Core Track Guardrails-first chapter in core learning path.

Estimated Time

  • Reading: 20-25 min
  • Lab: 45-60 min
  • Quiz: 10-15 min

Prerequisites

Source Code References

  • deployment.yaml Members
  • develop/ Members
  • resourcequota.yaml Members

Sign in to view source code.

What You Will Produce

A reproducible lab result plus quiz verification and incident-safe operating evidence.

Lab Scenarios

  1. OOM Scenario: Intentionally set a very low memory limit for a backend pod and generate traffic. Observe the OOMKilled event and the container restart.
  2. Node Pressure Scenario: Simulate broader node-level contention by running multiple high-memory pods. Observe the difference in eviction behavior between Burstable and Guaranteed workloads.

Core Exercises (Required)

  1. Identify QoS: Use kubectl get pod <pod> -o jsonpath='{.status.qosClass}' to find the QoS class of your running backend and frontend pods.
  2. Check Usage: Use kubectl top pod -n develop to see the actual CPU and memory consumption in the develop namespace.
  3. Verify Quota: Run kubectl get resourcequota -n develop and explain what happens if you try to deploy a pod that exceeds the memory hard limit.

Challenge Exercise (Optional)

Dual Failure Mode Trigger: Trigger both OOMKilled and CPU throttling on the same pod by crafting specific resource limits and load patterns. Document the QoS class assignment and explain the triage sequence for each failure mode.

Done When

You have completed this chapter when:

  • You can explain Burstable vs. Guaranteed vs. BestEffort QoS classes.
  • You have successfully identified an OOMKilled event in a pod’s history.
  • You can verify namespace ResourceQuota and LimitRange enforcement.
  • You understand why Guaranteed QoS is the safest choice for critical production services.

Knowledge Check

Before finishing this chapter, complete the Quiz to verify your understanding of the guardrail principles.