What kind of request is this (question/bug/enhancement/feature request): BUG
Steps to reproduce (least amount of steps as possible):
- Assign a resource quota to a project and to the namespace. The namespace has 0 pods running.
- Resource Quotas values are:
Resource Type: CPU Limit
Project Limit: 2000 milli CPUs
Namespace Limit: 500 mili CPUs.
(I have also tried using higher values like Project Limit: 10000 and Namespace Limit: 5000 but nothing changes)
Result: I cannot start even a single pod. In the Rancher Server logs I see:
2018-11-28T08:52:54.423947842Z 2018/11/28 08:52:54 [ERROR] NamespaceController backend [secretsController] failed with : secrets “#####-nl” is forbidden: exceeded quota: default-wcxcn, requested: secrets=1, used: secrets=4, limited: secrets=0
2018-11-28T08:52:54.430439658Z 2018/11/28 08:52:54 [ERROR] NamespaceController backend [secretsController] failed with : secrets “default-token-7j8zg” is forbidden: exceeded quota: default-wcxcn, requested: secrets=1, used: secrets=4, limited: secrets=0
I have set Resource Quotas just for the CPU but I get the error regarding the secrets which I did not limit anywhere and it is totally unrelated to the CPU limits. I have 4 secrets created for the Project and I did not define any Secrets limits in the Resource Quotas anywhere but I get this error that prevents even launching a single pod. I have tried also adding a Secret Limits in the Resource Quotas section like it follows:
Resource Type: Secrets
Project Limit: 100
Namespace Limit: 50
If I do this I get the following error when trying to launch a pod:
Pods “######-######-eu-west-1-7c5b778687-b7cpw” is forbidden: failed quota: default-wcxcn: must specify limits.cpu; Deployment does not have minimum availability.
Of course as soon as I remove the Resource Quotas for the Project it starts working again and I can launch pods.
- Rancher version: rancher/rancher:latest
- Installation option : Single Instance
- Cluster type : Custom
- Machine type (cloud/VM/metal) and specifications (CPU/memory): Cloud AWS t2.medium
- Kubernetes version (use
kubectl version): 1.11.3-rancher1-1