K
Q

Kubernetes for multiple user app with specific isolated resource for each project

3/29/2019

Here is my scenario:

I have an application top of Kubernetes. I have multiple users in my application. Each user has it's own account that can create multiple projects. You can imagine each project is a blog. The question is how I can give resource to specific project and quota. By then I need to monitor each project for resource cost. I have already know some ways such as each user with specific container or pod that has it's own privileges. What would be the experienced way to differentiate project resources?

-- Amir Movahedi
docker
kubernetes

Similar Questions

Jenkins,Docker,Kubernetes,AWS EKS: RUN npm install either hangs or produces EAI_AGAIN
Apache Ignite .Net node would not start when a Spring configuration file is used
Helm chart stuck in PodInitializing state indefinitely
Kubernetes volumeMount folder and file permissions?
Main process exited, code=exited, status=203/EXEC
How do I "freeze" an nfs mount in kubernetes to snapshot it if fsfreeze sends operation not permitted?

1 Answer

3/29/2019

In your scenario, I see two considerations: 1) monitoring resource usage 2) resource quotas.

The resource usage monitoring is a bit more difficult if you are doing fine-grained monitoring. However, if you are simply giving specific users a quota of resources to use, you can use the ResourceQuota api object. Constrain each user to their own namespace (for logical isolation), and apply a quota to their namespace. They will be free to schedule anything within their quota.

See this guide for an example.

Hope this helps!

-- Frank Yucheng Gu
Source: StackOverflow