UNCLASSIFIED - NO CUI

Add resource limits and requests to gitlab-postgresql-* pods

The Gitlab package violates OPA Gatekeeper by not having all pods with a CPU and memory limit and requests. This can result in resource starvation for other pods in the cluster.

  • Using OPA Gatekeeper, confirm all violations of the container-ratio constraint for the specified pod in the Gitlab package
  • Reach out to the integration team to get real, historical cpu and memory use for the package to base your limit and request.
  • Resolve all of the violations in this package by adding limit and request defaults to the package
  • To comply with BigBang's charter, the limits need to be equal to the requests to provide quality of service
  • Re-test with OPA Gatekeeper to make sure all violations for the package have been resolved.

Container Ratio violations for gitlab-postgresql-* pods include:

                  {
                    "enforcementAction": "dryrun",
                    "kind": "Pod",
                    "message": "container <gitlab-postgresql> has no resource limits",
                    "name": "gitlab-postgresql-0",
                    "namespace": "gitlab"
                  },

UNCLASSIFIED - NO CUI