Merge pull request 'feat: added default resource limit and request to k8s tenant' (#75) from feat/tenant_limit_range into master

Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/75 Reviewed-by: taha <taha@noreply.git.nationtech.io>
2025-07-02 18:55:04 +00:00 · 2025-07-02 18:55:04 +00:00 · 286460d59e
commit 286460d59e
parent 197770a603 4baa3ae707
1 changed files with 42 additions and 1 deletions
--- a/harmony/src/domain/topology/tenant/k8s.rs
+++ b/harmony/src/domain/topology/tenant/k8s.rs
@ -8,7 +8,7 @@ use async_trait::async_trait;
 use derive_new::new;
 use k8s_openapi::{
    api::{
-        core::v1::{Namespace, ResourceQuota},
+        core::v1::{LimitRange, Namespace, ResourceQuota},
        networking::v1::{
            NetworkPolicy, NetworkPolicyEgressRule, NetworkPolicyIngressRule, NetworkPolicyPort,
        },
@ -132,6 +132,43 @@ impl K8sTenantManager {
        })
    }

+    fn build_limit_range(&self, config: &TenantConfig) -> Result<LimitRange, ExecutorError> {
+        let limit_range = json!({
+          "apiVersion": "v1",
+          "kind": "LimitRange",
+          "metadata": {
+            "name": format!("{}-defaults", config.name),
+            "labels": {
+              "harmony.nationtech.io/tenant.id": config.id.to_string(),
+              "harmony.nationtech.io/tenant.name": config.name,
+            },
+            "namespace": self.get_namespace_name(config),
+          },
+          "spec": {
+            "limits": [
+              {
+                "type": "Container", 
+                "default": {
+                  "cpu": "500m",
+                  "memory": "500Mi"
+                },
+                "defaultRequest": {
+                  "cpu": "100m",
+                  "memory": "100Mi"
+                },
+              }
+            ]
+          }
+        });
+
+        serde_json::from_value(limit_range).map_err(|e| {
+            ExecutorError::ConfigurationError(format!(
+                "Could not build TenantManager LimitRange. {}",
+                e
+            ))
+        })
+    }
+
    fn build_network_policy(&self, config: &TenantConfig) -> Result<NetworkPolicy, ExecutorError> {
        let network_policy = json!({
          "apiVersion": "networking.k8s.io/v1",
@ -328,6 +365,7 @@ impl TenantManager for K8sTenantManager {
        let namespace = self.build_namespace(config)?;
        let resource_quota = self.build_resource_quota(config)?;
        let network_policy = self.build_network_policy(config)?;
+        let resource_limit_range = self.build_limit_range(config)?;

        self.ensure_constraints(&namespace)?;

@ -337,6 +375,9 @@ impl TenantManager for K8sTenantManager {
        debug!("Creating resource_quota for tenant {}", config.name);
        self.apply_resource(resource_quota, config).await?;

+        debug!("Creating limit_range for tenant {}", config.name);
+        self.apply_resource(resource_limit_range, config).await?;
+
        debug!("Creating network_policy for tenant {}", config.name);
        self.apply_resource(network_policy, config).await?;