A standard piece of advice for optimizing your Kubernetes cluster is to ensure that you set CPU and Memory Requests and Limits on every container. This seems simple, but how do you know which values to select?
Fairwinds Goldilocks is an open source utility that can help you identify a starting point for resource requests and limits. Like Goldilocks and the Three Bears, this tool can help you make sure that you give your containers not too much, and not too little space in your cluster, saving you money and preventing potential application outages.
Try Fairwinds Insights to get the benefits of Goldilocks at enterprise scale.
See how Insights and Goldilocks compare.
In this tutorial, we will show you how to install Goldilocks and make use of its recommendations.
Goldilocks requires that you have metrics-server and Vertical Pod Autoscaler installed. These instructions will walk you through how to install metrics-server and Vertical Pod Autoscaler using Helm, the package management system for Kubernetes. It is possible to install these workloads using Kubernetes yaml manifests, and you can find the directions on how to do this in the metrics-server docs and the VPA docs.
Add the metrics-server chart repository to your locally available Helm charts:
helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/Next, create a Helm release called my-metrics-server in a new vpa namespace:
helm install my-metrics-server metrics-server/metrics-server --namespace vpa --create-namespaceAdd the fairwinds-stable chart repository to your locally available Helm charts:
helm repo add fairwinds-stable https://charts.fairwinds.com/stableNext, create Helm release called my-vpa in a the vpa namespace:
helm install -n vpa --create-namespace my-vpa fairwinds-stable/vpaVPA is enabled by default in Autopilot clusters, but you must manually enable it in Standard clusters. You can enable it like so:
gcloud container clusters update [CLUSTER-NAME] --enable-vertical-pod-autoscaling {--region [REGION-NAME] | --zone [ZONE-NAME]} Now that you have the prerequisites setup, it is time to install Goldilocks using Helm. It is possible to install Goldilocks using Kubernetes manifests, and you can find the directions on how to do this in the Goldilocks docs.
Create a Helm release called my-goldilocks:
helm install -n goldilocks --create-namespace my-goldilocks fairwinds-stable/goldilocks
In this example, we want to monitor any deployments in the goldilocks-demo namespace. We must label the namespace so that Goldilocks can create a VPA for each deployment in a namespace and then query them for information.
kubectl label ns goldilocks-demo goldilocks.fairwinds.com/enabled=truePort forward the Goldilocks service:
kubectl -n goldilocks port-forward svc/my-goldilocks-dashboard 8080:80Open your browser to http://localhost:8080 to see the dashboard. It may take a few minutes before you will see the Goldilocks recommendations. Refreshing the browser may help.
In this example, we have two deployments in the goldilocks-demo namespace, and each deployment has a corresponding container, echo-service and quote-service.
View of the Goldilocks Dashboard analysis and recommendation for the echo-service.
Goldilocks shows us that for Guaranteed Quality of Service*, the echo-service container currently has CPU requests and limits that are too high, but memory requests and limits are just right. Below the analysis is a yaml snippet with the recommended values for CPU and Memory requests and limits which you can copy and paste into your deployment manifest.
View of the Goldilocks Dashboard analysis and recommendation for the quote-service.
For the quote-deployment container, Goldilocks shows us that there are no set CPU or Memory requests or limits. This is dangerous because a container could potentially take up all the resources on a node, pushing out other pods and making the worker node unavailable to the Kubernetes control-plane. The recommended resource settings are below the analysis.
After copying and pasting the recommended resource request and limits, you should update your deployments and refresh the Goldilocks dashboard. You will see Goldilocks indicate that your current CPU and Memory requests and limits are in line with the recommendations. Congratulations on making your resource requests just right!
View of the Goldilocks Dashboard analysis for the echo-service where the current resource requests are in line with the recommendations.
The longer your pods exist, the more data the VPA collects, so make sure to check the Goldilocks dashboard over time, because the recommendations will likely change.
If you have multiple clusters and users, and want to apply the benefits of Goldilocks at scale, Fairwinds offers a platform called Insights. Users can centrally manage Goldilocks across clusters consistently to ensure CPU and memory requests and limits are set effectively. Fairwinds Insights goes deeper by providing Kubernetes cost optimization advice.
Interested in using Fairwinds Insights? It’s available for free! Learn more here.
Learn more about how Goldilocks works.
* “QoS (Quality of Service) class is a designation assigned to a pod based on its resource requests and limits. Kubernetes uses QoS classes to make decisions about scheduling and evicting Pods."Kubernetes Documentation: Configure Quality of Service for Pods
