Chapter 13. Resource Limits
13.1. Overview
A LimitRange object enumerates the minimum and maximum resource usage values per object in a project.
13.2. Limits
A LimitRange object can enumerate the following limits for each object type and resource value that is created or modified in the project. If a usage limit is defined, and the incoming resource exceeds the allowed range, then the resource is forbidden from the project.
For some fields, in the absence of a value on the incoming resource, it is possible to apply a default value, if it is specified in the LimitRange definition.
| Type | ResourceName | Description | Default Value Supported |
|---|---|---|---|
|
|
| Minimum/maximum CPU allowed per container. | yes |
|
|
| Minimum/maximum memory allowed per container. | yes |
|
|
| Minimum/maximum CPU allowed across all containers in a pod. | no |
|
|
| Minimum/maximum memory allowed across all containers in a pod. | no |
13.3. Limit Enforcement
Once a LimitRange is created in a project, all resource create and modification requests are evaluated against each LimitRange object in the project. If the resource violates a minimum or maximum constraint enumerated, then the resource is rejected. If the resource does not set an explicit value, and if the constraint supports a default value, then the default value is applied to the resource.
For example, if the container does not express a CPU resource requirement, but the LimitRange specifies a default value for container CPU, then the default value is set to the allowed CPU usage for that container, and the minimum (if specified) is set as the minimum requested value for that container.
Example 13.1. Limit Range Object Definition
{
"apiVersion": "v1",
"kind": "LimitRange",
"metadata": {
"name": "limits" 1
},
"spec": {
"limits": [
{
"type": "Pod",
"max": {
"memory": "1Gi", 2
"cpu": "2" 3
},
"min": {
"memory": "1Mi", 4
"cpu": "250m" 5
}
},
{
"type": "Container",
"max": {
"memory": "1Gi", 6
"cpu": "2" 7
},
"min": {
"memory": "1Mi", 8
"cpu": "250m" 9
},
"default": {
"memory": "1Mi", 10
"cpu": "250m" 11
}
}
]
}
}- 1
- The name of the limit range document.
- 2
- The maximum amount of memory that a pod can consume on a node across all containers.
- 3
- The maximum amount of cpu that a pod can consume on a node across all containers.
- 4
- The minimum amount of memory that a pod can consume on a node across all containers.
- 5
- The minimum amount of cpu that a pod can consume on a node across all containers.
- 6
- The maximum amount of memory that a single container in a pod can consume.
- 7
- The maximum amount of cpu that a single container in a pod can consume.
- 8
- The maximum amount of memory that a single container in a pod can consume.
- 9
- The maximum amount of cpu that a single container in a pod can consume.
- 10
- The default amount of memory that a container will request if not specified.
- 11
- The default amount of cpu that a container will request if not specified.
13.4. Creating a Limit Range
To apply a limit range to a project, create a limit range object definition on your file system to your specifications, then run:
$ oc create -f <limit_range_file>
13.5. Viewing Limits
To view limits enforced in a project:
$ oc get limits NAME limits $ oc describe limits limits Name: limits Type Resource Min Max Default ---- -------- --- --- --- Pod memory 1Mi 1Gi - Pod cpu 250m 2 - Container memory 1Mi 1Gi 1Mi Container cpu 250m 250m 250m
13.6. Deleting Limits
If you do not want to enforce limits in a project, you can remove any active limit range by name:
$ oc delete limits <limit_name>
