Merge pull request #512 from nirmata/local_test

Add generate rule for default limitrange
2025-03-31 03:45:17 +00:00 · 2019-11-18 17:33:43 -08:00 · 2019-11-18 17:33:43 -08:00 · ae53fa1bfc
commit ae53fa1bfc
parent a81d5c9ae7 67d9808002
4 changed files with 41 additions and 2 deletions
--- a/samples/AddNamespaceResourceQuota.md
+++ b/samples/AddNamespaceResourceQuota.md
@ -1,6 +1,6 @@
 # Configure namespace limits and quotas

-To limit the number of resources like CPU and memory, as well as objects that may be consumed by workloads in a namespace, it is important to configure resource limits and quotas for each namespace. 
+To limit the number of resources like CPU and memory, as well as objects that may be consumed by workloads in a namespace, it is important to configure resource limits and quotas for each namespace. The generated default limitrange sets the default quotas for a container.

 ## Additional Information

@ -32,4 +32,22 @@ spec:
            requests.memory: '16Gi'
            limits.cpu: '4'
            limits.memory: '16Gi'
+  - name: generate-limitrange
+    match:
+      resources:
+        kinds:
+        - Namespace
+    generate:
+      kind: LimitRange
+      name: "default-limitrange"
+      data:
+        spec:
+          limits:
+          - default:
+              cpu: 500m
+              memory: 1Gi
+            defaultRequest:
+              cpu: 200m
+              memory: 256Mi
+            type: Container
 ````
--- a/samples/README.md
+++ b/samples/README.md
@ -23,7 +23,7 @@ These policies are highly recommended.
 13. [Require pod resource requests and limits](RequirePodRequestsLimits.md)
 14. [Require pod `livenessProbe` and `readinessProbe`](RequirePodProbes.md)
 15. [Add default network policy](AddDefaultNetworkPolicy.md)
-16. [Add namespace resource quotas](AddNamespaceResourceQuota.md)
+16. [Add namespace quotas](AddNamespaceQuotas.md)
 17. [Add `safe-to-evict` for pods with `emptyDir` and `hostPath` volumes](AddSafeToEvict.md)

 ## Additional Policies
--- a/samples/best_practices/add_ns_quota.yaml
+++ b/samples/best_practices/add_ns_quota.yaml
@ -24,3 +24,21 @@ spec:
            requests.memory: '16Gi'
            limits.cpu: '4'
            limits.memory: '16Gi'
+  - name: generate-limitrange
+    match:
+      resources:
+        kinds:
+        - Namespace
+    generate:
+      kind: LimitRange
+      name: "default-limitrange"
+      data:
+        spec:
+          limits:
+          - default:
+              cpu: 500m
+              memory: 1Gi
+            defaultRequest:
+              cpu: 200m
+              memory: 256Mi
+            type: Container
--- a/test/scenarios/samples/best_practices/add_ns_quota.yaml
+++ b/test/scenarios/samples/best_practices/add_ns_quota.yaml
@ -19,3 +19,6 @@ expected:
        - name: generate-resourcequota
          type: Generation
          success: true
+        - name: generate-limitrange
+          type: Generation
+          success: true