From d9f097f286d252a2ddf2b1402821da39ba624384 Mon Sep 17 00:00:00 2001 From: markturansky Date: Mon, 12 Sep 2016 12:08:06 -0400 Subject: [PATCH] added storage limit example --- _data/guides.yml | 1 + .../resourcequota/limitstorageconsumption.md | 75 +++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 docs/admin/resourcequota/limitstorageconsumption.md diff --git a/_data/guides.yml b/_data/guides.yml index d3f7f7f43b..38ee10b438 100644 --- a/_data/guides.yml +++ b/_data/guides.yml @@ -189,6 +189,7 @@ toc: - docs/admin/disruptions.md - docs/admin/resourcequota/index.md - docs/admin/resourcequota/walkthrough.md + - docs/admin/resourcequota/limitstorageconsumption.md - docs/admin/rescheduler.md - docs/admin/sysctls.md - docs/admin/cluster-components.md diff --git a/docs/admin/resourcequota/limitstorageconsumption.md b/docs/admin/resourcequota/limitstorageconsumption.md new file mode 100644 index 0000000000..888041f65a --- /dev/null +++ b/docs/admin/resourcequota/limitstorageconsumption.md @@ -0,0 +1,75 @@ +--- +--- + +This example demonstrates an easy way to limit the amount of storage consumed in a namespace. + +The following resources are used in the demonstration: + +* [Resource Quota](/docs/admin/resourcequota/) +* [Limit Range](/docs/admin/limitrange/) +* [Persistent Volume Claim](/docs/user-guide/persistent-volumes/) + +This example assumes you have a functional Kubernetes setup. + +## Scenario + +The cluster-admin is operating a cluster on behalf of a user population and the admin wants to control +how much storage a single namespace can consume in order to control cost. + +The admin would like to limit: + +1. The number of persistent volume claims in a namespace +2. The amount of storage each claim can request +3. The amount of cumulative storage the namespace can have + + +## LimitRange to limit requests for storage + +Adding a `LimitRange` to a namespace enforces storage request sizes to a minimum and maximum. Storage is requested +via `PersistentVolumeClaim`. The admission controller that enforces limit ranges will reject any PVC that is above or below +the values set by the admin. + +In this example, a PVC requesting 10Gi of storage would be rejected because it exceeds the 2Gi max. + +``` +apiVersion: v1 +kind: LimitRange +metadata: + name: storagelimits +spec: + limits: + - type: PersistentVolumeClaim + max: + storage: 2Gi + min: + storage: 1Gi +``` + +Minimum storage requests are used when the underlying storage provider requires certain minimums. For example, +AWS EBS volumes have a 1Gi minimum requirement. + +## StorageQuota to limit PVC count and cumulative storage capacity + +Admins can limit the number of PVCs in a namespace as well as the cumulative capacity of those PVCs. New PVCs that exceed +either maximum value will be rejected. + +In this example, a 6th PVC in the namespace would be rejected because it exceeds the maximum count of 5. Alternatively, +a 5Gi maximum quota when combined with the 2Gi max limit above, cannot have 3 PVCs where each has 2Gi. That would be 6Gi requested + for a namespace capped at 5Gi. + +``` +apiVersion: v1 +kind: ResourceQuota +metadata: + name: storagequota +spec: + hard: + persistentvolumeclaims: "5" + requests.storage: "5Gi" +``` + +## Summary + +A limit range can put a ceiling on how much storage is requested while a resource quota can effectively cap the storage +consumed by a namespace through claim counts and cumulative storage capacity. The allows a cluster-admin to plan their +cluster's storage budget without risk of any one project going over their allotment.