Note: The following is only a fragment of resource restriction in the yaml file, not a complete yaml file
1. Resource restrictions for Pod
// cgroup-pod.yaml
spec:
containers:
- name: xxx
image: xxx
ports:
- protocol: TCP
containerPort: 80
resources:
limits: //硬限制
cpu: "4"
memory: 2Gi
requests: //运行pod时请求的资源数量
cpu: 260m
memory: 260Mi
2. Resource restrictions based on namespaces (a certain namespace can be specifically restricted)
//Compute resource quota
// compute-resource.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
pods: "20" //所有pod数量不可以超过20个
requests.cpu: "20" //初始请求的CPU不可以超过20m
requests.memory: 100Gi //初始请求的内存不可以超过100G
limits.cpu: "40" //CPU的硬限制
limits.memory: 200Gi //内存的硬限制
//Resource object quantity quota limit
// object-counts.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
name: object-counts
spec:
hard:
configmaps: "10" //最多可以创建10个configmap
persistentvolumeclaims: "4" //最多可以创建4个PVC
replicationcontrollers: "20" //最多可以创建20个RC资源对象
secrets: "10" //最多可以创建10个secrets
service.loadbalancers: "2" //最多可以创建2个svc
//Configure limitRange for CPU and memory
// limitRange.yaml
apiVersion: v1
kind: LimitRange
metadata:
name: mem-limit-range
spec:
limits:
- default:
memory: 50Gi //硬限制
cpu: 5 //硬限制
defaultRequest: //初始请求
memory: 1Gi
cpu: 1
type: Container //限制对象为容器