Add resource limits and requests to gitlab-runner-gitlab-runner-* pods
The Gitlab package violates OPA Gatekeeper by not having all pods with a CPU and memory limit and requests. This can result in resource starvation for other pods in the cluster.
-
Using OPA Gatekeeper, confirm all violations of the container-ratio
constraint for the specified pod in the Gitlab package -
Reach out to the integration team to get real, historical cpu and memory use for the package to base your limit and request. -
Resolve all of the violations in this package by adding limit and request defaults to the package -
To comply with BigBang's charter, the limits need to be equal to the requests to provide quality of service -
Re-test with OPA Gatekeeper to make sure all violations for the package have been resolved.
Container Ratio violations for gitlab-runner-gitlab-runner-* pods include:
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <gitlab-runner-gitlab-runner> has no resource limits",
"name": "gitlab-runner-gitlab-runner-548757667-9p4wn",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <gitlab-runner-gitlab-runner> has no resource requests",
"name": "gitlab-runner-gitlab-runner-548757667-9p4wn",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <configure> has no resource limits",
"name": "gitlab-runner-gitlab-runner-548757667-9p4wn",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <configure> has no resource requests",
"name": "gitlab-runner-gitlab-runner-548757667-9p4wn",
"namespace": "gitlab"
}