add warnings when apply container memory resources are less than 6Mi
chengjoey opened this issue · 4 comments
What would you like to be added?
When I create the following pod, and the resources requested by the container are less than 6Mi:
apiVersion: v1
kind: Pod
metadata:
name: app
spec:
containers:
- name: nginx
image: nginx
resources:
limits:
cpu: "0.1"
memory: "5Mi"
requests:
cpu: "0.1"
memory: "5Mi"
i got CreateContainerError
status
kubectl get pod app -o json | jq '.status.containerStatuses[0].state':
{
"waiting": {
"message": "Error response from daemon: Minimum memory limit allowed is 6MB",
"reason": "CreateContainerError"
}
}
kubelet log:
May 13 08:07:13 minikube kubelet[28281]: E0513 08:07:13.446599 28281 pod_workers.go:1298] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"nginx\" with CreateContainerError: \"Error response from daemon: Minimum memory limit allowed is 6MB\"" pod="default/app" podUID="bebb6b1b-a2d8-4916-be19-7314e1ba70f8"
May 13 08:07:29 minikube kubelet[28281]: E0513 08:07:29.539556 28281 remote_runtime.go:319] "CreateContainer in sandbox from runtime service failed" err="rpc error: code = Unknown desc = Error response from daemon: Minimum memory limit allowed is 6MB" podSandboxID="5a7642634307f697bfedee131056d1b24e191754bdb0ef3ff46d65fdc83e84d9"
May 13 08:07:29 minikube kubelet[28281]: I0513 08:07:29.539689 28281 kuberuntime_manager.go:1258] Container start failed in pod app_default(bebb6b1b-a2d8-4916-be19-7314e1ba70f8): CreateContainerError: Error response from daemon: Minimum memory limit allowed is 6MB
May 13 08:07:29 minikube kubelet[28281]: E0513 08:07:29.539762 28281 kuberuntime_manager.go:1259] container &Container{Name:nginx,Image:nginx,Command:[],Args:[],WorkingDir:,Ports:[]ContainerPort{},Env:[]EnvVar{},Resources:ResourceRequirements{Limits:ResourceList{cpu: {{100 -3} {<nil>} 100m DecimalSI},memory: {{5242880 0} {<nil>} 5Mi BinarySI},},Requests:ResourceList{cpu: {{100 -3} {<nil>} 100m DecimalSI},memory: {{5242880 0} {<nil>} 5Mi BinarySI},},Claims:[]ResourceClaim{},},VolumeMounts:[]VolumeMount{VolumeMount{Name:kube-api-access-mkv5j,ReadOnly:true,MountPath:/var/run/secrets/kubernetes.io/serviceaccount,SubPath:,MountPropagation:nil,SubPathExpr:,RecursiveReadOnly:nil,},},LivenessProbe:nil,ReadinessProbe:nil,Lifecycle:nil,TerminationMessagePath:/dev/termination-log,ImagePullPolicy:Always,SecurityContext:nil,Stdin:false,StdinOnce:false,TTY:false,EnvFrom:[]EnvFromSource{},TerminationMessagePolicy:File,VolumeDevices:[]VolumeDevice{},StartupProbe:nil,ResizePolicy:[]ContainerResizePolicy{ContainerResizePolicy{ResourceName:cpu,RestartPolicy:NotRequired,},ContainerResizePolicy{ResourceName:memory,RestartPolicy:NotRequired,},},RestartPolicy:nil,} start failed in pod app_default(bebb6b1b-a2d8-4916-be19-7314e1ba70f8): CreateContainerError: Error response from daemon: Minimum memory limit allowed is 6MB
I hope to display a warning reminder when the requested memory resources are less than 6Mi
Why is this needed?
6Mi is the minimum memory value defined in moby
// It's not kernel limit, we want this 6M limit to account for overhead during startup, and to supply a reasonable functional container
linuxMinMemory = 6291456
This issue is currently awaiting triage.
If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted
label and provide further guidance.
The triage/accepted
label can be added by org members by writing /triage accepted
in a comment.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
/sig node
The minimum amount of memory is a runtime requirement which can vary across implementations. I don't think that Kubernetes needs to apply any limit on top of that.
The minimum amount of memory is a runtime requirement which can vary across implementations. I don't think that Kubernetes needs to apply any limit on top of that.
It is not a restriction, but a warning.
Just wondering, how warnings should be displayed?
Still wondering, isn't this use case something that can be solved with a (cluster-specific) validating webhook?