OpenShift Administrator’s Office Hour - Controlling Pod Resource Consumption
February 12, 2021 | by
As administrators we have to strike a balance between granting unfettered access to resources by applications and preventing overconsumption of resources. Importantly, we also want to take precautions to avoid an accident or typo from affecting other applications, Pods, or even the whole cluster.
During this week’s stream we addressed how to use Kubernetes’ LimitRange and Quota objects to implement controls. By encouraging the application developer and administrator to consider the resources they need, it allows us to more easily balance, predict, and control resource consumption at the infrastructure layer, cost effectively and without wasting resources
As always, please see the list below for additional links to specific topics, questions, and supporting materials for the episode!
If you’re interested in more streaming content, please subscribe to the OpenShift.tvstreaming calendar to see the upcoming episode topics and to receive any schedule changes. If you have questions or topic suggestions for the OpenShift Administrator’s Office Hour, please contact us via Discord, Twitter, or come join us live, Wednesdays at 11am EST / 1600 UTC, on YouTube and Twitch.
A GitHub repo with some example scenarios showing how to control access to resources using LimitRanges and Quotas. You can see a video of this code in action here.
A great way to simplify creating and applying LimitRanges and Quotas for projects is to create a customized Project template. I demoed this at the end of the stream, however we had to end before it was working. I promised to follow up with any issues/reasons why it wasn’t working, but it turns out I was just too impatient - it takes a couple minutes for the API server to restart with the new config, afterward it works exactly as expected!
Other links and materials referenced during the stream:
The OpenShift Labs team recently published an update graph tool for OpenShift. This very helpful tool shows the exact upgrade path between OpenShift versions and includes a helpful visualization of the upgrade edges. You can listen to us talk about the tool and see it in action starting here.
We followed up on the topic of mirroring disconnected Operator catalogs from a few weeks ago during the stream here. What we discovered is that the oc CLI tool has a bug that prevents the catalog from mirroring to disk successfully, though it may be working with the most recent version, 4.6.16. If you’re looking for a workaround, please view the stream starting at 10:58.
Other questions answered during the stream:
Is the cluster network, defined in install-config.yaml, required to be a /14? No, it’s not. We talk about all three types of networks defined in the install-config.yaml, what their role is, and how to determine the precise values you need starting at the 17:43 timestamp.
Overview The policy framework in Red Hat Advanced Cluster Management for Kubernetes (RHACM) is a powerful feature that help you to govern your configurations across multiple clusters. You can enforce ...