Kubernetes container资源配额 LimitRange

Kubernetes container资源配额 LimitRange

资源配额 LimitRange

默认情况下，K8s集群上的容器对计算资源没有任何限制，可能会导致个别容器资源过大导致影响其他容器正常工作，这时可以使用LimitRange定义容器默认CPU和内存请求值或者最大上限。(默认是使用宿主机上面所有的资源)

在哪个命名空间下面创建，那么就是应用在哪个命名空间。

LimitRange限制维度：

• 限制容器配置requests.cpu/memory，limits.cpu/memory的最小、最大值

• 限制容器配置requests.cpu/memory，limits.cpu/memory的默认值

• 限制PVC配置requests.storage的最小、最大值

限制创建pod设置request和limit，最小得超过最小值，但是不能超过最大值，就是最小和最大的限

制。下面是针对于pod下面的每一个容器的。

[root@master limitrnage]# kubectl apply -f test1.yaml limitrange/cpu-memory-min-max created[root@master limitrnage]# cat test1.yaml apiVersion: v1kind: LimitRangemetadata: name: cpu-memory-min-max namespace: dev1spec: limits: - max: #容器能够设置limit最大值 cpu: 1 memory: 1Gi min: #容器能够设置request最小值 cpu: 200m memory: 200Mi type: Container

[root@master limitrnage]# kubectl get limits -n dev1NAME CREATED ATcpu-memory-min-max 2021-07-02T01:01:16Z[root@master limitrnage]# kubectl describe limits cpu-memory-min-max -n dev1Name: cpu-memory-min-maxNamespace: dev1Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio---- -------- --- --- --------------- ------------- -----------------------Container cpu 200m 1 1 1 -Container memory 200Mi 1Gi 1Gi 1Gi

测试request,小于request

[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx resources: requests: cpu: 100m memory: 100Mi[root@master limitrnage]# kubectl apply -f pod.yaml Error from server (Forbidden): error when creating "pod.yaml": pods "web" is forbidden: [minimum cpu usage per Container is 200m, but request is 100m, minimum memory usage per Container is 200Mi, but request is 100Mi]

request值大于limit

[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx resources: requests: cpu: 1500m memory: 400Mi[root@master limitrnage]# kubectl apply -f pod.yaml The Pod "web" is invalid: spec.containers[0].resources.requests: Invalid value: "1500m": must be less than or equal to cpu limit

测试limit，request值正常，但是limit的值不符合要求，超过CPU限制

[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx resources: requests: cpu: 300m memory: 400Mi limits: cpu: 2 memory: 1Gi [root@master limitrnage]# kubectl apply -f pod.yaml Error from server (Forbidden): error when creating "pod.yaml": pods "web" is forbidden: maximum cpu usage per Container is 1, but limit is 2

超过mem限制

[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx resources: requests: cpu: 300m memory: 400Mi limits: cpu: 500m memory: 2Gi [root@master limitrnage]# kubectl apply -f pod.yaml Error from server (Forbidden): error when creating "pod.yaml": pods "web" is forbidden: maximum memory usage per Container is 1Gi, but limit is 2Gi

计算资源默认值限制

不指定request和limit的值的时候，会发生什么变化。

#在设置的上面的limit最大值和request最小值的的时候，如果创建容器不指定其resources字段，默认以limit最大值进行分配[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx[root@master limitrnage]# kubectl apply -f pod.yaml pod/web created[root@master limitrnage]# kubectl describe pod web -n dev1Name: webNamespace: dev1Priority: 0...................................... Limits: #可以看到是以最大值进行分配 cpu: 1 memory: 1Gi Requests: cpu: 1 memory: 1Gi

所以还要设置一个默认值，否则默认值会比较大，因为参考的是最大值。

[root@master limitrnage]# cat test1.yaml apiVersion: v1kind: LimitRangemetadata: name: cpu-memory-min-max namespace: dev1spec: limits: - max: cpu: 1 memory: 1Gi min: cpu: 200m memory: 200Mi defaultRequest: cpu: 300m memory: 300Mi type: Container [root@master limitrnage]# kubectl describe limits cpu-memory-min-max -n dev1Name: cpu-memory-min-maxNamespace: dev1Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio---- -------- --- --- --------------- ------------- -----------------------Container cpu 200m 1 300m 1 -Container memory 200Mi 1Gi 300Mi 1Gi -[root@master limitrnage]# cat pod.yaml apiVersion: v1kind: Podmetadata: name: web namespace: dev1spec: containers: - image: nginx name: nginx[root@master limitrnage]# kubectl apply -f pod.yaml pod/web created[root@master limitrnage]# kubectl get pod -n dev1NAME READY STATUS RESTARTS AGEweb 1/1 Running 0 19s[root@master limitrnage]# kubectl describe pod web -n dev1Name: webNamespace: dev1............................................. Limits: cpu: 1 memory: 1Gi Requests: cpu: 300m memory: 300Mi

这里最好将默认最大值limit也限制一下，要不然是按照最大值限制的。

存储资源最大、最小限制：pvc申请超过10G会拒绝，低于1G也会拒绝，这个范围就是1-10G

[root@master limitrnage]# kubectl describe limits storage-min-max -n dev1Name: storage-min-maxNamespace: dev1Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio---- -------- --- --- --------------- ------------- -----------------------PersistentVolumeClaim storage 1Gi 10Gi - - -[root@master limitrnage]# cat test2.yaml apiVersion: v1kind: LimitRangemetadata: name: storage-min-max namespace: dev1spec: limits: - type: PersistentVolumeClaim max: storage: 10Gi min: storage: 1Gi

[root@master limitrnage]# cat pvc.yaml apiVersion: v1kind: PersistentVolumeClaimmetadata: name: nfs-pvc namespace: dev1spec: accessModes: - ReadWriteMany resources: requests: storage: 15Gi storageClassName: nfs[root@master limitrnage]# kubectl apply -f pvc.yaml Error from server (Forbidden): error when creating "pvc.yaml": persistentvolumeclaims "nfs-pvc" is forbidden: maximum storage usage per PersistentVolumeClaim is 10Gi, but request is 15Gi

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。