3 min read | by Jordi Prats
If we want to make sure the resources for a given namespace are controlled yet we want to be able to give full control to whoever is creating objects in that namespace, we can use LimitRange to enforce some resource constraints:
This is implemented as an admission controller that observes the incoming requests and makes sure that it does not violate any of the constraints enumerated in the LimitRange object within it's namespace.
Using kubectl describe ns we can check whether there is already a LimitRange enforce resource limits on the namespace:
$ kubectl describe ns demo
Name: demo
Labels: <none>
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
If we want to set it, we just need to create a LimitRange object on the namespace, for example:
apiVersion: v1
kind: LimitRange
metadata:
name: cpu-min-max-demo-lr
spec:
limits:
- max:
cpu: "800m"
min:
cpu: "200m"
type: Container
If we apply it and the get back al describing the namespace we will be able to see the resource limits we have defined:
$ kubectl apply -f limits.yaml -n demo
limitrange/cpu-min-max-demo-lr created
$ kubectl describe ns demo
Name: demo
Labels: <none>
Annotations: <none>
Status: Active
No resource quota.
Resource Limits
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu 200m 800m 800m 800m -
We can also set a default resource request / limit. For example:
apiVersion: v1
kind: LimitRange
metadata:
name: demo-defaults
spec:
limits:
- default:
cpu: "1000m"
memory: 1000Mi
defaultRequest:
cpu: "500m"
memory: 600Mi
type: Container
This LimitRange defines that any pod within the namespace where it is set, if it doesn't specify any resources it will set the following settings:
We can check it using kubectl describe ns:
$ kubectl describe ns spinnaker-green
Name: demo
Labels: <none>
Annotations: <none>
Status: Active
No resource quota.
Resource Limits
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu - - 500m 1 -
Container memory - - 600Mi 1000Mi -
On the kubernetes documentation for Limit Ranges we will be able to get all the details.
Posted on 02/06/2021