Devops Wala

Blog

Configure Memory and CPU Quotas for a Namespace

Byanishrana2001

May 19, 2024

Requests and limits

 

Requests: It means minimum amount of resource it can consume (request). Kubernetes Schedular will check the node if it can create a pod with this minimum resource?

Limits: It means, maximum amount of request container can demand. The kubelet (and container runtime) enforce the limit.

If application inside the container demands more resources (example allowed amount of memory), then the system kernel terminates the process that attempted the allocation, with an out of memory (OOM) error.

In order to perform this, first we will going to create a Namespace “ns-quota1”

kubectl create namespace ns-quota1

 

After that, we need to create a ResourceQuota inside the newly created Namespace "ns-quota1". In this manifest file, we have mentioned the requests and limit values under the spec.hard section.
[root@master1 ~]# cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: quota-mem-cpu-demo
spec:
containers:
- name: quota-mem-cpu-demo-ctr
image: nginx
resources:
limits:
memory: "800Mi"
cpu: "800m"
requests:
memory: "600Mi"
cpu: "400m"
EOF
pod/quota-mem-cpu-demo created
We can also check this ResourceQuota by executing below commands.

kubectl -n ns-quota1 get resourcequota mem-cpu-demo -o yaml

apiVersion: v1
kind: ResourceQuota
metadata:
creationTimestamp: “2024-05-19T13:03:26Z”
name: mem-cpu-demo
namespace: ns-quota1
resourceVersion: “375044”
uid: 4ae3a716-c415-4762-a983-b9e957e41111
spec:
hard:
limits.cpu: “2”
limits.memory: 2Gi
requests.cpu: “1”
requests.memory: 1Gi
status:
hard:
limits.cpu: “2”
limits.memory: 2Gi
requests.cpu: “1”
requests.memory: 1Gi
used:
limits.cpu: “0”
limits.memory: “0”
requests.cpu: “0”
requests.memory: “0”

 

Or we can execute below command.

kubectl -n ns-quota1 describe resourcequota mem-cpu-demo

Now, its time to create a pod ,but not inside this namespace. Thus, this resourcequota values will be not changed.

cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: quota-mem-cpu-demo
spec:
containers:
- name: quota-mem-cpu-demo-ctr
image: nginx
resources:
limits:
memory: "800Mi"
cpu: "800m"
requests:
memory: "600Mi"
cpu: "400m"
EOF
Check the resourcequota information

[root@master1 ~]# kubectl get resourcequota mem-cpu-demo -n ns-quota1 -o yaml
apiVersion: v1
kind: ResourceQuota
metadata:
creationTimestamp: "2024-05-19T13:03:26Z"
name: mem-cpu-demo
namespace: ns-quota1
resourceVersion: "375044"
uid: 4ae3a716-c415-4762-a983-b9e957e41111
spec:
hard:
limits.cpu: "2"
limits.memory: 2Gi
requests.cpu: "1"
requests.memory: 1Gi
status:
hard:
limits.cpu: "2"
limits.memory: 2Gi
requests.cpu: "1"
requests.memory: 1Gi
used:
limits.cpu: "0"
limits.memory: "0"
requests.cpu: "0"
requests.memory: "0"


There is no changes in this ResourceQuota.

 

Now, delete this pod. There is no use of it.

 

[root@master1 ~]# kubectl delete pod/quota-mem-cpu-demo
pod “quota-mem-cpu-demo” deleted

Create a pod under the namespace “ns-quota1”. This time, our resourcequota will be used.

 

[root@master1 ~]#  cat <<EOF | kubectl create -f –
apiVersion: v1
kind: Pod
metadata:
name: quota-mem-cpu-demo
namespace: ns-quota1
spec:
containers:
– name: quota-mem-cpu-demo-ctr
image: nginx
resources:
limits:
memory: “800Mi”
cpu: “800m”
requests:
memory: “600Mi”
cpu: “400m”
EOF

 

Check the resourcequota information

[root@master1 ~]# kubectl get resourcequota mem-cpu-demo -n ns-quota1 -o yaml
apiVersion: v1
kind: ResourceQuota
metadata:
creationTimestamp: “2024-05-19T13:03:26Z”
name: mem-cpu-demo
namespace: ns-quota1
resourceVersion: “375286”
uid: 4ae3a716-c415-4762-a983-b9e957e41111
spec:
hard:
limits.cpu: “2”
limits.memory: 2Gi
requests.cpu: “1”
requests.memory: 1Gi
status:
hard:
limits.cpu: “2”
limits.memory: 2Gi
requests.cpu: “1”
requests.memory: 1Gi
used:
limits.cpu: 800m
limits.memory: 800Mi
requests.cpu: 400m
requests.memory: 600Mi

A neet and clean way to check.

[root@master1 ~]# kubectl -n ns-quota1 get resourcequota mem-cpu-demo -o jsonpath='{ .status.used }' | jq .
{
"limits.cpu": "800m",
"limits.memory": "800Mi",
"requests.cpu": "400m",
"requests.memory": "600Mi"
}
If we again create a POD with exceed resources then it should generate an error message. Let's try.

[root@master1 ~]# cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: quota-mem-cpu-demo-2
namespace: ns-quota1
spec:
containers:
- name: quota-mem-cpu-demo-2-ctr
image: redis
resources:
limits:
memory: "1Gi"
cpu: "800m"
requests:
memory: "700Mi"
cpu: "400m"
EOF
Error from server (Forbidden): error when creating "STDIN": pods "quota-mem-cpu-demo-2" is forbidden: exceeded quota: mem-cpu-demo, requested: requests.memory=700Mi, used: requests.memory=600Mi, limited: requests.memory=1Gi

By anishrana2001

Related Post

Blog

Linux Foundation discount exam coupons

Jul 7, 2024 anishrana2001
Blog

Multus CNI

May 18, 2024 anishrana2001
Blog

Devops-wala

Dec 28, 2023 anishrana2001

Leave a Reply

Your email address will not be published. Required fields are marked *

About Us

Embark on a transformative learning experience with DevOps Wala’s online courses. Acquire in-demand skills in DevOps methodologies, tools, and practices, ensuring hands-on expertise to propel your career forward in the ever-evolving landscape of DevOps.

Info

Courses

Social Media

Facebook-f Twitter Instagram

© Copyright devops-wala.com All rights reserved