Why CCCL controller keeps updating virtual servers.

[ljeromets]

Kubernetes Version
v1.14.6
F5 CIS Controller Version
v1.14.0
BIG-IP Version
13.1.1.3 Build 0.0.1 Point Release 3

Hello,
I'm looking for help to investigate on a behavior we have in our environment.
Below the F5 CIS config:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: k8s-bigip-ctlr-deployment-node1
  namespace: kube-system
spec:
  # DO NOT INCREASE REPLICA COUNT
  replicas: 1
  template:
    metadata:
      name: k8s-bigip-ctlr
      labels:
        app: k8s-bigip-ctlr
    spec:
      # Name of the Service Account bound to a Cluster Role with the required
      # permissions
      serviceAccountName: bigip-ctlr
      containers:
        - name: k8s-bigip-ctlr
          image: "f5networks/k8s-bigip-ctlr:1.14.0"
          env:
            - name: BIGIP_USERNAME
              valueFrom:
                secretKeyRef:
                  # Replace with the name of the Secret containing your login
                  # credentials
                  name: bigip-login
                  key: username
            - name: BIGIP_PASSWORD
              valueFrom:
                secretKeyRef:
                  # Replace with the name of the Secret containing your login
                  # credentials
                  name: bigip-login
                  key: password
          command: ["/app/bin/k8s-bigip-ctlr"]
          args: [
            "--bigip-username=$(BIGIP_USERNAME)",
            "--bigip-password=$(BIGIP_PASSWORD)",
            "--bigip-url=xxxxx",
            "--insecure=true",
            "--bigip-partition=kubernetes",
            "--pool-member-type=nodeport",
            "--vs-snat-pool-name=SNAT",
            "--manage-ingress=false",
            ]
      imagePullSecrets:
        # Secret that gives access to a private docker registry
        - name: f5-docker-images
        # Secret containing the BIG-IP system login credentials
        - name: bigip-login

A configmap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: myconfig
  labels:
    f5type: virtual-server
data:
  schema: "f5schemadb://bigip-virtual-server_v0.1.7.json"
  data: |
    {
      "virtualServer": {
        "frontend": {
          "balance": "round-robin",
          "mode": "tcp",
          "partition": "kubernetes",
          "virtualAddress": {
            "bindAddr": xxxxxxxxx
            "port": 443
          }
        },
        "backend": {
          "serviceName": "my-service",
          "servicePort": "443",
          "healthMonitors": [{
            "interval": 10,
            "protocol": "tcp",
            "timeout": 120
          }]
        }
      }
    }

The behavior is the F5 CIS keeps updating every 30s all the virtuals servers:

2020/04/09 13:33:03 [INFO] [2020-04-09 13:33:03,260 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-nginx-https.vs
2020/04/09 13:33:03 [INFO] [2020-04-09 13:33:03,310 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-tsmain
2020/04/09 13:33:03 [INFO] [2020-04-09 13:33:03,360 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-postgresql.vs
2020/04/09 13:33:03 [INFO] [2020-04-09 13:33:03,410 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-staging_f5-tsmain

2020/04/09 13:33:33 [INFO] [2020-04-09 13:33:33,259 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-nginx-https.vs
2020/04/09 13:33:33 [INFO] [2020-04-09 13:33:33,311 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-tsmain
2020/04/09 13:33:33 [INFO] [2020-04-09 13:33:33,363 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-postgresql.vs
2020/04/09 13:33:33 [INFO] [2020-04-09 13:33:33,419 f5_cccl.resource.resource INFO] Updating ApiVirtualServer: /kubernetes/xxxxxxxxxxxxxxxx-staging_f5-tsmain

Any help to troubleshoot this issue is welcome.