Note: the following is only a fragment of resource restriction in yaml file, not a complete yaml file, but only a sketch of its own.
1. Restrictions on pod resources:
[root@master limit]# vim cgroup-pod.yaml
spec:
containers:
- name: xxx
image: xxx
ports:
- protocol: TCP
containerPort: 80
resources:
limits: #Hard limit
cpu: "4"
memory: 2Gi
requests: #Number of resources requested when running pod
cpu: 260m
memory: 260Mi2. Resource restriction based on namespace (a specific namespace can be restricted)
1) calculate resource quota
[root@master limit]# vim compute-resource.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
pods: "20" #No more than 20 pod s
requests.cpu: "20" #The initial requested CPU cannot exceed 20 m
requests.memory: 100Gi #The initial requested memory cannot exceed 100G
limits.cpu: "40" #Hard limit of CPU
limits.memory: 200Gi #Hard limit of memory2) quota limit of resource objects
[root@master limit]# vim object-counts.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
name: object-counts
spec:
hard:
configmaps: "10" #Up to 10 configmap s can be created
persistentvolumeclaims: "4" #Up to 4 PVC can be created
replicationcontrollers: "20" #Up to 20 RC resource objects can be created
secrets: "10" #Up to 10 secrets can be created
service.loadbalancers: "2" #Up to 2 SVCS can be created3) configure the CPU and memory limitRange
[root@master limit]# vim limitRange.yaml
apiVersion: v1
kind: LimitRange
metadata:
name: mem-limit-range
spec:
limits:
- default:
memory: 50Gi #Hard limit
cpu: 5 #Hard limit
defaultRequest: #Initial request
memory: 1Gi
cpu: 1
type: Container #Restrict objects to containers————————Thank you for reading————————