I have a use case where I want to apply different default memory and CPU for containers running with low priority class attached. I have followed the documentation but it applies on namespace level and hence on all the containers in namespace, I want it to make it conditional if container is having priority class then different limitrange object should get applied?
I have tried
limitRangeList:
- name: image-builder
spec:
limits:
- default:
cpu: 200m
memory: 1Gi
defaultRequest:
cpu: 200m
memory: 1Gi
type: Container
scopeSelector:
matchExpressions:
- operator: In
scopeName: PriorityClass
values: ["imagebuild-priority"]
- name: default
spec:
limits:
- default:
cpu: {{ limitrange_default_limits_cpu }}
memory: {{ limitrange_default_limits_memory }}
defaultRequest:
cpu: {{ limitrange_default_requests_cpu }}
memory: {{ limitrange_default_requests_memory }}
type: ContainerLooking at the API reference (limitrangeitem, limitrangespec), it looks like you can't apply a limit range to a subset of Pods in a namespace.
I would recommend you look at admission webhooks instead. As specified in the documentation:
Mutating admission Webhooks [...] can modify objects sent to the API server to enforce custom defaults.
What you can do is make a mutating admission webhook that intercepts all Pod creations and applies default limits and requests based on the labels specified in the Pod.