Cloud Native 9 min read

Master Kubernetes LimitRange: Control Pod Resources Efficiently

This article explains how Kubernetes LimitRange lets you set default CPU and memory requests and limits for Pods within a namespace, provides step‑by‑step configuration examples, demonstrates common usage scenarios, and shows how to test and verify the limits, including for PersistentVolumeClaims.

Ops Development Stories

Mar 27, 2020

LimitRange

LimitRange (resource allocation access management) lets you set default CPU and memory requests/limits for Pods in a namespace, preventing uncontrolled resource usage.

Configuring LimitRange

Step 1: Create a namespace.

<code>apiVersion: v1
kind: Namespace
metadata:
  name: coolops
</code>

Step 2: Define a LimitRange in that namespace.

<code>apiVersion: v1
kind: LimitRange
metadata:
  name: mylimit
  namespace: coolops
spec:
  limits:
  - type: Pod
    max:
      cpu: "1"
      memory: 1Gi
    min:
      cpu: 100m
      memory: 10Mi
    maxLimitRequestRatio:
      cpu: 3
      memory: 4
  - type: Container
    default:
      cpu: 300m
      memory: 200Mi
    defaultRequest:
      cpu: 200m
      memory: 100Mi
    max:
      cpu: "2"
      memory: 1Gi
    min:
      cpu: 100m
      memory: 10Mi
    maxLimitRequestRatio:
      cpu: 5
      memory: 4
</code>

After creation, the LimitRange applies to all Pods in its namespace.

Common scenarios include preventing Pods from requesting more memory than any node can provide, separating resource quotas between production and development teams, and enforcing minimum resource usage to improve scheduling efficiency.

Testing LimitRange

Example 1: Pod within limits creates successfully.

<code>apiVersion: v1
kind: Pod
metadata:
  name: pod01
  namespace: coolops
spec:
  containers:
  - name: pod-01
    image: nginx
    resources:
      requests:
        cpu: 200m
        memory: 30Mi
      limits:
        cpu: 300m
        memory: 50Mi
</code>

Example 2: Pod exceeding CPU limit fails with a Forbidden error.

<code># kubectl apply -f pod-02.yaml
Error from server (Forbidden): error when creating "pod-02.yaml": pods "pod02" is forbidden: [maximum cpu usage per Pod is 1, but limit is 2, cpu max limit request ratio per Pod is 3, but provided ratio is 10.000000, cpu max limit request ratio per Container is 5, but provided ratio is 10.000000]
</code>

Example 3: Pod with requests lower than limits fails validation.

<code># kubectl apply -f pod-03.yaml
The Pod "pod03" is invalid:
* spec.containers[0].resources.requests: Invalid value: "200m": must be less than or equal to cpu limit
* spec.containers[0].resources.requests: Invalid value: "30Mi": must be less than or equal to memory limit
</code>

Example 4: Pod without explicit limits receives default limits from the LimitRange.

<code># kubectl describe pod -n coolops pod04
...
Limits:
  cpu: 300m
  memory: 200Mi
Requests:
  cpu: 200m
  memory: 200Mi
...</code>

LimitRange for PersistentVolumeClaims

<code>apiVersion: v1
kind: LimitRange
metadata:
  name: storagelimits
  namespace: coolops
spec:
  limits:
  - type: PersistentVolumeClaim
    max:
      storage: 2Gi
    min:
      storage: 1Gi
</code>

Use

kubectl describe limitranges -n coolops storagelimits

to view the settings.

Kubernetes YAML Namespace pod LimitRange ResourceManagement

Written by

Ops Development Stories

Maintained by a like‑minded team, covering both operations and development. Topics span Linux ops, DevOps toolchain, Kubernetes containerization, monitoring, log collection, network security, and Python or Go development. Team members: Qiao Ke, wanger, Dong Ge, Su Xin, Hua Zai, Zheng Ge, Teacher Xia.

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.