.16.8", Compiler:"gc", Platform:"linux/amd64"}
What environment is this in?: EKS managed by Cluster API
What did you expect to happen?:
The autoscaler should use the renewed kubeconfig for the workload cluster.
What happened instead?:
After around ~10 minutes the token renews in the kubeconfig secret for the workload cluster and the autoscaler no longer works, the pod has to be killed for it to pick up the new token.
How to reproduce it (as minimally and precisely as possible):
Deploy cluster-autoscaler on a CAPI management cluster, pointing at a workload cluster.
Example Helm values:
additionalLabels:
app: autoscaler
autoDiscovery:
clusterName: mycluster-name
cloudProvider: clusterapi
clusterAPIConfigMapsNamespace: kube-system
clusterAPIKubeconfigSecret: mycluster-name-kubeconfig
clusterAPIMode: kubeconfig-incluster
extraArgs:
balance-similar-node-groups: true
expander: least-waste
leader-elect: false
logtostderr: true
stderrthreshold: error
v: 1