Mohammed Naser

Something that helped us a bit is the patch above, but we're still seeing this heavily. When running `tcpdump`, I see a whole load of `AF_NETLINK` traffic.

I think the issue with this is that when/if the cluster is upgraded, the configuration will get wiped.. no?

> The pre/postKubeadmCommands run for an upgrade the same as they do for cluster initialization so kustomize modifies the kube-apiserver.yaml manifest to add the auth webhook. Perfect, alright, so that...

@greenpau do you think you could land this if possible? :)

No worries. We have started something similar that is built on libovsdb here -- https://github.com/vexxhost/ovs_exporter

> It might be useful for cross repo checks, but the only repo that we would cross-test is Gophercloud. I don't think we'll ever bring back Zuul to Gophercloud CI....

Alright, if that's the case, I'll look at adding the DevStack jobs next as well and the rest.

Did a bit of checking, we'll have to leverage `devstack-tox-functional-consumer` .. but without tox, but we can leverage the roles easily.

> looks this log not from CAPO repo itself, maybe from the cert-manager code ? anyway, running --v=5 or default log level? We're using the default log level in our...

@MPV is there any conceivable way we can do this while kepeing TCP load balancer monitors?