Why do my pods not fulfill the resource quota limits if the number match?

memory kubernetes cpu google-kubernetes-engine quota
11,974

I was about to suggest to test within separate namespace, but see that you already tried.

As another workaround try to setup default limits by enabling LimitRanger admission controller and setting it up e.g.

apiVersion: v1
kind: LimitRange
metadata:
  name: cpu-limit-range
spec:
  limits:
  - default:
      memory: 256Mi
      cpu: 125m
    defaultRequest:
      cpu: 125m
      memory: 128Mi
    type: Container

Now if a Container is created in the default namespace, and the Container does not specify its own values for CPU request and CPU limit, the Container is given a default CPU limits of 125m and a default memory limit of 256Mi

Also, after setting up LimitRange, make sure you removed your deployment and there are no pods stuck in failed state.

Share:
11,974

Related videos on Youtube

Kalle Richter
Author by

Kalle Richter

Updated on June 04, 2022

Comments

  • Kalle Richter
    Kalle Richter almost 2 years

    After applying the following ResourceQuota compute-resources to my GKE Cluster

    apiVersion: v1
kind: ResourceQuota
metadata:
  name: compute-resources
spec:
  hard:
    limits.cpu: "1"
    limits.memory: 1Gi

    and updating a Deployment to

    apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-service
spec:
  selector:
    matchLabels:
      app: my-service
      tier: backend
      track: stable
  replicas: 2
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 50%
  template:
    metadata:
      labels:
        app: my-service
        tier: backend
        track: stable
    spec:
      containers:
        - name: my-service
          image: registry/namespace/my-service:latest
          ports:
            - name: http
              containerPort: 8080
          resources:
            requests:
              memory: "128Mi"
              cpu: "125m"
            limits:
              memory: "256Mi"
              cpu: "125m"

    the scheduling fails 100% of tries due to pods "my-service-5bc4c68df6-4z8wp" is forbidden: failed quota: compute-resources: must specify limits.cpu,limits.memory. Since limits and requests are specified and they fulfill the limit, I don't see a reason why the pods should be forbidden.

    How pod limits resource on kubernetes enforced when the pod exceed limits after pods is created ? is a different question.

    I upgraded my cluster to 1.13.6-gke.0.

    • Suresh Vishnoi
      Suresh Vishnoi almost 5 years
      Hi, Can you try with 1 replica, hopefully, there is no overhead of init containers, as your 2 replicas are adding it to 250m core
    • Kalle Richter
      Kalle Richter almost 5 years
      @SureshVishnoi Thanks for you input. I set replicas to 1. I set cpu: "1" as well and reproduced the issue in a separate namespace. Do you have another idea?
  • Kalle Richter
    Kalle Richter almost 5 years
    Thanks for your input. I replaced ResourceQuota with LimitRange and changed it for the namespace with kubectl replace file.yml --namespace=mynamespace. I deleted the deployments (no pods were created). After recreation of the deployment the creation of pods still fails due to Error creating: pods "my-service-85d5cf694d-vmhzb" is forbidden: exceeded quota: compute-resources, requested: limits.cpu=250m,limits.memory=64Mi, used: limits.cpu=2250m,limits.memory=2Gi, limited: limits.cpu=1,limits.memory=1Gi. The behaviour is the same on GKE as well as locally on microk8s on Ubuntu.
  • A_Suh
    A_Suh almost 5 years
    at least LimitRange has solved must specify limits.cpu,limits.memory issue. So now you have another issue - exceeded quota, which is expected because you have already used your quota ) Check the current usage kubectl describe ResourceQuota -n mynamespace
  • Kalle Richter
    Kalle Richter almost 5 years
    How to figure out where the quota values come from? I haven't configured them. The pod doesn't exceed the quota by it's specifications as well as by it runtime requirements (just idles). So, I don't see any reason why I should get this error.
  • A_Suh
    A_Suh almost 5 years
    @KarlRichter Is there anything kubectl get all -n mynamespace

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Allow only one pod of a type on a node in Kubernetes
How do I get sar to show for specific dates?
Kubernetes: Putting JSON value in YAML file
failed to load kubelet config file
kubernetes Deployment. how to change container environment variables for rolling updates?
Kubernetes: Delete secret from pod
Tensorflow CPU memory problem (allocation exceeds 10% of system memory)
Delete namespace and also delete helm deployment?
how to connect a kubernetes pod to the outside world without a forwarding rule (google container engine)
k8s hpa can't get the cpu information