Config Connector is eventually consistent
With declarative configuration, you define the desired state of the system. The system then works constantly to remain as close as possible to this state. See Declarative management of Kubernetes objects using configuration files for more information.
With Config Connector, you can create and update resources in any order, regardless of dependency relationships. GKE moves your declared configuration towards eventual consistency with the desired state.
For example, if you create a
PubSubSubscription before the corresponding
PubSubTopic, Config Connector waits until the topic is created before
creating the associated subscription.
The duration your Config Connector installation remains inconsistent depends on
the number and types of resources it manages. Changes to a
GKE cluster are typically executed in seconds. However, the time
to create Google Cloud resources can vary based upon the type
of resource. For example, a single
PubSubTopic takes seconds to create.
Google Cloud resources do not reach consistency until they are created. For example, when creating an
SQLInstance and an
SQLDatabase, the system is inconsistent for a period of minutes while the
database is created.
GKE and Config Connector reconcile each resource with every update or every 10 minutes. When there is an error in reconciling, Config Connector retries every 30 seconds with exponential backoff. You can view any errors in the Events of a given resource.
Mutable but unreadable fields are actuated on change only
Some APIs expose fields that are not readable, but are mutable (e.g. the password for a SQL user). Due to the inability to see if these fields have been modified, mutable but unreadable fields will be updated only when the custom resource is modified.
Resources will not be recreated when modifying immutable fields
Some fields in a resource are immutable, and can't be reconciled without deleting, then re-creating the target resource.
In these situations, Config Connector will emit an "UpdatedFailed" Kubernetes event for the resource rather than perform this re-creation. The user must then delete and re-create the resource.
Warning UpdateFailed 37m (x643 over 15d) computeinstance-controller Update call failed: the desired mutation for the following field(s) is invalid: [bootDisk.0.InitializeParams.0.Image networkInterface.0.NetworkIp]