PREQUEL-2025-0114

Kubernetes Deployment Memory Requests MissingMedium

PREQUEL-2025-0114View on GitHub

KubernetesDeploymentMemory Requestsresource-managementSchedulingOOM

Description

• Detects Kubernetes Deployment resources without memory requests configured on containers.
• Monitors deployment specifications where containers lack proper memory request definitions.
• Identifies resource management violations that can lead to poor scheduling decisions.
• Tracks deployments that may cause memory pressure and OOM conditions.

Cause

• Deployment manifests created without proper memory request specifications.
• Development teams unaware of application memory requirements.
• CI/CD pipelines deploying applications without memory planning.
• Helm charts or templates missing default memory request configurations.
• Legacy applications migrated without proper resource analysis.
• Infrastructure automation scripts lacking memory request validation.

Mitigation

• Implement admission controllers to enforce memory request requirements on deployments.
• Establish baseline memory request values based on application profiling.
• Integrate memory validation into CI/CD pipelines before deployment.
• Use application performance monitoring to determine appropriate memory requests.

References

• https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
• https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/
• https://kubernetes.io/docs/concepts/scheduling-eviction/resource-bin-packing/