Skip to main content

Kubernetes: 12. Resource Requirements & Limits

Scheduler

  • Kubernetes schedulers looks at the resource requirements of the pods and then schedules them on the node where the resources are available
  • If all the nodes are exhausted then the scheduler will not schedule the pod
  • In this case the pod remains on PENDING status. 
  • This can be seen in the pod events
  • By default a kubernetes assumes that a container within the pod requires (min) 0.5 CPU, 256Mi resources
  • If the pod requires more than this, then it can be set in the pod or the deployment definition file
  • CPU can be set as 0.5, 0.4 or 0.1 or 1 CPU count. 0.1 can also be mentioned as 100m
  • 1 CPU count means, 1 AWS vCPU, 1 GCP Core, 1 Azure Core, 1 Hyperthread
  • 1 Mi (pronounced as 1 Mebi byte = 1024 * 1024 bytes = 1024 Ki (Kibi byte)
  • Resources are configured at the container level, not pod level. But since a pod is a deployment unit, the total resources required by the containers of a pod is highlighted using requests and limits
SpecifyDescription
RequestsThe requests specification is used at pod placement time: Kubernetes will look for a node that has both enough CPU and memory according to the requests configuration.
LimitsThis is enforced at runtime. If a container exceeds the limits, Kubernetes will try to stop it. For CPU, it will simply curb the usage so a container typically can't exceed its limit capacity ; it won't be killed, just won't be able to use more CPU. If a container exceeds its memory limits, it could be terminated.


1 G (Gigabyte) = 1,000,000,000 bytes
1 M (Megabyte) = 1,000,000 bytes
1 K (Kilobyte) = 1,000 bytes

1 Gi (Gibibyte) = 1,073,741,824 bytes
1 Mi (Mebibyte) = 1,048,576 bytes
1 Ki (Kibibyte) = 1,024 bytes

  • Default values for the pods are picked up from the default values set in the namespace using LimitRange object
  • This is helpful when you want to specify a fixed amount of resources for the namespaces
  • Total value of the resources of all the pods cannot be more than what is set at the namespace level.
  • In a docker world, there is no limit on the resources for the container. 
  • So a container can start with 1vCPU and quickly consume all the CPUs suffocating the node
  • But in Kubernetes, if not specified then a Pod is limited (max) to 1 vCPU and memory to 512Mi. This can be overwritten in the pod or deployment definition file.
  • In the pod definition file below, (overwriting the default values)
    • spec.resources.requests specify the minimum resources assigned to the container and
    • spec.resources.limits specify the maximum resources assigned to the container
  • If a container tries to use more CPU than what is set in the limits, kubernetes will THROTTLE the container
  • But this is not the case with memory, kubernetes will allow to use more memory than what is set in limits, but if this is constantly done then the container is terminated
pod-definition.yaml
apiVersion: v1
kind: Pod
metadata:
    name: myapp-pod
    labels:
        app: myapp

spec:
    containers:
    - name: nginx-container
      image: nginx
    
    resources:
        requests:
            memory: "1Gi"
            cpu: 1
        limits:
            memory: "2Gi"
            cpu: 2

apiVersion: v1
kind: LimitRange
metadata:
    name: mem-limit-range

spec:
    limits:
    - default:
        memory: 512Mi
      defaultRequest:
        memory: 256Mi
      type: Container
---

apiVersion: v1
kind: LimitRange
metadata:
    name: cpu-limit-range

spec:
    limits:
    - default:
        cpu: 1
      defaultRequest:
        cpu: 0.5
        type: Container

Labels:

Comments

Post a Comment

Popular posts from this blog

Azure Active Directory

Azure Active directory (AAD) is a Identity as a Service. This is a smaller subset of Active directory. This is not a replacement to active directory at all. Azure active directory provides the identity services to the mobile apps and web apps in Private cloud. These apps may be connected to on-premise applications. So an SSO is enabled for these apps. So Azure active directory has very simple functionality. Create Users, Groups. Map groups to network security groups and provide the authentication to the resources. When you login to Azure portal, right upper corner of the screen has username along with the domain. Domain or tenant or organization are used interchangeably. Management of Users and Groups: Cloud identity (create users manually)  Directory synchronized identifiers (users are synchronized)  Add users Adding a cloud identity users makes the user as Guest When you do directory synchronization on Premise AD Groups are synched up wi...
Post a Comment
Read more

Kubernetes: 19. Configure Application

Configuring application consists of Configuring commands and arguments on applications Configuring environment variables Configuring secrets Docker Commands docker run ubuntu  -> Runs ubuntu container and exit, container CMD is set to [bash], so the container quitely exits docker run ubuntu echo "Hello World" -> Runs ubuntu container, prints "Hello World" exits quitely. To update the default settings, create your own image from the base image lets call this ubuntu-sleeper image FROM ubuntu CMD sleep 5 CMD can also be mentioned in the JSON format like CMD ["sleep", "5"] Note that with JSON format the first element should always be the command to execute,  for eg, it CANNOT be ["sleep 5"] Run build the new ubuntu-sleeper image and run the new image docker build -t ubuntu-sleeper .  -> Build the image docker run ubuntu-sleeper -> Run the new image So the new image will launch ubuntu container, sleep for 5 seconds and quitely ex...
Post a Comment
Read more

Kubernetes: 15. Multiple Schedulers

Custom Scheduler Kubernetes allows to create custom schedulers There can be multiple schedulers running at a same time apart from the default scheduler or A custom scheduler can replace the default kube-scheduler to become the default one So a few pods that requires additional checks apart from taints and toleration, node affinity can go through the custom scheduler before getting scheduled on the node Whereas the rest of the pods can go through the default kube-scheduler Create Custom Scheduler We can either download the kube-scheduler and run it as a service or alternatively create it using a static pod Below here we are downloading the binaries to run it The property scheduler-name is used to define the name of the scheduler, if not set then it will be defaulted to default-scheduler For your custom schedulers, update this property name to set a custom name for your scheduler For Static pods, the name can be updated directly in the pod-definition file Use kubectl create -f <pod-de...
Post a Comment
Read more