CPU request is not set
Description
When specifying the resource request for containers in a pod, the scheduler uses this information to decide which node to place the pod on. When setting resource limit for a container, the kubelet enforces those limits so that the running container is not allowed to use more of that resource than the limit you set. If a container is created in a namespace that has a default CPU limit, and the container does not specify its own CPU limit, then the container is assigned the default CPU limit. Kubernetes assigns a default CPU request under certain conditions.
Code Example
yaml
apiVersion: v1
kind: Pod
metadata:
name: <name>
spec:
containers:
- name: <container name>
image: <image>
resources:
requests:
+ cpu: <cpu request>Remediation
Kubernetes
- Resource: Container
- Arguments: resources:requests:cpu (Optional)
Defines the CPU request size for the container.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1088 |
| Severity | LOW |
| IaC Type | Kubernetes |
| Frameworks | Kubernetes, |
| Checkov ID | CKV_K8S_10 |