A LimitRange object is used by cluster administrators to set default request and limit values for containers within a namespace. And minimum and maximum values for containers and pods within a namespace.
If you’re unfamiliar with container requests and limits within Kubernetes; click here.
Configuration a containers requests and limits setting is a well documented best practice. Cluster administrators use LimitRange objects to ensure that containers within a namespace align to this best practice.
Default Limits and Requests
A LimitRange object has 4 settings for configuring default requests and limits values. The value requirements are the same as those used when configuring limits and requests for a container.
Default Limits and Requests Example
The below manifest sets default memory and CPU values for a namespace.
Deploy a pod without configuring any limits or requests.
The containers Limits and Requests are set using the default values.
Let’s look at the behaviour if we set only the limit for CPU.
The container limit configuration took priority over the default value. The same behaviour occurs when configuring a limit with no requests at the container level.
Configuration of default limits causes a different behaviour to occur when a container configuration contains a requests value and no limits value.
Set Min and Max Requests and Limits
Cluster administrators can configure a minimum and maximum range for CPU and Memory resources used by containers within a namespace using LimitRange objects. If a containers resource configuration is not within the specified range, it cannot be deployed in that namespace.
Default requests and limits values are configured to match the max value if the namespace does not have defaults set. The default values can be configured in the same LimitRange manifest as min / max or in a separate manifest.
Container Min / Max Range
This section looks at configuring Min / Max ranges for containers within a namespace.
Create a limit range
Deploying a pod into the namespace without resources configured.
Deploy pod that exceeds min/max values
Pod Min/Max limits
This section looks at configuring Min / Max ranges for pods within a namespace. A pod object has requests and limits values equal to the sum of containers requests and limits within the pod.
Create and apply a LimitRange object
Deploy single container pod
Unlike a container limit range, a pod limit range does not create any default requests or limits. This error is because default and defaultRequest are not allowed when the type is Pod.
Let’s add the container LimitRange from before and see what happens.
Exceeding pod limits
The application of defaults at the container level with limits at the pod adds a layer of consideration. Default values impose limits on the minimum and the maximum number of containers in a pod.
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
Container cpu 250m 1 1 1 -
Container memory 256Mi 1Gi 1Gi 1Gi -
Pod cpu 500m 1 - - -
Pod memory 512Mi 2Gi - - -
The combination of container and pod LimitRanges has interesting effects.
A pod can have a maximum of 2 containers if no CPU requests or limits configured
A pod can have a maximum of 2 containers if no memory requests or limits configured
A pod can have a maximum of 4 containers due to the Container CPU minimum and Pod CPU maximum
A pod must have a minimum of 2 containers with minimum requests and limits set to the minimum
LimitRanges are quite simple at face value, but, combining container and pod, LimitRanges increases complexity.