This workshop has been deprecated and archived. The new Amazon EKS Workshop is now available at www.eksworkshop.com.
ResourceQuotas
are used to limit resources like cpu,memory, storage, and services. In this section we will set up ResourceQuotas
between two teams blue and red.
# Create different namespaces
kubectl create namespace blue
kubectl create namespace red
In this example environment we have two teams sharing the same resources. The Red team can provision only one Load Balancer and the Blue team has restrictions on memory and CPU usage.
kubectl create quota blue-team --hard=limits.cpu=1,limits.memory=1G --namespace blue
kubectl create quota red-team --hard=services.loadbalancers=1 --namespace red
A list of objects that quotas can be applied to can be found here
In next steps we will evaluate failed and successful attempts at creating resources.
Errors will occur when creating pods outside of the ResourceQuota
specifications.
# Error when creating a resource without defined limit
kubectl run --namespace blue --image hande007/stress-ng blue-cpu-pod --restart=Never -- --vm-keep --vm-bytes 512m --timeout 600s --vm 2 --oomable --verbose
# Error when creating a deployment without specifying limits (Replicaset has errors)
kubectl create --namespace blue deployment blue-cpu-deploy --image hande007/stress-ng
kubectl describe --namespace blue replicaset -l app=blue-cpu-deploy
# Error when creating more than one AWS Load Balancer
kubectl run --namespace red --image nginx:latest red-nginx-pod --restart=Never --limits=cpu=0.1,memory=100M
kubectl expose --namespace red pod red-nginx-pod --port 80 --type=LoadBalancer --name red-nginx-service-1
kubectl expose --namespace red pod red-nginx-pod --port 80 --type=LoadBalancer --name red-nginx-service-2
We create resources in blue namespace to use 75% of allocated resources
# Create Pod
kubectl run --namespace blue --limits=cpu=0.25,memory=250M --image nginx blue-nginx-pod-1 --restart=Never --restart=Never
kubectl run --namespace blue --limits=cpu=0.25,memory=250M --image nginx blue-nginx-pod-2 --restart=Never --restart=Never
kubectl run --namespace blue --limits=cpu=0.25,memory=250M --image nginx blue-nginx-pod-3 --restart=Never --restart=Never
Flag –requests has been deprecated, has no effect and will be removed in the future. Flag –limits has been deprecated, has no effect and will be removed in the future. You can ignore this warning as these flags will be deprecated in future release
We can query ResourceQuota
to see current utilization.
kubectl describe quota blue-team --namespace blue
kubectl describe quota red-team --namespace red
Output:
Name: blue-team
Namespace: blue
Resource Used Hard
-------- ---- ----
limits.cpu 750m 1
limits.memory 750M 1G
Name: red-team
Namespace: red
Resource Used Hard
-------- ---- ----
services.loadbalancers 1 1
Clean up the pods before moving on to free up resources
kubectl delete namespace red
kubectl delete namespace blue