Goglides Dev 🌱

Goglides Dev 🌱 is a community of amazing users

We are working on this space so that IT professionals can grow together.

Create account Log in
Balkrishna Pandey
Balkrishna Pandey

Posted on • Originally published at Medium on

Part 03: How to force quotas limit to Kubernetes Storage

This blog is a continuation of previous blog series https://goglides.io/2020/03/03/limit-range-kubernetes/

How to force quotas limit to Kubernetes Storage

Limiting Storage resources

Using LimitRange it is possible to enforce minimum and maximum size of storage resources that can be requested by each PersistentVolumeClaim in a namespace.

Create a file limitrange-storage.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: limitrange-storage-demo3
---
apiVersion: v1
kind: LimitRange
metadata:
  name: storagelimits
  namespace: limitrange-storage-demo3
spec:
  limits:
  - type: PersistentVolumeClaim
    max:
      storage: 2Gi
    min:
      storage: 1Gi
Enter fullscreen mode Exit fullscreen mode

Apply the YAML file using:

kubectl apply -f limitrange-storage.yaml
Enter fullscreen mode Exit fullscreen mode

Describe the created object:

kubectl describe -f limitrange-storage.yaml


Output:
Name: limitrange-storage-demo3
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"v1","kind":"Namespace","metadata":{"annotations":{},"name":"limitrange-storage-demo3"}}
Status: Active

No resource quota.

Resource Limits
 Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
 ---- -------- --- --- --------------- ------------- -----------------------
 PersistentVolumeClaim storage 1Gi 2Gi - - -


Name: storagelimits
Namespace: limitrange-storage-demo3
Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio
---- -------- --- --- --------------- ------------- -----------------------
PersistentVolumeClaim storage 1Gi 2Gi - - -
Enter fullscreen mode Exit fullscreen mode

Now let’s test the constraint working or not, first test lower limits (pvc-limit-lower.yaml)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-limit-lower
  namespace: limitrange-storage-demo3
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 500Mi
Enter fullscreen mode Exit fullscreen mode

apply YAML,

kubectl apply -f pvc-limit-lower.yaml

Output:
Error from server (Forbidden): error when creating "limitrange-storage.yaml": persistentvolumeclaims "pvc-limit-lower" is forbidden: minimum storage usage per PersistentVolumeClaim is 1Gi, but request is 500Mi
Enter fullscreen mode Exit fullscreen mode

Since limitRange rule saying min storage should be 1Gi, so this PersistentVolumeClaim not satisfying this constraint and hence failed.

Now try with higher limits (pvc-limit-higher.yaml)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-limit-greater
  namespace: limitrange-storage-demo3
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
Enter fullscreen mode Exit fullscreen mode

apply YAML,

kubectl apply -f pvc-limit-higher.yaml

Output:
Error from server (Forbidden): error when creating "limitrange-storage.yaml": persistentvolumeclaims "pvc-limit-greater" is forbidden: maximum storage usage per PersistentVolumeClaim is 2Gi, but request is 5Gi
Enter fullscreen mode Exit fullscreen mode

This one is also not satisfying the constraint and failed gracefully.

Now test with PersistentVolumeClaim which satisfy the constraint (pvc-limit-matching-constraint.yaml)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-limit-matching-constraint
  namespace: limitrange-storage-demo3
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1.5Gi
Enter fullscreen mode Exit fullscreen mode

apply YAML,

kubectl apply -f pvc-limit-matching-constraint.yaml

Output:
persistentvolumeclaim/pvc-limit-matching-constraint created
Enter fullscreen mode Exit fullscreen mode

Describe object,

kubectl describe -f pvc-limit-matching-constraint.yaml

Output:
Name: pvc-limit-matching-constraint
Namespace: limitrange-storage-demo3
StorageClass: hostpath
Status: Bound
Volume: pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b
Labels: <none>
Annotations: control-plane.alpha.kubernetes.io/leader:
                 {"holderIdentity":"3789e204-58b4-11ea-b9a6-985aeb8efcc4","leaseDurationSeconds":15,"acquireTime":"2020-02-26T18:20:07Z","renewTime":"2020-...
               kubectl.kubernetes.io/last-applied-configuration:
                 {"apiVersion":"v1","kind":"PersistentVolumeClaim","metadata":{"annotations":{},"name":"pvc-limit-matching-constraint","namespace":"limitra...
               pv.kubernetes.io/bind-completed: yes
               pv.kubernetes.io/bound-by-controller: yes
               volume.beta.kubernetes.io/storage-provisioner: docker.io/hostpath
Finalizers: [kubernetes.io/pvc-protection]
Capacity: 1536Mi
Access Modes: RWO
VolumeMode: Filesystem
Mounted By: <none>
Events:
  Type Reason Age From Message
  ---- ------ ---- ---- -------
  Normal ExternalProvisioning 98s (x2 over 98s) persistentvolume-controller waiting for a volume to be created, either by external provisioner "docker.io/hostpath" or manually created by system administrator
  Normal Provisioning 98s docker.io/hostpath ggg.local 3789e204-58b4-11ea-b9a6-985aeb8efcc4 External provisioner is provisioning volume for claim "limitrange-storage-demo3/pvc-limit-matching-constraint"
  Normal ProvisioningSucceeded 98s docker.io/hostpath ggg.local 3789e204-58b4-11ea-b9a6-985aeb8efcc4 Successfully provisioned volume pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b
Enter fullscreen mode Exit fullscreen mode

You can see PersistentVolume is created,

kubectl get pv

Output:
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-8f2271bc-d716-4ff5-9d3c-9889bf7d677b 1536Mi RWO Delete Bound limitrange-st
Enter fullscreen mode Exit fullscreen mode

Discussion (0)