Add configurable resource requests/limits for the controller#783
Open
kelos-bot[bot] wants to merge 2 commits intomainfrom
Open
Add configurable resource requests/limits for the controller#783kelos-bot[bot] wants to merge 2 commits intomainfrom
kelos-bot[bot] wants to merge 2 commits intomainfrom
Conversation
Remove hardcoded resource limits from the controller deployment and add --controller-resource-requests and --controller-resource-limits flags to kelos install, allowing users to set controller resources as needed. By default no resources are set, avoiding OOM kills from the previous 128Mi memory limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-actions
bot
added
needs-triage
needs-kind
kelos-bot
bot
added
kind/feature
gjkim42
reviewed
Mar 24, 2026
Collaborator
gjkim42
left a comment
gjkim42
left a comment
There was a problem hiding this comment.
It shouldn't be changed in deploy-to-dev workflow.
/kelos pick-up
Author
|
🤖 Kelos Task Status Task |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
3 issues found across 5 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="internal/cli/install_test.go">
<violation number="1" location="internal/cli/install_test.go:587">
P2: The new “no controller resources by default” tests only check old limit defaults and miss old request defaults, leaving a regression gap for default requests still being rendered.
(Based on your team's feedback about adding tests for new behavior.) [FEEDBACK_USED]</violation>
<violation number="2" location="internal/cli/install_test.go:607">
P2: The CPU limit assertion is too broad: `"cpu: 1"` matches the request value `"cpu: 100m"`, so this test can pass when controller CPU limits are not rendered.</violation>
</file>
<file name="internal/manifests/charts/kelos/templates/deployment.yaml">
<violation number="1" location="internal/manifests/charts/kelos/templates/deployment.yaml:103">
P1: Trim whitespace from the split key and value to prevent invalid YAML indentation if users include spaces after commas. (Apply this fix to both the limits and requests blocks).</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| memory: 128Mi | ||
| {{- range splitList "," .Values.controllerResourceLimits }} | ||
| {{- $kv := splitList "=" . }} | ||
| {{ index $kv 0 }}: {{ index $kv 1 }} |
There was a problem hiding this comment.
P1: Trim whitespace from the split key and value to prevent invalid YAML indentation if users include spaces after commas. (Apply this fix to both the limits and requests blocks).
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At internal/manifests/charts/kelos/templates/deployment.yaml, line 103:
<comment>Trim whitespace from the split key and value to prevent invalid YAML indentation if users include spaces after commas. (Apply this fix to both the limits and requests blocks).</comment>
<file context>
@@ -94,10 +94,20 @@ spec:
- memory: 128Mi
+ {{- range splitList "," .Values.controllerResourceLimits }}
+ {{- $kv := splitList "=" . }}
+ {{ index $kv 0 }}: {{ index $kv 1 }}
+ {{- end }}
+ {{- end }}
</file context>
Suggested change
| {{ index $kv 0 }}: {{ index $kv 1 }} | |
| {{ trim (index $kv 0) }}: {{ trim (index $kv 1) }} |
| if !bytes.Contains(data, []byte("memory: 256Mi")) { | ||
| t.Error("expected memory: 256Mi in rendered output for controller requests") | ||
| } | ||
| if !bytes.Contains(data, []byte("cpu: 1")) { |
There was a problem hiding this comment.
P2: The CPU limit assertion is too broad: "cpu: 1" matches the request value "cpu: 100m", so this test can pass when controller CPU limits are not rendered.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At internal/cli/install_test.go, line 607:
<comment>The CPU limit assertion is too broad: `"cpu: 1"` matches the request value `"cpu: 100m"`, so this test can pass when controller CPU limits are not rendered.</comment>
<file context>
@@ -537,8 +537,98 @@ func TestInstallCommand_NoTokenRefresherResourcesByDefault(t *testing.T) {
+ if !bytes.Contains(data, []byte("memory: 256Mi")) {
+ t.Error("expected memory: 256Mi in rendered output for controller requests")
+ }
+ if !bytes.Contains(data, []byte("cpu: 1")) {
+ t.Error("expected cpu: 1 in rendered output for controller limits")
+ }
</file context>
Suggested change
| if !bytes.Contains(data, []byte("cpu: 1")) { | |
| if !bytes.Contains(data, []byte("cpu: 1\n")) { |
| }) | ||
|
|
||
| // With no flags, no resources block should be rendered for the controller | ||
| if strings.Contains(output, "cpu: 500m") { |
There was a problem hiding this comment.
P2: The new “no controller resources by default” tests only check old limit defaults and miss old request defaults, leaving a regression gap for default requests still being rendered.
(Based on your team's feedback about adding tests for new behavior.)
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At internal/cli/install_test.go, line 587:
<comment>The new “no controller resources by default” tests only check old limit defaults and miss old request defaults, leaving a regression gap for default requests still being rendered.
(Based on your team's feedback about adding tests for new behavior.) </comment>
<file context>
@@ -537,8 +537,98 @@ func TestInstallCommand_NoTokenRefresherResourcesByDefault(t *testing.T) {
+ })
+
+ // With no flags, no resources block should be rendered for the controller
+ if strings.Contains(output, "cpu: 500m") {
+ t.Error("expected no hardcoded cpu: 500m when controller resources not set")
+ }
</file context>
Preserve the previous default controller resources in the dev deployment now that hardcoded defaults have been removed from the Helm chart. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Author
|
/kelos needs-input All review feedback was addressed in previous commits. Ready for re-review. Changes made:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind feature
What this PR does / why we need it:
Adds
--controller-resource-requestsand--controller-resource-limitsflags tokelos install, allowing users to configure CPU and memory resources for the controller container. The previously hardcoded resource limits (cpu: 500m / memory: 128Milimits,cpu: 10m / memory: 64Mirequests) have been removed as defaults, since the low memory limit was causing OOM kills in real workloads.Users who want to set resources can now use:
GitOps/Helm users can set
controllerResourceRequestsandcontrollerResourceLimitsin their values override.The deploy-to-dev workflow has been updated to explicitly pass the previous default values so that dev environment behavior is preserved.
Fixes #779
Which issue(s) this PR is related to:
Fixes #779
Special notes for your reviewer:
The maintainer noted that setting resource limits by default may be a bad idea (similar to how linkerd/cilium handle control plane resources). This PR removes the hardcoded defaults entirely — when no flags are provided, no
resources:block is rendered in the deployment. Users can opt-in to resource constraints via the new CLI flags or Helm values.The deploy-to-dev workflow was updated to explicitly set controller resources (matching the previous hardcoded defaults) so that dev deployments are unaffected.
Does this PR introduce a user-facing change?