provisioning/schemas/platform/templates/kubernetes/resource-quota.yaml.ncl

# Kubernetes ResourceQuota for Provisioning Namespace
# Limits total resource consumption per deployment mode
# Mode-specific overrides:
# - Solo: 4 CPU, 8GB RAM, 5 storage, 10 pods max
# - MultiUser: 8 CPU, 16GB RAM, 20 storage, 20 pods max
# - CI/CD: 16 CPU, 32GB RAM, 50 storage, 50 pods max (ephemeral workloads)
# - Enterprise: Unlimited (define via other means)
#
# Usage:
#   nickel eval --format json resource-quota.yaml.ncl | yq -P > resource-quota.yaml
#   kubectl apply -f resource-quota.yaml

{
  apiVersion = "v1",
  kind = "ResourceQuota",
  metadata = {
    name = "provisioning-quota",
    namespace = "provisioning",
    labels = {
      component = "provisioning-platform",
    },
  },
  spec = {
    # Hard limits for resources
    hard = {
      # CPU quota
      "requests.cpu" = "8",        # Total CPU requests
      "limits.cpu" = "16",         # Total CPU limits

      # Memory quota
      "requests.memory" = "16Gi",  # Total memory requests
      "limits.memory" = "32Gi",    # Total memory limits

      # Storage quota
      "requests.storage" = "200Gi", # Total persistent storage requests

      # Pod quota
      pods = "20",                  # Maximum number of pods
      "replicationcontrollers" = "10",  # ReplicationControllers limit
      "deployments.apps" = "10",        # Deployments limit
      "statefulsets.apps" = "5",        # StatefulSets limit
      "jobs.batch" = "10",              # Jobs limit
      "cronjobs.batch" = "5",           # CronJobs limit

      # Service quota
      services = "10",              # Maximum services
      "services.nodeports" = "2",   # Maximum NodePort services

      # Persistent volume claims
      "persistentvolumeclaims" = "20",  # Maximum PVCs

      # Secrets and ConfigMaps
      secrets = "50",               # Maximum secrets
      "configmaps" = "50",          # Maximum ConfigMaps

      # Ingress quota
      "ingresses.networking.k8s.io" = "5",  # Maximum ingresses
    },

    # Scoped quotas (apply only to pods matching scope selectors)
    scopeSelector = {
      matchExpressions = [
        {
          operator = "In",
          scopeName = "PriorityClass",
          values = ["high", "medium"],
        },
      ],
    },
  },
}
chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/ 2026-01-08 09:55:37 +00:00			`# Kubernetes ResourceQuota for Provisioning Namespace`
			`# Limits total resource consumption per deployment mode`
			`# Mode-specific overrides:`
			`# - Solo: 4 CPU, 8GB RAM, 5 storage, 10 pods max`
			`# - MultiUser: 8 CPU, 16GB RAM, 20 storage, 20 pods max`
			`# - CI/CD: 16 CPU, 32GB RAM, 50 storage, 50 pods max (ephemeral workloads)`
			`# - Enterprise: Unlimited (define via other means)`
			`#`
			`# Usage:`
			`# nickel eval --format json resource-quota.yaml.ncl \| yq -P > resource-quota.yaml`
			`# kubectl apply -f resource-quota.yaml`

			`{`
			`apiVersion = "v1",`
			`kind = "ResourceQuota",`
			`metadata = {`
			`name = "provisioning-quota",`
			`namespace = "provisioning",`
			`labels = {`
			`component = "provisioning-platform",`
			`},`
			`},`
			`spec = {`
			`# Hard limits for resources`
			`hard = {`
			`# CPU quota`
			`"requests.cpu" = "8", # Total CPU requests`
			`"limits.cpu" = "16", # Total CPU limits`

			`# Memory quota`
			`"requests.memory" = "16Gi", # Total memory requests`
			`"limits.memory" = "32Gi", # Total memory limits`

			`# Storage quota`
			`"requests.storage" = "200Gi", # Total persistent storage requests`

			`# Pod quota`
			`pods = "20", # Maximum number of pods`
			`"replicationcontrollers" = "10", # ReplicationControllers limit`
			`"deployments.apps" = "10", # Deployments limit`
			`"statefulsets.apps" = "5", # StatefulSets limit`
			`"jobs.batch" = "10", # Jobs limit`
			`"cronjobs.batch" = "5", # CronJobs limit`

			`# Service quota`
			`services = "10", # Maximum services`
			`"services.nodeports" = "2", # Maximum NodePort services`

			`# Persistent volume claims`
			`"persistentvolumeclaims" = "20", # Maximum PVCs`

			`# Secrets and ConfigMaps`
			`secrets = "50", # Maximum secrets`
			`"configmaps" = "50", # Maximum ConfigMaps`

			`# Ingress quota`
			`"ingresses.networking.k8s.io" = "5", # Maximum ingresses`
			`},`

			`# Scoped quotas (apply only to pods matching scope selectors)`
			`scopeSelector = {`
			`matchExpressions = [`
			`{`
			`operator = "In",`
			`scopeName = "PriorityClass",`
			`values = ["high", "medium"],`
			`},`
			`],`
			`},`
			`},`
			`}`