limit range

By default, containers run with unbounded compute resources on a Kubernetes cluster. With resource quotas, cluster administrators can restrict resource consumption and creation on a namespace basis. Within a namespace, a Pod or Container can consume as much CPU and memory as defined by the namespace's resource quota. There is a concern that one Pod or Container could monopolize all available resources. A LimitRange is a policy to constrain resource allocations (to Pods or Containers) in a namespace.

A LimitRange provides constraints that can:

  • Enforce minimum and maximum compute resources usage per Pod or Container in a namespace.
  • Enforce minimum and maximum storage request per PersistentVolumeClaim in a namespace.
  • Enforce a ratio between request and limit for a resource in a namespace.
  • Set default request/limit for compute resources in a namespace and automatically inject them to Containers at runtime.

Enabling LimitRange

apiVersion: v1
kind: LimitRange
metadata:
  name: testLimit
  namespace: ns1
spec:
  limits:
    - default:
        cpu: 200m
        memory: 500m
      defaultRequest:
        cpu: 100m
        memory: 250m
      type: Container
kubectl apply -f limit.yaml -n ns1

Note- after setting the limit range, we dont need to specify limit in the pod defination files

apiVersion: v1
kind: Pod
metadata:
  name: firstPod
spec:
  containers:
    - image: image:latest
      name: firstcontainer

Set Min and Max for limit range

apiVersion: v1
kind: LimitRange
metadata:
  name: testLimit
  namespace: ns1
spec:
  limits:
    - default:
        cpu: 200mi
        memory: 500mi
      defaultRequest:
        cpu: 100mi
        memory: 250mi
      min:
        cpu: 80mi
        memory: 250mi
      max:
        cpu: 700mi
        memory: 700mi
      type: Container

Set Max limit request ratio

apiVersion: v1
kind: LimitRange
metadata:
  name: testLimit
  namespace: ns1
spec:
  limits:
    - maxLimitRequestRatio:
        memory: 2
     type: Container