Add resource limits and requests to gitlab-redis-master-* pods
The Gitlab package violates OPA Gatekeeper by not having all pods with a CPU and memory limit and requests. This can result in resource starvation for other pods in the cluster.
-
Using OPA Gatekeeper, confirm all violations of the
container-ratioconstraint for the specified pod in the Gitlab package - Reach out to the integration team to get real, historical cpu and memory use for the package to base your limit and request.
- Resolve all of the violations in this package by adding limit and request defaults to the package
- To comply with BigBang's charter, the limits need to be equal to the requests to provide quality of service
- Re-test with OPA Gatekeeper to make sure all violations for the package have been resolved.
Container Ratio violations for gitlab-redis-master-* pods include:
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <redis> has no resource limits",
"name": "gitlab-redis-master-0",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <metrics> has no resource limits",
"name": "gitlab-redis-master-0",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <redis> has no resource requests",
"name": "gitlab-redis-master-0",
"namespace": "gitlab"
},
{
"enforcementAction": "dryrun",
"kind": "Pod",
"message": "container <metrics> has no resource requests",
"name": "gitlab-redis-master-0",
"namespace": "gitlab"
},