New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
clusterlint claims that webhook timeoutSeconds of 30 is too high #6907
Comments
Hey, thanks for raising this. There is this comment in kubelint's code:
and
I can't tell why 30 seconds is "bad" 😅 For context, I pushed for changing this value from 10 seconds to 30 seconds in #6488 with the intention of increasing the "context deadline timeout" to its maximum value so that the underlying timeout error message has more chance of being returned to the end user, thus making it easier to debug networking errors. |
Ah, thank you for those additional details! I actually tried changing the timeout to 31 seconds and got an error, too. Combining what we're seeing in the code with that behavior, I believe 30 seconds to indeed be a valid value. I will bring this back to the clusterlint issue. |
I've been using cert-manager for years. I really can't sing its praises enough. I've got it deployed as a helm chart. In that deployment method, the default value of the webhook
timeoutSeconds
is 30. According to clusterlint, this value is actually too high, and the max value should be 29. It's telling me that it will block the upgrade from k8s v1.28 to v1.29 in one of my clusters (which I host at DigitalOcean).I guess I will change it to 29 in my local deployment to make clusterlint happy, but I'd like to get to the bottom of this. If clusterlint is correct (not saying it is, which is why I'm logging this issue in both places), you might consider making the default value 29. On the other hand, if 30 is indeed a valid value, clusterlint probably shouldn't complain about it.
The text was updated successfully, but these errors were encountered: