Feature Request: Enable VPA for Config Sync Pods on GKE 1.34+

[tiffanny29631]

Checklist

• I did not find a related open enhancement request.
• I understand that enhancement requests filed in the GitHub repository are by default low priority.
• If this request is time-sensitive, I have submitted a corresponding issue with GCP support.

Describe the feature

Description: Config Sync reconciler pods occasionally experience OOMKilled errors when managing large repositories. We previously explored using Vertical Pod Autoscaler (VPA) to automatically right-size these pods, but integration was put on hold due to instability with the metrics-server (a dependency of VPA), specifically regarding availability during scale-to-zero events on Autopilot.

Feature request: Now that the metrics-server availability issue has been resolved in GKE 1.34, we should proceed with enabling VPA support for the Config Sync Reconciler. This will allow the reconciler to dynamically adjust its memory and CPU requests based on real-time usage, preventing OOMKills without requiring manual resource tuning or excessive over-provisioning.

Alternatives considered: We previously focused on static resource increases and runtime detection for Autopilot as a workaround. However, VPA offers a more efficient, long-term solution for handling variable loads.

Importance

No response

[tiffanny29631]

To support VPA in Config Sync, the reconciler-manager also needs to be updated to not manage the reconciler's resource requirements if VPA is enabled.