Allow to configure limits and requests for kube-rbac-proxy container in devworkspace-webhook-server pod

Question

Allow to configure limits and requests for kube-rbac-proxy container in devworkspace-webhook-server pod

Closed this issue a month ago · 2 comments

Description

Current implementation does not allow to configure limits and requests for kube-rbac-proxy container in devworkspace-webhook-server pod. It leads to violation to security best practices, for example: container CPU and memory limits should be enforced.

Additional context

The similar issue is already solved for another container in this pod via envvars:

        - name: WEBHOOKS_SERVER_MEMORY_LIMIT
          value: 300Mi
        - name: WEBHOOKS_SERVER_MEMORY_REQUEST
          value: 20Mi
        - name: WEBHOOKS_SERVER_CPU_LIMIT
          value: 200m
        - name: WEBHOOKS_SERVER_CPU_REQUEST
          value: 100m

Is it possible to have something like above but for kube-rbac-proxy container?

Answer 1 · 2024-10-25T21:11:56.000Z

Please disregard this request. It has been resolved by using a limit range.

Answer 2 · 2024-10-26T02:09:30.000Z

@karatkep glad to hear you found a workaround :)