Apparently when I set a limitrange on pod/container resources in my namespace, the limitranger will check all requests for resources. According to the documentation
If creating or updating a resource (Pod, Container,
PersistentVolumeClaim) violates a limit range constraint,
the request to the API server will fail with HTTP status code 403 FORBIDDEN
and a message explaining the constraint that would have been violated.
How do I see these errors? After deploying the limitrange I use kubectl to scale down, and then back up my deployment. When I do 'get pods' I see that the new pods were not created. Performing the scale up resulted in no output apart from '[deployment name] scaled'
(For the record, I'm not asking how the limitrange works, just how to see these messages. The deployment is quite complicated so there are a few possible things that could be going wrong)
in these case the errors can be found be examining the replica set tied to the deployment with the following:
kubectl describe replicaset %name%