Skip to content

Kubernetes resource Limit

In Kubernetes, a resource Limit defines the maximum amount of compute resources (such as CPU and Memory) that a container is allowed to use^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]. It acts as a constraint to prevent a specific container from monopolizing node resources, ensuring fair resource distribution among all containers in the cluster^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

Core Concepts

To effectively manage cluster resources, Kubernetes relies on two primary mechanisms: Requests and Limits^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

  • Request: The minimum amount of resources guaranteed to the container. The Kubernetes scheduler uses this value to determine which Node has sufficient space to place the Pod^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].
  • Limit: The maximum amount of resources a container can consume^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]. Setting a limit to 0 indicates no restriction is applied, allowing the container to consume resources infinitely (up to the Node's capacity)^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

The relationship between these values must adhere to the following logic^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]:

  • 0 <= request <= Node Allocatable
  • request <= limit <= Infinity

Resource Types

Kubernetes abstracts underlying hardware into quantifiable Metrics. The two most common resource types are^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]:

  • CPU: Measured in units of "cores" (e.g., 500m for 0.5 cores, or 1 for a full core). One CPU unit equates to roughly 1 AWS vCPU, 1 GCP Core, 1 Azure vCore, or 1 Intel Hyperthread^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].
  • Memory: Measured in bytes. It can be expressed as a plain integer or with suffixes (E, P, T, G, M, K) representing powers of 1024^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

Quality of Service (QoS) Classes

Based on the Request and Limit settings, Kubernetes assigns a Quality of Service (QoS) class to each Pod^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]. This classification determines the Pod's priority and behavior when the Node faces resource pressure (such as memory exhaustion).

Guaranteed

A Pod is classified as Guaranteed if every container within it meets two conditions^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]: 1. request.memory == limit.memory 2. request.cpu == limit.cpu

These Pods have the highest priority. They are the last to be evicted if the system runs out of resources, provided they do not exceed their defined limits^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

Burstable

A Pod is classified as Burstable if^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]: 1. It is not a Guaranteed Pod. 2. At least one container in the Pod has a memory or CPU request set.

These Pods have a guaranteed minimum resource (the request) but can potentially use more (up to the limit) if resources are available. In the event of resource scarcity, they are evicted only after BestEffort Pods^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

BestEffort

A Pod is classified as BestEffort if no containers in the Pod have any request or limit values set^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

These Pods have the lowest priority. When system memory is insufficient, they are the first candidates to be killed to free up resources^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

Strategic Implications

When limit is set higher than request, the container operates with a baseline guarantee but can "burst" to use extra resources when the Node has idle capacity^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md]. Proper configuration of Requests and Limits is crucial for: * Stability: Preventing runaway processes from crashing the Node. * Efficiency: Allowing over-subscription of resources (burstable capacity) while maintaining guarantees for critical workloads^[400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md].

Sources

  • 400-devops__06-Kubernetes__k8s-ithelp__Day21__README.md