Categorygithub.com/devopyio/resource-requests-admission-controller
modulepackage
1.2.3
Repository: https://github.com/devopyio/resource-requests-admission-controller.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
37
Dependents
0
Files
1k SLOC

# README

build Go Report Card Docker Repository on Quay

Resource Requests Admission Controller

This application provides a global limit for Pod resources.

You can specify a config.yaml with max CPU Limits, CPU Requests, Memory Limits, Memory Requests or PVC limit and all resources exceeding the limit will be rejected.

A custom config per namespace is also possible.

Here is an example config:

apiVersion: v1
kind: ConfigMap
metadata:
  name: resource-requests-controller
  namespace: kube-system
data:
  config.yaml: |-
    maxCPULimit: 2
    maxMemLimit: 2Gi
    maxPVCSize: 50Gi
    maxCPURequest: 1
    maxMemRequest: 2Gi
    customNamespaces:
      kube-system:
        # maxMemLimit, maxPVCSize, maxMemRequest is taken from top level declaration
        maxCPULimit: 1
        maxCPURequest: 500Mi
      monitoring:
        # maxCPULimit, maxPVCSize, maxMemRequest, maxCPURequest is taken from top level declaration
        maxMemLimit: 1Gi
      default:
        # everything is unlimited.
        unlimited: true
      test-namespace:
        # everything is custom.
        unlimited: false
        maxCPULimit: 1
        maxMemLimit: 1Gi
        maxCPURequest: 500Mi
        maxMemRequest: 1Gi
        maxPVCSize: 10Gi
    customNames:
      {name: deployment-name, namespace: test-namespace}:
        maxPVCSize: 15Gi
        maxMemLimit: 5Gi
        maxCPULimit: 2
        maxCPURequest: 500Mi
        maxMemRequest: 1Gi

Deployment

You can find Kubernetes Manifest in docs directory.

Also you need to create ValidatingWebhookConfiguration kubernetes object. You can find an expample in docs directory.

In order to generate caBundle we suggest you use ca-bundle.sh shell script.

# Functions

New Creates new ResourceRequestsAdmission.
NewConfigurer returns new Limits Configurer.
NewHealthChecker creates New Healthchecker.

# Structs

AdmissionControllerServer is an HTTP server which unmarshals json and passes to AdmissionController.
Config describes Config files structure.
Configurer configures resource limits.
Healthchecker checks admission controller health.
Limit describes limit configuration in yaml.
LimitResource resource limits.
NameNamespace name + namespace combination, strings might be empty.
ResourceRequestsAdmission handles admission based on resourcer returned by Conf.

# Interfaces

AdmissionController makes admission decisions.
Conf get configuration intercace.