|
|
|
|
|
|
by xyst
561 days ago
|
|
|
Mostly for easier segregation of workloads. Some of the IoT shit that runs on this cluster I segment it off through k8s and network policies. Also most workloads wouldn’t need to use all cores or memory on that machine (one machine has 128G) |
|
|
Depending on your threat model that could make sense.
> Also most workloads wouldn’t need to use all cores or memory on that machine (one machine has 128G)
What? Limiting CPU or memory use of a pod is one of kubernetes' core competencies; just tell it what each thing needs and it handles all that for you.