CPU/memory resource constraints are not enforced #7343
cristianrgreco
started this conversation in
Bugs
Replies: 1 comment
-
@afdesk could you take a look? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
I've installed the trivy-operator via Helm. I've set the following resource constraints:
My node has 4 total CPU cores. Observe that when the trivy-operator schedules the jobs, it seems these resource constraints are applied per job, resulting in almost 100% CPU utilisation. Because the operator creates a job per namespace, it's not possible to set the resource constraints to guarantee not exceeding a maximum value.
Desired Behavior
The trivy operator should not schedule more jobs than exceed the defined resource constraints.
Actual Behavior
The trivy operator schedules all the jobs, potentially using 100% CPU/memory usage and grinding the cluster to a halt.
Reproduction Steps
1. A kubernetes cluster with several workloads. 2. A fixed number of nodes in the cluster, e.g 1. 3. When Trivy runs it will likely utilise most cluster resources, regardless of resource constraints.
Target
Kubernetes
Scanner
Vulnerability and configuration
Output Format
None
Mode
Standalone
Debug Output
Operating System
Ubuntu Server 24.04
Version
Checklist
trivy clean --all
Beta Was this translation helpful? Give feedback.
All reactions