radin/my-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f96378c4806267d9cf9c0d412cfbb4302809e19c
my-docs/Containerization-Orchestration/Kubernetes/workloads/16-limirange.md
RadinPirouz f96378c480 k8s limitrange doc
2025-10-04 10:05:42 +03:30

3.5 KiB
Raw Blame History

LimitRange in Kubernetes

Overview

A LimitRange in Kubernetes is a namespace-level policy object that defines constraints on the compute resources that individual Pods and Containers can request and use. It helps ensure that workloads run efficiently and fairly within a shared cluster.

A LimitRange can set:

  • Minimum and maximum resource requests and limits
  • Default requests and limits if none are specified by the user

While a ResourceQuota enforces limits at the namespace level (total resource usage), a LimitRange enforces rules at the Pod or Container level.

Why Use a LimitRange

In a shared cluster, users might:

  • Deploy Pods without specifying any resource requests or limits.
  • Request excessive resources, leading to inefficient utilization.

A LimitRange prevents these issues by:

  • Automatically applying default resource values when unspecified.
  • Enforcing minimum and maximum resource thresholds.
  • Ensuring fair distribution of resources among applications.

How It Works

When a Pod or Container is created in a namespace with a LimitRange:

  1. The Kubernetes API server checks if resource requests and limits are defined.
  2. If they are not provided, the LimitRange applies the configured default values.
  3. If provided values fall outside the configured minimum or maximum bounds, the API server rejects the creation request.

Example: LimitRange YAML

apiVersion: v1
kind: LimitRange
metadata:
  name: mem-cpu-limits
  namespace: dev-team
spec:
  limits:
  - type: Container
    max:
      cpu: "2"          # Maximum 2 cores per container
      memory: "2Gi"     # Maximum 2Gi memory per container
    min:
      cpu: "200m"       # Minimum 0.2 cores per container
      memory: "256Mi"   # Minimum 256Mi memory per container
    default:
      cpu: "500m"       # Default limit if not specified
      memory: "512Mi"
    defaultRequest:
      cpu: "250m"       # Default request if not specified
      memory: "256Mi"

Example Behavior

Scenario Request/Limit Defined? Result
None No Defaults applied (250m CPU, 256Mi Memory)
Too High Yes (e.g., 3 CPU) Rejected — exceeds max of 2
Too Low Yes (e.g., 100m CPU) Rejected — below min of 200m

Viewing a LimitRange

You can inspect LimitRanges in a namespace using:

kubectl get limitrange -n dev-team
kubectl describe limitrange mem-cpu-limits -n dev-team

LimitRange vs ResourceQuota

Feature LimitRange ResourceQuota
Scope Per Container/Pod Per Namespace
Controls Min/Max/Default resource values Total resource usage
Purpose Enforce sane defaults and bounds Prevent namespace-wide overuse
Works best with ResourceQuota LimitRange

Summary

A LimitRange ensures that every Pod or Container in a namespace has appropriate resource requests and limits, preventing resource misuse and ensuring cluster stability. It complements ResourceQuota to provide complete resource management across both individual workloads and namespaces.

Reference in New Issue View Git Blame Copy Permalink