Policy Update Fold Efficiency Degradation
warningWhen policy regeneration events accumulate faster than they can be processed, Cilium folds multiple updates into single operations. High fold counts indicate policy churn overwhelming the agent, causing delayed enforcement and potential security gaps.
Monitor cilium_triggers_policy_update_folds metric. Sustained increases indicate policy updates are being batched due to processing backlog. Cross-reference with cilium_policy_regeneration_time_stats_seconds_datadog to identify if regeneration latency is contributing to the backlog.
Reduce policy update frequency by consolidating NetworkPolicy resources. Review controller status with 'cilium status --verbose' to identify unhealthy controllers. Consider increasing agent CPU resources if regeneration time is high. Validate that policy changes are intentional and not caused by automation loops.