Kubernetesdevops~5 mins

Limit ranges for defaults in Kubernetes - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes containers in Kubernetes use too much or too little CPU and memory. Limit ranges let you set default resource limits and requests so containers have balanced resources without manual setup.

When you want every container in a namespace to have a default CPU and memory limit to avoid resource hogging.

When you want to ensure containers request a minimum amount of CPU and memory to run properly.

When you want to prevent users from accidentally creating containers that use too many resources.

When you want to enforce consistent resource usage policies across all pods in a namespace.

When you want to avoid pods being killed or throttled because they exceed cluster resource limits.

Config File - limitrange.yaml

limitrange.yaml

apiVersion: v1
kind: LimitRange
metadata:
  name: default-limits
  namespace: example-namespace
spec:
  limits:
  - default:
      cpu: 500m
      memory: 256Mi
    defaultRequest:
      cpu: 250m
      memory: 128Mi
    type: Container

This file creates a LimitRange named default-limits in the example-namespace.

The default section sets default CPU and memory limits for containers that do not specify them.

The defaultRequest section sets default CPU and memory requests, which is the minimum guaranteed resource.

The type: Container means these limits apply to individual containers inside pods.

Commands

This command creates the LimitRange resource in the example-namespace to set default CPU and memory limits and requests for containers.

Terminal

kubectl apply -f limitrange.yaml

Expected OutputExpected

limitrange/default-limits created

This command lists all LimitRanges in the example-namespace to verify that the default limits were created.

Terminal

kubectl get limitrange -n example-namespace

Expected OutputExpected

NAME CREATED AT default-limits 2024-06-01T12:00:00Z

→

-n - Specifies the namespace to look in

This command generates a pod manifest named test-pod.yaml in example-namespace without creating it, so you can inspect resource defaults applied by LimitRange.

Terminal

kubectl run test-pod --image=nginx --restart=Never -n example-namespace --dry-run=client -o yaml > test-pod.yaml

Expected OutputExpected

No output (command runs silently)

→

--dry-run=client - Generates the manifest without creating the pod

→

-o yaml - Outputs the manifest in YAML format

This command creates the test-pod in example-namespace. Since the pod does not specify resources, the LimitRange defaults apply automatically.

Terminal

kubectl apply -f test-pod.yaml

Expected OutputExpected

pod/test-pod created

This command shows detailed information about test-pod, including the CPU and memory limits and requests applied by the LimitRange.

Terminal

kubectl describe pod test-pod -n example-namespace

Expected OutputExpected

Name: test-pod Namespace: example-namespace Containers: nginx: Image: nginx Limits: cpu: 500m memory: 256Mi Requests: cpu: 250m memory: 128Mi Status: Pending

→

-n - Specifies the namespace of the pod

Key Concept

If you remember nothing else from this pattern, remember: LimitRanges set default resource limits and requests so containers have balanced CPU and memory without manual setup.

Common Mistakes

Not specifying the namespace when applying or checking LimitRanges.

LimitRanges are namespace-scoped, so commands without the correct namespace won't find or apply them.

Always use the -n flag with the correct namespace when working with LimitRanges.

Expecting LimitRanges to apply to pods that already specify resource limits.

LimitRanges only apply defaults when containers do not specify resource requests or limits.

Set resource requests and limits in pod specs if you want to override LimitRange defaults.

Creating LimitRanges without the type: Container field.

Without specifying type, the LimitRange may not apply to containers as expected.

Always include type: Container to apply limits to container resources.

Summary

Create a LimitRange resource to set default CPU and memory limits and requests for containers in a namespace.

Apply the LimitRange with kubectl apply and verify it exists with kubectl get limitrange.

Create pods without resource specs to see LimitRange defaults applied automatically.

Use kubectl describe pod to confirm the resource limits and requests on containers.