freeleaps-ops/docs/examples/resource-management-example.yaml

# Namespace with Resource Quota
apiVersion: v1
kind: Namespace
metadata:
  name: production
  labels:
    environment: production
    team: platform
---
# Resource Quota for the namespace
apiVersion: v1
kind: ResourceQuota
metadata:
  name: production-quota
  namespace: production
spec:
  hard:
    # CPU and Memory limits
    requests.cpu: "8"        # 8 CPU cores total
    requests.memory: 16Gi    # 16GB memory total
    limits.cpu: "16"         # 16 CPU cores max
    limits.memory: 32Gi      # 32GB memory max
    
    # Resource counts
    pods: "50"               # 50 pods max
    services: "20"           # 20 services max
    persistentvolumeclaims: "20"  # 20 PVCs max
    configmaps: "50"         # 50 ConfigMaps max
    secrets: "50"            # 50 Secrets max
    
    # Storage
    requests.storage: 100Gi  # 100GB storage total
---
# Limit Range for default limits
apiVersion: v1
kind: LimitRange
metadata:
  name: production-limits
  namespace: production
spec:
  limits:
  # Default limits for containers
  - default:
      memory: 512Mi
      cpu: 500m
    defaultRequest:
      memory: 256Mi
      cpu: 250m
    type: Container
  # Default limits for pods
  - default:
      memory: 1Gi
      cpu: 1000m
    type: Pod
---
# Deployment with proper resource management
apiVersion: apps/v1
kind: Deployment
metadata:
  name: resource-managed-app
  namespace: production
  labels:
    app: resource-managed-app
    environment: production
spec:
  replicas: 3
  selector:
    matchLabels:
      app: resource-managed-app
  template:
    metadata:
      labels:
        app: resource-managed-app
        environment: production
    spec:
      # Pod-level security context
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
        fsGroup: 2000
      containers:
      - name: app
        image: nginx:latest
        ports:
        - containerPort: 80
        # Resource requests and limits
        resources:
          requests:
            memory: "256Mi"    # Minimum guaranteed
            cpu: "250m"        # 0.25 CPU cores
          limits:
            memory: "512Mi"    # Maximum allowed
            cpu: "500m"        # 0.5 CPU cores
        # Health checks
        livenessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 30
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 3
        readinessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 5
          periodSeconds: 5
          timeoutSeconds: 3
          failureThreshold: 3
        # Container-level security context
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - ALL
        volumeMounts:
        - name: tmp-volume
          mountPath: /tmp
      volumes:
      - name: tmp-volume
        emptyDir: {}
---
# Horizontal Pod Autoscaler (HPA)
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: app-hpa
  namespace: production
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: resource-managed-app
  minReplicas: 3
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80
(feat): Basic docs on Freeleaps Infra 2025-09-03 23:59:04 +00:00			`# Namespace with Resource Quota`
			`apiVersion: v1`
			`kind: Namespace`
			`metadata:`
			`name: production`
			`labels:`
			`environment: production`
			`team: platform`
			`---`
			`# Resource Quota for the namespace`
			`apiVersion: v1`
			`kind: ResourceQuota`
			`metadata:`
			`name: production-quota`
			`namespace: production`
			`spec:`
			`hard:`
			`# CPU and Memory limits`
			`requests.cpu: "8" # 8 CPU cores total`
			`requests.memory: 16Gi # 16GB memory total`
			`limits.cpu: "16" # 16 CPU cores max`
			`limits.memory: 32Gi # 32GB memory max`

			`# Resource counts`
			`pods: "50" # 50 pods max`
			`services: "20" # 20 services max`
			`persistentvolumeclaims: "20" # 20 PVCs max`
			`configmaps: "50" # 50 ConfigMaps max`
			`secrets: "50" # 50 Secrets max`

			`# Storage`
			`requests.storage: 100Gi # 100GB storage total`
			`---`
			`# Limit Range for default limits`
			`apiVersion: v1`
			`kind: LimitRange`
			`metadata:`
			`name: production-limits`
			`namespace: production`
			`spec:`
			`limits:`
			`# Default limits for containers`
			`- default:`
			`memory: 512Mi`
			`cpu: 500m`
			`defaultRequest:`
			`memory: 256Mi`
			`cpu: 250m`
			`type: Container`
			`# Default limits for pods`
			`- default:`
			`memory: 1Gi`
			`cpu: 1000m`
			`type: Pod`
			`---`
			`# Deployment with proper resource management`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: resource-managed-app`
			`namespace: production`
			`labels:`
			`app: resource-managed-app`
			`environment: production`
			`spec:`
			`replicas: 3`
			`selector:`
			`matchLabels:`
			`app: resource-managed-app`
			`template:`
			`metadata:`
			`labels:`
			`app: resource-managed-app`
			`environment: production`
			`spec:`
			`# Pod-level security context`
			`securityContext:`
			`runAsNonRoot: true`
			`runAsUser: 1000`
			`fsGroup: 2000`
			`containers:`
			`- name: app`
			`image: nginx:latest`
			`ports:`
			`- containerPort: 80`
			`# Resource requests and limits`
			`resources:`
			`requests:`
			`memory: "256Mi" # Minimum guaranteed`
			`cpu: "250m" # 0.25 CPU cores`
			`limits:`
			`memory: "512Mi" # Maximum allowed`
			`cpu: "500m" # 0.5 CPU cores`
			`# Health checks`
			`livenessProbe:`
			`httpGet:`
			`path: /`
			`port: 80`
			`initialDelaySeconds: 30`
			`periodSeconds: 10`
			`timeoutSeconds: 5`
			`failureThreshold: 3`
			`readinessProbe:`
			`httpGet:`
			`path: /`
			`port: 80`
			`initialDelaySeconds: 5`
			`periodSeconds: 5`
			`timeoutSeconds: 3`
			`failureThreshold: 3`
			`# Container-level security context`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`readOnlyRootFilesystem: true`
			`capabilities:`
			`drop:`
			`- ALL`
			`volumeMounts:`
			`- name: tmp-volume`
			`mountPath: /tmp`
			`volumes:`
			`- name: tmp-volume`
			`emptyDir: {}`
			`---`
			`# Horizontal Pod Autoscaler (HPA)`
			`apiVersion: autoscaling/v2`
			`kind: HorizontalPodAutoscaler`
			`metadata:`
			`name: app-hpa`
			`namespace: production`
			`spec:`
			`scaleTargetRef:`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`name: resource-managed-app`
			`minReplicas: 3`
			`maxReplicas: 10`
			`metrics:`
			`- type: Resource`
			`resource:`
			`name: cpu`
			`target:`
			`type: Utilization`
			`averageUtilization: 70`
			`- type: Resource`
			`resource:`
			`name: memory`
			`target:`
			`type: Utilization`
			`averageUtilization: 80`