Guides

CPU & Memory Requests Should be Set

The Pod request should be set so the scheduler can make better placing decisions, and to help avoid resource starvation.

Suggest Edits

Risk Level: Low
Cloud Entity: Pods
CloudGuard Rule ID: D9.K8S.AC.02
Covered by Spectral: No
Category: Compute

GSL LOGIC

KubernetesPod should not have spec.containers contain-any [ resources.requests.memory isEmpty() ] or spec.containers contain-any [ resources.requests.cpu isEmpty() ] or spec.initContainers contain-any [ resources.requests.memory isEmpty() ] or spec.initContainers contain-any [ resources.requests.cpu isEmpty() ]

REMEDIATION

Pods

Pods are the smallest deployable units of computing that can be created and managed in Kubernetes.A Pod is a group of one or more containers (such as Docker containers), with shared storage/network, and a specification for how to run the containers.

Compliance Frameworks

  • Container Admission Control

Updated about 1 year ago