Mastering Kubernetes CPU & Memory: Requests, Limits, Quotas, and LimitRanges
This guide explains how to allocate and control CPU and memory for containers and Pods in Kubernetes, covering resource units, request and limit settings, ResourceQuota objects, LimitRange defaults, practical YAML examples, and useful monitoring tools.
Allocate CPU and Memory to Containers and Pods
Kubernetes measures CPU in units that correspond to one vCPU on major cloud providers (AWS, GCP, Azure) or one hyper‑thread on a bare‑metal Intel CPU. Memory is expressed in bytes with suffixes such as Mi for mebibytes.
Define resource requests to guarantee a minimum amount of CPU and memory for a container, and limits to cap the maximum usage. The scheduler uses requests to place Pods, while limits are enforced at runtime.
apiVersion: apps/v1
kind: Deployment
metadata:
name: aks-application
spec:
replicas: 1
selector:
matchLabels:
app: aks-application
template:
metadata:
labels:
app: aks-application
spec:
containers:
- name: aks-application
image: hubname/aks-application-image:1.0.0
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256MiThis Deployment requests 100 millicores and 128 MiB of memory, while limiting the container to 250 millicores and 256 MiB.
ResourceQuota: Limiting Namespace Consumption
A ResourceQuota object caps the total amount of compute resources a namespace may consume, including the number of objects and aggregate CPU/memory requests.
When a quota is enforced, every Pod creation must specify both request and limit values; otherwise the API server rejects the request.
apiVersion: v1
kind: ResourceQuota
metadata:
name: backend-storage-quota
spec:
hard:
persistentvolumeclaims: "2"
requests.storage: "1Gi"
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: backend-namespace-quota
spec:
hard:
request.cpu: 400m
request.memory: 9600Mi
limits.cpu: 1200m
limits.memory: 11600MiApply the quota with:
kubectl apply -f resource-quota.yaml --namespace backendLimitRange: Setting Default Requests and Limits
If a namespace has a quota, a LimitRange can provide default request and limit values for Pods and also enforce minimum and maximum storage sizes for PersistentVolumeClaims.
apiVersion: v1
kind: LimitRange
metadata:
name: backend-limit-range
spec:
limits:
- default:
memory: 110Mi
cpu: 500m
defaultRequest:
memory: 20Mi
cpu: 100m
type: Container
---
apiVersion: v1
kind: LimitRange
metadata:
name: backend-storage-limits
spec:
limits:
- type: PersistentVolumeClaim
max:
storage: 5Gi
min:
storage: 2GiTools for Managing CPU and Memory
Popeye – scans clusters for configuration, resource, and network issues.
Goldilocks – analyzes Pod resource limits and suggests optimal values.
Kube‑advisor – Azure tool that detects missing resource requests.
K9s + benchmark – CLI for monitoring and benchmarking clusters.
These tools can be combined with observability platforms such as Datadog, Grafana + Prometheus, or Azure Monitor for enhanced visibility.
Summary Checklist
Set resource requests to reflect expected CPU and memory usage.
Define limits and perform load testing to verify behavior under pressure.
Continuously monitor container CPU/memory consumption.
Track PersistentVolume usage.
Use LimitRange to enforce defaults and constraints.
Apply ResourceQuota cautiously; avoid using it in production without thorough testing.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Full-Stack DevOps & Kubernetes
Focused on sharing DevOps, Kubernetes, Linux, Docker, Istio, microservices, Spring Cloud, Python, Go, databases, Nginx, Tomcat, cloud computing, and related technologies.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.