Problem
One day one of run services can consume all available resources of your Rancher cluster and kill all services. It can happen because there are no limits for any service by default.
Solution
Fortunately, there is easy way to set limits not only for one service, but also for namespace.
Rancher namespace limits
Goto edit page of namespace
As you can see there are no set limits by default. There are 4 limits which you can set.
- CPU Limit - max amount of available CPU in milicores
- CPU Reservation - amount of CPU which would be reserved for the namespace
- Memory Limit - max amount of memory in MB
- Memory Reservation - amount of memory which would be reserved for the namespace
Milicores (milicpus) means fraction of CPU core. For example, if you have 2 available CPU cores, but want your service use 1 core and only half of another core, you set limit equal to 1500 milli CPUs. At the same time, you want your namespace always have half fraction of any CPU core, you set CPU Reservation equal to 500 milli CPUs
Rancher service limits
For setting up limit for service you have to go to edit page of service and then click Show advanced options, in the bottom of list you find Security & Host config
As you can see , there same settings for limits as for namespace.
Conclusion
It is good practise, always setting up limits for your services and namespace for exluding impact to another services in cluster. These easy steps help you to avoid problems in future.
