I am trying to use AutoNEG controller in Workload Identity mode (configured according to the manual), and I face a problem with auto populating the GCLB backends.
I noticed that shortly after creating GKE services, the backends show the NEGs in GC console, but then they disappear and never show up again.
The sequence of events according to Stackdriver logs: https://pastebin.com/FKdhqYTy
I can see BAD_REQUEST and RESOURCE_NOT_READY errors there.
I have AutoNEG controller working correctly in neighbor projects, but using cloud access scopes. It's just for extra context, I am not sure if this particular issue is related to Workload Identity setup or not.
Inside the affected NEG I can see undefined health status. However I think (though not sure) that this is because it is "Not used yet" by the backend, so it's a consequence.
Also the problem persists, even if I remove GKE services and create them again - so it is not any kind of a race with LB backend service creation.
Any idea what goes wrong here?
Also opened as a GitHub issue for AutoNEG controller, but I am uncertain if it is a tool issue or a generic GCP one: https://github.com/GoogleCloudPlatform/gke-autoneg-controller/issues/18
