Restricting resource consumption

While applications are typically isolated in namespaces, risks can occur when applications exhaust the resources of other applications in the same cluster. Cluster administrators can use quotas to share resources better between users and teams.

About this task

A resource quota, which is defined by a ResourceQuota object, provides a constraint that limits its consumption in a namespace. It can limit the quantity of objects that are created in a namespace by type, and the total amount of compute resources that are consumed by resources in that namespace.

All the resources consumed by a Cloud Pak for Business Automation (CP4BA) deployment have reasonable limits by default, such as the amount of memory allocated for a pod. Resource quotas provide a way to restrict the number of resources in a namespace, such as the maximum number of pods. No resource quotas are applied by default for the CP4BA deployment namespace.

The IBM Footprint Analyzer on Red Hat OpenShift clusters is able to capture the current state of the following resources in a namespace. All the resources can be limited with ResourceQuota objects.

The following metrics can be captured by using the Footprint Analyzer:
  • The sum of CPU limits across all running pods.
  • The sum of CPU requests across all running pods.
  • The sum of memory limits across all running pods.
  • The sum of memory requests across all running pods.
  • The sum of storage requests across all persistent volume claims.
  • The total number of PersistentVolumeClaims in a namespace.
  • The total number of ConfigMaps in a namespace.
  • The total number of Secrets in a namespace.
  • The total number of Services in a namespace.
  • The total number of running Pods in a namespace.

Use the following steps to retrieve all the metrics for the selected namespaces.

Procedure

  1. Download the Footprint Analyzer script from the following URL https://github.com/icp4a/ibm-footprint-analyzer.
  2. Refer to the Readme file to check the requirements and the script options.
  3. Make sure that the script is executable by running the chmod command. 
    chmod +x footprint.sh
  4. Run the script by using the following command. 
    ./footprint.sh --skip-images
  5. Select one or more namespaces that you want to examine resources for and press the enter key.
  6. Make sure that all the running pods are selected, and then press the enter key again.

Results

The tool outputs the collected metrics, but it does not determine the reasonable limits. Set your restrictions by adding a reasonable growth buffer to the sums and counts.