Ensure memory requests are set
Error: Memory requests are not set
Bridgecrew Policy ID: BC_K8S_11
Checkov Check ID: CKV_K8S_12
Memory requests are not set
Memory resources can be defined using values from bytes to petabytes, it is common to use mebibytes. If you configure a memory request that is larger than the amount of memory on your nodes, the pod will never be scheduled. When specifying a memory request for a container, include the resources:requests field in the container’s resource manifest. To specify a memory limit, include resources:limits.
Setting memory requests enforces a memory limit for a container. A container is guaranteed to have as much memory as it requests, but is not allowed to use more memory than the limit set. This configuration may save resources and prevent an attack on an exploited container.
Fix - Buildtime
- Resource: Container
- Argument: resources:requests:memory (Optional)
Defines the memory request size for the container.
apiVersion: v1 kind: Pod metadata: name: <name> spec: containers: - name: <container name> image: <image> resources: requests: + memory: <memory request>
Updated 6 months ago