How to use limit range in namespace

KubernetesHow-ToBeginner · 4 min read

How to Use Limit Range in Kubernetes Namespace

Use a LimitRange resource in a Kubernetes namespace to set default and maximum resource limits like CPU and memory for pods and containers. Apply a YAML manifest defining LimitRange to the namespace, and Kubernetes will enforce these limits automatically.

📐

Syntax

A LimitRange resource defines constraints on resource usage in a namespace. It includes spec.limits with types like Container or Pod, and sets max, min, and default resource values.

Key parts:

apiVersion: Kubernetes API version.
kind: Must be LimitRange.
metadata.name: Name of the LimitRange object.
spec.limits: List of limit rules.
type: Resource type, e.g., Container or Pod.
max: Maximum allowed resource.
min: Minimum allowed resource.
default: Default resource if none specified.

yaml

apiVersion: v1
kind: LimitRange
metadata:
  name: example-limitrange
spec:
  limits:
  - type: Container
    max:
      cpu: "2"
      memory: 1Gi
    min:
      cpu: "200m"
      memory: 6Mi
    default:
      cpu: "500m"
      memory: 200Mi
    defaultRequest:
      cpu: "200m"
      memory: 100Mi

💻

Example

This example creates a LimitRange in the dev namespace that limits container CPU to max 2 cores and memory to max 1Gi. It also sets default and minimum values. When a pod is created without resource requests or limits, Kubernetes applies these defaults automatically.

yaml

apiVersion: v1
kind: Namespace
metadata:
  name: dev
---
apiVersion: v1
kind: LimitRange
metadata:
  name: dev-limitrange
  namespace: dev
spec:
  limits:
  - type: Container
    max:
      cpu: "2"
      memory: 1Gi
    min:
      cpu: "200m"
      memory: 6Mi
    default:
      cpu: "500m"
      memory: 200Mi
    defaultRequest:
      cpu: "200m"
      memory: 100Mi
---
apiVersion: v1
kind: Pod
metadata:
  name: test-pod
  namespace: dev
spec:
  containers:
  - name: test-container
    image: nginx

Output

kubectl apply -f limitrange-example.yaml namespace/dev created limitrange/dev-limitrange created pod/test-pod created kubectl describe pod test-pod -n dev ... Containers: test-container: Limits: cpu: 500m memory: 200Mi Requests: cpu: 200m memory: 100Mi ...

⚠️

Common Pitfalls

Common mistakes when using LimitRange include:

Not applying the LimitRange to the correct namespace.
Forgetting to specify resource requests or limits in pod specs, expecting defaults to apply but using the wrong type in LimitRange.
Setting limits too low or too high, causing pod scheduling failures or resource starvation.
Confusing default and defaultRequest values.

Always verify the namespace and resource types match your pods.

yaml

apiVersion: v1
kind: LimitRange
metadata:
  name: wrong-limitrange
  namespace: default
spec:
  limits:
  - type: Pod
    max:
      cpu: "1"
      memory: 500Mi

# This won't apply to containers' resource requests properly.

# Correct version:
apiVersion: v1
kind: LimitRange
metadata:
  name: correct-limitrange
  namespace: default
spec:
  limits:
  - type: Container
    max:
      cpu: "1"
      memory: 500Mi

📊

Quick Reference

Tips for using LimitRange:

Apply LimitRange per namespace to control resource usage.
Use type: Container to set limits on individual containers.
Set default and defaultRequest to provide fallback values.
Check pod resource usage with kubectl describe pod.
Adjust limits to balance resource availability and fairness.

✅

Key Takeaways

Use LimitRange in a namespace to enforce resource limits on pods and containers automatically.

Set type to Container in LimitRange to control individual container resources like CPU and memory.

Default and defaultRequest values provide fallback resource settings when pods omit them.

Always apply LimitRange to the correct namespace and verify with kubectl describe commands.

Avoid setting limits too restrictive or too loose to prevent pod failures or resource waste.