Ensure CPU request is set

Error: CPU request is not set

Bridgecrew Policy ID: BC_K8S_9
Checkov Check ID: CKV_K8S_10
Severity: LOW

CPU request is not set

Description

When specifying the resource request for containers in a pod, the scheduler uses this information to decide which node to place the pod on. When setting resource limit for a container, the kubelet enforces those limits so that the running container is not allowed to use more of that resource than the limit you set.

If a container is created in a namespace that has a default CPU limit, and the container does not specify its own CPU limit, then the container is assigned the default CPU limit. Kubernetes assigns a default CPU request under certain conditions.

Fix - Buildtime

Kubernetes

  • Resource: Container
  • Argument: resources:requests:cpu (Optional)
    Defines the CPU request size for the container.
apiVersion: v1
kind: Pod
metadata:
  name: <name>
spec:
  containers:
  - name: <container name>
    image: <image>
    resources:
      requests:
+       cpu: <cpu request>