We currently do not have quotas/limits on the resources available to tenants on the CentOS CI Infra OCP4 clusters.
We need to spend a little time investigating and implementing a default quota/limit for tenants.
eg: 2vCPU, 2GB ram, 1 kubevirt VM with similar resources
<img alt="no_quota_wild_west.png" src="/centos-infra/issue/raw/files/e87a7fa9dbdc2160d57b200d751f3c8457994e54ed421eb728ea4b0f6f259c52-no_quota_wild_west.png" />
Sharing the usage of a single tenant on the OCP4 production cluster last night:
We must set quotas on our tenants usage to prevent this kind of behaviour.
I propose we create a few tiers, default (small), medium, large quota levels, maybe something like:
Default (Small) - 5 pods - 2 CPU cores - 4 GB RAM - 1 Kubevirt VM Medium - 10 pods - 5 CPU cores - 15 GB RAM - 2 Kubevirt VM Large - 15 pods - 10 CPU cores - 30 GB RAM - 5 Kubevirt VM Large Memory Intensive Workloads - 15 pods - 10 CPU cores - 50 GB RAM - 5 Kubevirt VM Large CPU Intensive Workloads - 15 pods - 15 CPU cores - 30 GB RAM - 5 Kubevirt VM
Even our large tenants should be able to fit comfortably within the large tiers unless they are misbehaving!
Metadata Update from @dkirwan: - Issue tagged with: groomed
Metadata Update from @dkirwan: - Issue priority set to: Waiting on Assignee
As suggested by @siddharthvipul1 via email, I created https://pagure.io/centos-infra/issue/34 for configuring a default LimitRange on projects.
Metadata Update from @dkirwan: - Issue marked as depending on: #34
By default, each namespace will have 4 GB ram quota and no PVs quote since we already control it with NFS. (discussed in the meeting and mutually agreed)
@dkirwan Do you want to work on this ticket?
Metadata Update from @dkirwan: - Issue assigned to dkirwan
[backlog refinement] @dkirwan Did you have time to look at this?
Metadata Update from @zlopez: - Issue tagged with: blocked
[backlog refinement] It was identified as part of OpenShift optimization.
[backlog refinement] It's part of the upcoming replacement of OpenShift in AWS.
Metadata Update from @zlopez: - Issue close_status updated to: Duplicate - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.