Objectbase quota: pod, rs, pv
controlplane $ kubectl create ns myns
namespace/myns created
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
controlplane $
==============
controlplane $ kubectl explain resourcequota
KIND: ResourceQuota
VERSION: v1
DESCRIPTION:
ResourceQuota sets aggregate quota restrictions enforced per namespace
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
Spec defines the desired quota.
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object>
Status defines the actual enforced quota and its current usage.
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
==============
controlplane $ kubectl apply -f rsquota.yml --dry-run
W0420 01:28:47.010151 46233 helpers.go:663] --dry-run is deprecated and can be replaced with --dry-run=client.
resourcequota/myquota created (dry run)
controlplane $
controlplane $ kubectl apply -f rsquota.yml --namespace=myns
resourcequota/myquota created
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
Resource Quotas
Name: myquota
Resource Used Hard
-------- --- ---
pods 0 2
No LimitRange resource.
=======================
controlplane $ kubectl run mypod --image=nginx -n myns
pod/mypod created
controlplane $ kubectl get po -n myns
NAME READY STATUS RESTARTS AGE
mypod 0/1 ContainerCreating 0 6s
controlplane $ kubectl get po -n myns
NAME READY STATUS RESTARTS AGE
mypod 1/1 Running 0 9s
controlplane $ kubectl run mypod1 --image=nginx -n myns
pod/mypod1 created
controlplane $ kubectl get po -n myns
NAME READY STATUS RESTARTS AGE
mypod 1/1 Running 0 18s
mypod1 1/1 Running 0 3s
controlplane $ kubectl run mypod2 --image=nginx -n myns
Error from server (Forbidden): pods "mypod2" is forbidden: exceeded quota: myquota, requested: pods=1, used: pods=2, limited: pods=2
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
Resource Quotas
Name: myquota
Resource Used Hard
-------- --- ---
pods 2 2
No LimitRange resource.
https://kubernetes.io/docs/concepts/policy/resource-quotas/
controlplane $ kubectl delete -f rsquota.yml -n myns
resourcequota "myquota" deleted
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
controlplane $
=======================
Compute Base Quota: cpu, memory
controlplane $ cat computequota.yml
apiVersion: v1
kind: ResourceQuota
metadata:
name: myquota
spec:
hard:
requests.cpu: 0.5
requests.memory: 500Mi
limits.cpu: 1
limits.memory: 1Gi
controlplane $ kubectl apply -f computequota.yml -n myns
resourcequota/myquota created
controlplane $ kubectl get resourcequotas -n myns
NAME AGE REQUEST LIMIT
myquota 2m31s requests.cpu: 0/500m, requests.memory: 0/500Mi limits.cpu: 0/1, limits.memory: 0/1Gi
controlplane $
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
Resource Quotas
Name: myquota
Resource Used Hard
-------- --- ---
limits.cpu 0 1
limits.memory 0 1Gi
requests.cpu 0 500m
requests.memory 0 500Mi
No LimitRange resource.
controlplane $ kubectl run mypod1 --image=nginx -n myns
Error from server (Forbidden): pods "mypod1" is forbidden: failed quota: myquota: must specify limits.cpu for: mypod1; limits.memory for: mypod1; requests.cpu for: mypod1; requests.memory for: mypod1
controlplane $
===================
apiVersion: v1
kind: Pod
metadata:
name: high-priority
spec:
containers:
- name: high-priority
image: ubuntu
command: ["/bin/sh"]
args: ["-c", "while true; do echo hello; sleep 10;done"]
resources:
requests:
memory: "250Mi"
cpu: "0.1"
limits:
memory: "500Mi"
cpu: "0.5"
==========================
controlplane $ kubectl apply -f mypod.yml -n myns
pod/high-priority created
controlplane $
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
Resource Quotas
Name: myquota
Resource Used Hard
-------- --- ---
limits.cpu 500m 1
limits.memory 500Mi 1Gi
requests.cpu 100m 500m
requests.memory 250Mi 500Mi
No LimitRange resource.
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
Resource Quotas
Name: myquota
Resource Used Hard
-------- --- ---
limits.cpu 1 1
limits.memory 1000Mi 1Gi
requests.cpu 200m 500m
requests.memory 500Mi 500Mi
No LimitRange resource.
controlplane $ vi mypod.yml
controlplane $ kubectl apply -f mypod.yml -n myns
Error from server (Forbidden): error when creating "mypod.yml": pods "high-priority2" is forbidden: exceeded quota: myquota, requested: limits.cpu=500m,limits.memory=500Mi,requests.memory=250Mi, used: limits.cpu=1,limits.memory=1000Mi,requests.memory=500Mi, limited: limits.cpu=1,limits.memory=1Gi,requests.memory=500Mi
controlplane $
if we assign only limit then request and limit will be same for pod
If we assign only request ..the we will get error..
============
Now if we not assign any limit and we want it should assign automatically
LimitRange:
https://kubernetes.io/docs/concepts/policy/limit-range/
controlplane $ kubectl explain limitrange
KIND: LimitRange
VERSION: v1
DESCRIPTION:
LimitRange sets resource usage limits for each kind of resource in a
Namespace.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
Spec defines the limits enforced. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
controlplane $
controlplane $ kubectl api-resources |grep -i limit
limitranges limits v1 true LimitRange
controlplane $
controlplane $ kubectl get limits -n myns
No resources found in myns namespace.
===========================
controlplane $ cat nslimit.yml
apiVersion: v1
kind: LimitRange
metadata:
name: testlimit
namespace: myns
spec:
limits:
- default:
cpu: 200m
memory: 500Mi
type: Container
===================
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
No resource quota.
Resource Limits
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu - - 200m 200m -
Container memory - - 500Mi 500Mi -
controlplane $
=====================
controlplane $ cat nslimit.yml
apiVersion: v1
kind: LimitRange
metadata:
name: testlimit
namespace: myns
spec:
limits:
- default:
cpu: 200m
memory: 500Mi
defaultRequest:
cpu: 100m
memory: 250Mi
type: Container
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
No resource quota.
Resource Limits
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu - - 100m 200m -
Container memory - - 250m 500Mi -
controlplane $ cat nslimit.yml
apiVersion: v1
kind: LimitRange
metadata:
name: testlimit
namespace: myns
spec:
limits:
- default:
cpu: 200m
memory: 500Mi
defaultRequest:
cpu: 100m
memory: 250Mi
min:
cpu: 80m
memory: 250Mi
max:
cpu: 700m
memory: 700Mi
type: Container
===========
controlplane $ kubectl describe ns myns
Name: myns
Labels: kubernetes.io/metadata.name=myns
Annotations: <none>
Status: Active
No resource quota.
Resource Limits
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu 80m 700m 100m 200m -
Container memory 250Mi 700Mi 250Mi 500Mi -
apiVersion: v1
kind: Pod
metadata:
name: example-no-conflict-with-limitrange-cpu
spec:
containers:
- name: demo
image: registry.k8s.io/pause:2.0
resources:
requests:
cpu: 700m
limits:
cpu: 700m
