Set Namespace Resource Limit
Namespace Resource limit
When multiple users or teams share a CCE cluster, resource constraints need to be set for each user or team's tenant to prevent a user or team from occupying too many resources in the cluster. The cluster administrator can set resource quota for each tenant through Resource Quota.
Resource Quota Supports Limited Resources
- Computing resource constraints
Resource name | Description |
---|---|
cpu | Under this namespace, the sum of CPU requests of all Pod resources not in ternial state cannot exceed this value |
limits.cpu | Under this namespace, the sum of total CPU limits of all Pod resources that are not in the terminal state cannot exceed this value |
limits.memory | Under this namespace, the sum of total memory limits of all Pod resources that are not in the terminal state cannot exceed this value |
memory | Under this namespace, the sum of total memory requests of all Pod resources that are not in the terminal state cannot exceed this value |
requests.cpu | Under this namespace, the sum of total CPU requests of all Pod resources that are not in the terminal state cannot exceed this value |
requests.memory | Under this namespace, the sum of total memory requests of all Pod resources that are not in the terminal state cannot exceed this value |
- Storage resource limitations
Resource name | Description |
---|---|
requests.storage | Under this namespace, the total storage requests of all persistent volume claims cannot exceed this value |
persistentvolumeclaims | The total number of persistent volume claims that exist under this namespace cannot exceed this value |
requests.ephemeral-storage | The sum of total storage requests of local temporary storage of all pods under this namespace cannot exceed this value |
limits.ephemeral-storage | The sum of total storage limit of local temporary storage of all pods under this namespace cannot exceed this value |
- API resource limit
Resource name | Description |
---|---|
configmaps | Number of ConfigMap that can be created under this namespace |
secrets | Number of secrets that can be created under this namespace |
persistentvolumeclaims | Number of persistent volume claims that can be created under this namespace |
services | Number of services that can be created under this namespace |
services.loadbalancers | Number of load balancer type services that can be created under this namespace |
services.nodeports | Number of node port type services that can be created under this namespace |
pods | Number of non-terminal Pod that can exist in this namespace |
deployments.apps | Number of deployments that can be created under this namespace |
statefulsets.apps | Number of statefullsets that can be created under this namespace |
jobs.batch | Number of jobs that can be created under this namespace |
cronjobs.batch | Number of cronjobs that can be created under this namespace |
Example
This example demonstrates the number of PersistentVolumeClaims created in a namespace by ResourceQuota.
(1) Create sample namespace
kubectl create namespace quota-example
(2) Create ResourceQuota
Save the following yaml as quota-demo.yaml and create ResourceQuota kubectl create -f quota-demo.yaml
. The ResourceQuota restricts this namespace to create only one PersistentVolumeClaim.
apiVersion: v1
kind: ResourceQuota
metadata:
name: quota-demo
namespace: quota-example
spec:
hard:
persistentvolumeclaims: "1"
(3) Verify ResourceQuota Create a PersistentVolumeClaim by the following yaml.
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-quota-demo
namespace: quota-example
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
View PersistentVolumeClaim created successfully.
kubectl get persistentvolumeclaims --namespace=quota-example
The results are as follows. PersistentVolumeClaim Creation success.
NAME STATUS
pvc-quota-demo Pending
Try to create a second PersistentVolumeClaim by the following yaml.
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-quota-demo-2
namespace: quota-example
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
As a result, as you can see, ResourceQuota takes effect, limiting the creation of the second PersistentVolumeClaim.
persistentvolumeclaims "pvc-quota-demo-2" is forbidden:
exceeded quota: object-quota-demo, requested: persistentvolumeclaims=1,
used: persistentvolumeclaims=1, limited: persistentvolumeclaims=1