<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">

K8s Tutorial: Setting and Rightsizing Kubernetes Workloads with Goldilocks

A standard piece of advice for optimizing your Kubernetes cluster is to ensure that you set CPU and Memory Requests and Limits on every container. This seems simple, but how do you know which values to select? 

Fairwinds Goldilocks is an open source utility that can help you identify a starting point for resource requests and limits. Like Goldilocks and the Three Bears, this tool can help you make sure that you give your containers not too much, and not too little space in your cluster, saving you money and preventing potential application outages. 

In this tutorial, we will show you how to install Goldilocks and make use of its recommendations. 

Prerequisites

  • kubectl
  • Helm
  • metrics-server
  • Vertical Pod Autoscaler 
  • Pods in the goldilocks-demo namespace

Install Prerequisites 

Goldilocks requires that you have metrics-server and Vertical Pod Autoscaler installed. These instructions will walk you through how to install metrics-server and Vertical Pod Autoscaler using Helm, the package management system for Kubernetes. It is possible to install these workloads using Kubernetes yaml manifests, and you can find the directions on how to do this in the metrics-server docs and the VPA docs.

Install metrics-server 

Add the metrics-server chart repository to your locally available Helm charts:

helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/

Next, create a Helm release called my-metrics-server in a new vpa namespace:

helm install my-metrics-server metrics-server/metrics-server --namespace vpa --create-namespace

Install VPA 

Add the fairwinds-stable chart repository to your locally available Helm charts: 

helm repo add fairwinds-stable https://charts.fairwinds.com/stable

Next, create Helm release called my-vpa in a the vpa namespace:

helm install -n vpa --create-namespace my-vpa fairwinds-stable/vpa

Note for Google Kubernetes Engine (GKE) Users:  

VPA is enabled by default in Autopilot clusters, but you must manually enable it in Standard clusters. You can enable it like so: 

 gcloud container clusters update [CLUSTER-NAME] --enable-vertical-pod-autoscaling {--region [REGION-NAME] | --zone [ZONE-NAME]} 

Configure Goldilocks 

Now that you have the prerequisites setup, it is time to install Goldilocks using Helm. It is possible to install Goldilocks using Kubernetes manifests, and you can find the directions on how to do this in the Goldilocks docs

Install Goldilocks 

Create a Helm release called my-goldilocks:

	helm install -n goldilocks --create-namespace my-goldilocks fairwinds-stable/goldilocks 

Label the Namespace(s) that Goldilocks will Monitor

In this example, we want to monitor any deployments in the goldilocks-demo namespace. We must label the namespace so that Goldilocks can create a VPA for each deployment in a namespace and then query them for information.

kubectl label ns goldilocks-demo goldilocks.fairwinds.com/enabled=true

Open the Goldilocks Dashboard

Port forward the Goldilocks service:

kubectl -n goldilocks port-forward svc/my-goldilocks-dashboard 8080:80

Open your browser to http://localhost:8080 to see the dashboard. It may take a few minutes before you will see the Goldilocks recommendations. Refreshing the browser may help. 

Inspect the Goldilocks Findings 

In this example, we have two deployments in the goldilocks-demo namespace, and each deployment has a corresponding container, echo-service and quote-service. 

View of the Goldilocks Dashboard analysis and recommendation for the echo-service.

View of the Goldilocks Dashboard analysis and recommendation for the echo-service.

Goldilocks shows us that for Guaranteed Quality of Service*, the echo-service container currently has CPU requests and limits that are too high, but memory requests and limits are just right. Below the analysis is a yaml snippet with the recommended values for CPU and Memory requests and limits which you can copy and paste into your deployment manifest.

View of the Goldilocks Dashboard analysis and recommendation for the quote-service

View of the Goldilocks Dashboard analysis and recommendation for the quote-service.

For the quote-deployment container, Goldilocks shows us that there are no set CPU or Memory requests or limits. This is dangerous because a container could potentially take up all the resources on a node, pushing out other pods and making the worker node unavailable to the Kubernetes control-plane. The recommended resource settings are below the analysis. 

Update Your Container Requests and Limits

After copying and pasting the recommended resource request and limits, you should update your deployments and refresh the Goldilocks dashboard. You will see Goldilocks indicate that your current CPU and Memory requests and limits are in line with the recommendations. Congratulations on making your resource requests just right!

View of the Goldilocks Dashboard analysis for the echo-service where the current resource requests are in line with the recommendations.

View of the Goldilocks Dashboard analysis for the echo-service where the current resource requests are in line with the recommendations.

View of the Goldilocks Dashboard analysis for the quote-service where the current resource requests are in line with the recommendations View of the Goldilocks Dashboard analysis for the quote-service where the current resource requests are in line with the recommendations.

The longer your pods exist, the more data the VPA collects, so make sure to check the Goldilocks dashboard over time, because the recommendations will likely change. 

Apply Benefits of Goldilocks at Scale

If you have multiple clusters and users, and want to apply the benefits of Goldilocks at scale, Fairwinds offers a platform called Insights. Users can centrally manage Goldilocks across clusters consistently to ensure CPU and memory requests and limits are set effectively. Fairwinds Insights goes deeper by providing Kubernetes cost optimization advice

Resources

Try Fairwinds Insights


* “QoS (Quality of Service) class is a designation assigned to a pod based on its resource requests and limits. Kubernetes uses QoS classes to make decisions about scheduling and evicting Pods."Kubernetes Documentation: Configure Quality of Service for Pods