Kubernetes allows us to manage resources efficiently by defining resource requests and limits for containers. Additionally, **resource quotas** help enforce usage policies at the namespace level, ensuring resources are shared fairly across teams or projects. In this guide, we’ll explore resource requests, limits, and quotas, along with examples of how to configure them in a Kubernetes cluster.
Resource requests define the minimum amount of CPU and memory a container needs to operate. Kubernetes uses these values when deciding where to schedule a pod.
Resource limits define the maximum amount of CPU and memory a container can use. If a container tries to exceed these limits, Kubernetes will either throttle the container (for CPU) or terminate it (for memory).
You can define resource requests and limits in a pod's specification, as shown in this example:
apiVersion: v1
kind: Pod
metadata:
name: myapp-pod
spec:
containers:
- name: myapp-container
image: myapp:latest
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"A **resource quota** is a mechanism that sets hard limits on the amount of resources (like CPU, memory, or storage) a namespace can consume. Resource quotas are useful for limiting resource usage in environments shared by multiple teams or projects. By enforcing quotas, administrators can ensure fair resource distribution across the cluster.
You can define a resource quota using a YAML file like the following example:
apiVersion: v1
kind: ResourceQuota
metadata:
name: dev-quota
namespace: dev
spec:
hard:
pods: "10"
requests.cpu: "4"
requests.memory: 8Gi
limits.cpu: "8"
limits.memory: 16GiIn this example, the dev namespace is limited to:
Once you define the resource quota in the YAML file, apply it to the cluster using the following command:
kubectl apply -f resource-quota.yaml
Example output:
resourcequota/dev-quota created
To check how much of the quota has been consumed in a namespace, use the following command:
kubectl get resourcequota dev-quota -n dev --output=yaml
Example output:
apiVersion: v1
kind: ResourceQuota
metadata:
name: dev-quota
namespace: dev
spec:
hard:
limits.cpu: "8"
limits.memory: 16Gi
pods: "10"
requests.cpu: "4"
requests.memory: 8Gi
status:
hard:
limits.cpu: "8"
limits.memory: 16Gi
pods: "10"
requests.cpu: "4"
requests.memory: 8Gi
used:
limits.cpu: "2"
limits.memory: 4Gi
pods: "5"
requests.cpu: "1"
requests.memory: 2Gi
In this output, the hard section shows the quota's limits, and the used section shows the current resource usage. In this case, 5 out of 10 pods are in use, with 2Gi of memory and 1 CPU core requested.
To delete a resource quota from a namespace, use the following command:
kubectl delete resourcequota dev-quota -n dev
Example output:
resourcequota "dev-quota" deleted
You can monitor resource usage in real-time with the following command:
kubectl top pod --namespace=dev
Example output:
NAME CPU(cores) MEMORY(bytes) my-app-1 200m 100Mi my-app-2 300m 150Mi
This command helps you understand how much CPU and memory each pod is consuming, and you can compare it with the resource requests and limits defined earlier.
Resource requests, limits, and quotas are essential tools for efficient resource management in Kubernetes. By setting proper resource requests and limits at the container level and enforcing quotas at the namespace level, you can ensure fair and efficient use of your cluster's resources.