-
Notifications
You must be signed in to change notification settings - Fork 168
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow to skip resources on agent images through annotations #174
Allow to skip resources on agent images through annotations #174
Conversation
@tvoran, @jasonodonnell, friendly bump up on this pending PR :) Would love your 👀 , feedback and thoughts 🙌 |
Hi @sarahhenkens, I had taken a look at this but got distracted, my apologies! In general this looks fine but I'll need to do some functionality testing and a thorough code review. I'm wondering what your use case is for disabling resource limits? Typically we don't see uncapped containers. |
The current version of Kubernetes has some inefficient mechanisms in how it executes CPU throttling through cgroups. Because of this, I decided to not use limits at all in my setup and just use requests. Kubernetes doesn't enforce users to set resource limits, so the use case is generally: Make it compatible with Kubernetes own capabilities without being overly opinionated on resource best practices. The current version of Since this PR doesn't change the default behavior of
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code looks good, tested fine locally and unit tests are passing. LGTM, thank you for the contribution!
Thank you for accepting the change! 🙌 |
Currently, it's not possible to skip creating the resource requests and limits on the injected containers via the injector. At most, you can set them to empty strings which will emit a
0
as the limits.This pull request ensures that resource configuration can be skipped if the user has disabled them in their annotations by setting their value to
""
(empty string).vault.hashicorp.com/agent-limits-cpu: ""
will skip assigning the resource limit all togethervault.hashicorp.com/agent-limits-cpu: "0"
will still allow you to set it to 0Current Behavior
The current behavior will emit a literal
0
for the limits and requests if setting them to""
, which has some unexpected behavior with the scheduler and will cause the agents to get OOM killed.Will result in:
Updated behavior:
Will result in no resources set all together. As its the default for pods in Kubernetes.
Specifying only CPU
When selecting only CPU limits, it is working as expected:
Will result in:
Testing