This blog is a continuation of previous blog series https://goglides.io/2020/03/03/limit-range-kubernetes/
Limiting Storage resources
Using LimitRange it is possible to enforce minimum and maximum size of storage resources that can be requested by each PersistentVolumeClaim in a namespace.
Create a file limitrange-storage.yaml
apiVersion: v1 kind: Namespace metadata: name: limitrange-storage-demo3 --- apiVersion: v1 kind: LimitRange metadata: name: storagelimits namespace: limitrange-storage-demo3 spec: limits: - type: PersistentVolumeClaim max: storage: 2Gi min: storage: 1Gi
Apply the YAML file using:
kubectl apply -f limitrange-storage.yaml
Describe the created object:
kubectl describe -f limitrange-storage.yaml Output: Name: limitrange-storage-demo3 Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Namespace","metadata":{"annotations":{},"name":"limitrange-storage-demo3"}} Status: Active No resource quota. Resource Limits Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio ---- -------- --- --- --------------- ------------- ----------------------- PersistentVolumeClaim storage 1Gi 2Gi - - - Name: storagelimits Namespace: limitrange-storage-demo3 Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio ---- -------- --- --- --------------- ------------- ----------------------- PersistentVolumeClaim storage 1Gi 2Gi - - -
Now let’s test the constraint working or not, first test lower limits (pvc-limit-lower.yaml
)
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-limit-lower namespace: limitrange-storage-demo3 spec: accessModes: - ReadWriteOnce resources: requests: storage: 500Mi
apply YAML,
kubectl apply -f pvc-limit-lower.yaml Output: Error from server (Forbidden): error when creating "limitrange-storage.yaml": persistentvolumeclaims "pvc-limit-lower" is forbidden: minimum storage usage per PersistentVolumeClaim is 1Gi, but request is 500Mi
Since limitRange rule saying min storage should be 1Gi, so this PersistentVolumeClaim not satisfying this constraint and hence failed.
Now try with higher limits (pvc-limit-higher.yaml
)
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-limit-greater namespace: limitrange-storage-demo3 spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi
apply YAML,
kubectl apply -f pvc-limit-higher.yaml Output: Error from server (Forbidden): error when creating "limitrange-storage.yaml": persistentvolumeclaims "pvc-limit-greater" is forbidden: maximum storage usage per PersistentVolumeClaim is 2Gi, but request is 5Gi
This one is also not satisfying the constraint and failed gracefully.
Now test with PersistentVolumeClaim which satisfy the constraint (pvc-limit-matching-constraint.yaml
)
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-limit-matching-constraint namespace: limitrange-storage-demo3 spec: accessModes: - ReadWriteOnce resources: requests: storage: 1.5Gi
apply YAML,
kubectl apply -f pvc-limit-matching-constraint.yaml Output: persistentvolumeclaim/pvc-limit-matching-constraint created
Describe object,
kubectl describe -f pvc-limit-matching-constraint.yaml Output: Name: pvc-limit-matching-constraint Namespace: limitrange-storage-demo3 StorageClass: hostpath Status: Bound Volume: pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b Labels: <none> Annotations: control-plane.alpha.kubernetes.io/leader: {"holderIdentity":"3789e204-58b4-11ea-b9a6-985aeb8efcc4","leaseDurationSeconds":15,"acquireTime":"2020-02-26T18:20:07Z","renewTime":"2020-... kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"PersistentVolumeClaim","metadata":{"annotations":{},"name":"pvc-limit-matching-constraint","namespace":"limitra... pv.kubernetes.io/bind-completed: yes pv.kubernetes.io/bound-by-controller: yes volume.beta.kubernetes.io/storage-provisioner: docker.io/hostpath Finalizers: [kubernetes.io/pvc-protection] Capacity: 1536Mi Access Modes: RWO VolumeMode: Filesystem Mounted By: <none> Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ExternalProvisioning 98s (x2 over 98s) persistentvolume-controller waiting for a volume to be created, either by external provisioner "docker.io/hostpath" or manually created by system administrator Normal Provisioning 98s docker.io/hostpath ggg.local 3789e204-58b4-11ea-b9a6-985aeb8efcc4 External provisioner is provisioning volume for claim "limitrange-storage-demo3/pvc-limit-matching-constraint" Normal ProvisioningSucceeded 98s docker.io/hostpath ggg.local 3789e204-58b4-11ea-b9a6-985aeb8efcc4 Successfully provisioned volume pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b
You can see PersistentVolume is created,
kubectl get pv Output: NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b 1536Mi RWO Delete Bound limitrange-st