Namespace, ResourceQuota, LimitRange
1. Namespace
1-1) Namespace
apiVersion: v1
kind: Namespace
metadata:
name: nm-1
1-2) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-1
namespace: nm-1
labels:
app: pod
spec:
containers:
- name: container
image: kubetm/app
ports:
- containerPort: 8080
1-3) Service
apiVersion: v1
kind: Service
metadata:
name: svc-1
namespace: nm-1
spec:
selector:
app: pod
ports:
- port: 9000
targetPort: 8080
1-1') Namespace
apiVersion: v1
kind: Namespace
metadata:
name: nm-2
1-2') Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-1
namespace: nm-2
labels:
app: pod
spec:
containers:
- name: container
image: kubetm/init
ports:
- containerPort: 8080
pod ip :
curl 10.16.36.115:8080/hostname
service ip :
curl 10.96.92.97:9000/hostname
Namespace Exception
e-1) Service
apiVersion: v1
kind: Service
metadata:
name: svc-2
spec:
ports:
- port: 9000
targetPort: 8080
nodePort: 30001
type: NodePort
- kubernetes dahsboard UI Port가 30000으로 변경되어 해당 실습 port는 30001로 하시면 됩니다
e-2) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-2
spec:
nodeSelector:
kubernetes.io/hostname: k8s-node1
containers:
- name: container
image: kubetm/init
volumeMounts:
- name: host-path
mountPath: /mount1
volumes:
- name : host-path
hostPath:
path: /node-v
type: DirectoryOrCreate
echo "hello" >> hello.txt
2. ResourceQuota
2-1) Namespace
apiVersion: v1
kind: Namespace
metadata:
name: nm-3
2-2) ResourceQuota
apiVersion: v1
kind: ResourceQuota
metadata:
name: rq-1
namespace: nm-3
spec:
hard:
requests.memory: 1Gi
limits.memory: 1Gi
ResourceQuota Check Command
kubectl describe resourcequotas --namespace=nm-3
2-3) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-2
spec:
containers:
- name: container
image: kubetm/app
2-4) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-3
spec:
containers:
- name: container
image: kubetm/app
resources:
requests:
memory: 0.5Gi
limits:
memory: 0.5Gi
3. LimitRange
3-1) Namespace
apiVersion: v1
kind: Namespace
metadata:
name: nm-5
3-2) LimitRange
apiVersion: v1
kind: LimitRange
metadata:
name: lr-1
spec:
limits:
- type: Container
min:
memory: 0.1Gi
max:
memory: 0.4Gi
maxLimitRequestRatio:
memory: 3
defaultRequest:
memory: 0.1Gi
default:
memory: 0.2Gi
LimitRange Check Command
kubectl describe limitranges --namespace=nm-5
3-3) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: container
image: kubetm/app
resources:
requests:
memory: 0.1Gi
limits:
memory: 0.5Gi
LimitRange Exception
e-1) Namespace
apiVersion: v1
kind: Namespace
metadata:
name: nm-6
e-2) LimitRange
apiVersion: v1
kind: LimitRange
metadata:
name: lr-5
spec:
limits:
- type: Container
min:
memory: 0.1Gi
max:
memory: 0.5Gi
maxLimitRequestRatio:
memory: 1
defaultRequest:
memory: 0.5Gi
default:
memory: 0.5Gi
e-3) LimitRange
apiVersion: v1
kind: LimitRange
metadata:
name: lr-3
spec:
limits:
- type: Container
min:
memory: 0.1Gi
max:
memory: 0.3Gi
maxLimitRequestRatio:
memory: 1
defaultRequest:
memory: 0.3Gi
default:
memory: 0.3Gi
e-4) Pod
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: container
image: kubetm/app
LimitRange에 대한 강의 내용 보충
ResourceQuota는 Namespace 뿐만 아니라 Cluster 전체에 부여할 수 있는 권한이지만, LimitRange의 경우 Namespace내에서만 사용 가능합니다.kubectl
Describe
# nm-3의 Namespace에 있는 ResourceQuota들의 상세 조회
kubectl describe resourcequotas --namespace=nm-3
# nm-5의 Namespace에 있는 LimitRange들의 상세 조회
kubectl describe limitranges --namespace=nm-5
Referenece
* Kubernetes
- Share a Cluster with Namespaces : https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
- Resource Quotas : https://kubernetes.io/docs/concepts/policy/resource-quotas/
- Limit Ranges : https://kubernetes.io/docs/concepts/policy/limit-range/