Resource Limiting

What is Resource Limiting?

In Kubernetes, resource limits and requests define how much CPU and memory (RAM) a container can use and request from the node.

They help prevent:

One pod from consuming too many resources
Unpredictable behavior due to resource starvation

Key Terms

Term	Description
Request	Minimum resources guaranteed to the container
Limit	Maximum resources the container is allowed to use

1. Resource Requests and Limits

The Kube scheduler uses requests to decide where to place pods.
The Kubelet enforces limits. If a container uses more than its memory limit, it is killed. CPU is throttled if it exceeds the limit.

YAML Example

apiVersion: v1
kind: Pod
metadata:
  name: resource-limited-pod
spec:
  containers:
  - name: app-container
    image: nginx
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"

📌 Here:

CPU Request: 250 millicores
CPU Limit: 500 millicores
Memory Request: 64 MiB
Memory Limit: 128 MiB

2. LimitRange

A namespace-level policy that sets default or max/min values for requests and limits.
This ensures users don’t forget to set them and prevents extreme resource claims.

Example:

  apiVersion: v1
  kind: LimitRange
  metadata:
    name: mem-limit-range
    namespace: dev
  spec:
    limits:
    - default:
        cpu: "500m"
        memory: "512Mi"
      defaultRequest:
        cpu: "250m"
        memory: "256Mi"
      type: Container

What this does:

If you don’t set resources in your Pod, it will automatically get:
- request: 250m CPU, 256Mi memory
- limit: 500m CPU, 512Mi memory

3. ResourceQuota

Another namespace-level object that caps total resource usage for all Pods in that namespace.
Prevents one team/app from hogging all cluster resources.

Example:

  apiVersion: v1
  kind: ResourceQuota
  metadata:
    name: dev-quota
    namespace: dev
  spec:
    hard:
      requests.cpu: "2"        # Sum of requests across namespace ≤ 2 CPUs
      requests.memory: "4Gi"   # Sum of requests ≤ 4Gi
      limits.cpu: "4"          # Sum of limits ≤ 4 CPUs
      limits.memory: "8Gi"
      pods: "10"               # Max 10 pods in this namespace

If someone tries to create more Pods or request more than allowed, Kubernetes will reject the request.

📋 Useful Commands

Action	Command
View limits on pod	`kubectl describe pod <pod-name>`
Set limits via YAML	`kubectl apply -f pod.yaml`
View LimitRange	`kubectl get limitrange`
Describe LimitRange	`kubectl describe limitrange <name>`

How They Work Together

Think of it like household budgeting:

Requests → your monthly minimum expenses (guaranteed).
Limits → your spending cap.
LimitRange → the house rules for how much any one person can spend by default.
ResourceQuota → the total budget for the whole household (namespace).

Flow in practice:

You create a Pod with requests & limits → Scheduler checks if a node has enough free capacity for the requests.
While running, container can use up to its limit.
If you omit them, LimitRange might assign defaults.
ResourceQuota ensures the total usage in that namespace stays within allowed limits.

Best Practices

Always define requests and limits.
Use LimitRange to enforce defaults.
Use ResourceQuota to cap total usage per namespace.

Resource Limiting in Kubernetes