Skip to main content

☑️ Ensure each container has a configured CPU limit

CPU limits enable you to use CPU resources efficiently by restricting the maximum amount of CPU available to the pods running in your cluster.

Targeted objects by this rule (types of kind): Deployment / Pod / DaemonSet / StatefulSet / ReplicaSet / CronJob / Job

Complexity: hard (What does this mean?)

Policy as code identifier: CONTAINERS_MISSING_CPU_LIMIT_KEY


This rule will fail

If a container doesn't have a CPU limit configured

spec:
containers:
- name: app
image: nginx:1.19.8

Rule output in the CLI

$ datree test *.yaml

>> File: failExample.yaml
❌ Ensure each container has a configured CPU limit [1 occurrence]
💡 Missing property object `limits.cpu` - value should be within the accepted boundaries recommended by the organization

How to fix this failure

spec:
containers:
- name: app
image: nginx:1.19.8
resources:
limits:
cpu: "500m"

Read more