Skip to main content

AKS–Limit ranges

Last week, we got into problems when booting up our AKS cluster(we’ll shut the development cluster down every night to safe costs). Instead of green lights, our Neo4J database refused to run. In the logs, we noticed the following error message:

ERROR Invalid memory configuration - exceeds physical memory.

Let me share what caused this error.

Maybe you’ve read my article about resource limits in Kubernetes. There I talked about the fact that you can set resource limits at the container level.

What I didn’t mention in the article is that you can also configure default limits at the namespace level through limit ranges.

From the documentation:

A LimitRange provides constraints that can:

  • Enforce minimum and maximum compute resources usage per Pod or Container in a namespace.
  • Enforce minimum and maximum storage request per PersistentVolumeClaim in a namespace.
  • Enforce a ratio between request and limit for a resource in a namespace.
  • Set default request/limit for compute resources in a namespace and automatically inject them to Containers at runtime.

So if you don’t configure resource limits and/or requests at the container level, you can still set it at the namespace level.

This is exactly what we did, here are the limit ranges that are currently in place:

And it are these (default) limits that brought our Neo4J instance into trouble. Although enough memory was available in the cluster, the container was limited by default to only use 512MB which is unsufficient to run our Neo4J cluster. The solution was to change our Helm chart to assign more memory to the Neo4J pods.

When configuring resource limits, settings at the pod/container level always supersede settings at the namespace level.

Popular posts from this blog

.NET 8–Keyed/Named Services

A feature that a lot of IoC container libraries support but that was missing in the default DI container provided by Microsoft is the support for Keyed or Named Services. This feature allows you to register the same type multiple times using different names, allowing you to resolve a specific instance based on the circumstances. Although there is some controversy if supporting this feature is a good idea or not, it certainly can be handy. To support this feature a new interface IKeyedServiceProvider got introduced in .NET 8 providing 2 new methods on our ServiceProvider instance: object? GetKeyedService(Type serviceType, object? serviceKey); object GetRequiredKeyedService(Type serviceType, object? serviceKey); To use it, we need to register our service using one of the new extension methods: Resolving the service can be done either through the FromKeyedServices attribute: or by injecting the IKeyedServiceProvider interface and calling the GetRequiredKeyedServic...

Azure DevOps/ GitHub emoji

I’m really bad at remembering emoji’s. So here is cheat sheet with all emoji’s that can be used in tools that support the github emoji markdown markup: All credits go to rcaviers who created this list.

Kubernetes–Limit your environmental impact

Reducing the carbon footprint and CO2 emission of our (cloud) workloads, is a responsibility of all of us. If you are running a Kubernetes cluster, have a look at Kube-Green . kube-green is a simple Kubernetes operator that automatically shuts down (some of) your pods when you don't need them. A single pod produces about 11 Kg CO2eq per year( here the calculation). Reason enough to give it a try! Installing kube-green in your cluster The easiest way to install the operator in your cluster is through kubectl. We first need to install a cert-manager: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.5/cert-manager.yaml Remark: Wait a minute before you continue as it can take some time before the cert-manager is up & running inside your cluster. Now we can install the kube-green operator: kubectl apply -f https://github.com/kube-green/kube-green/releases/latest/download/kube-green.yaml Now in the namespace where we want t...