Page MenuHomePhabricator
Create Task
Maniphest T306324

Consider improving quota workflow
Closed, ResolvedPublic
Actions

Description

The current restrictive quotas combined with the slow, manual, quota increase workflow as described in https://phabricator.wikimedia.org/project/view/4834/ is not well suited for a platform which is used by volunteers to build tools.

These volunteers will typically build these tools in their free time, and "please fill a form and wait for a week" will lead to tools not being built, or tools circumventing the quotas (e.g. by creating a second tool account).
In my case, this was the first weekend where I had time to look at migrating tools to Kubernetes in the last 2 months, and I won't have much time in the upcoming weekends. The low 'deployments.apps' quota (T306322) and server ulimits (T306307) were a significant hindrance to moving wikibugs over.

Two suggested alternative approaches:

  • Lenient quotas with monitoring -- increase all quotas by 10x and manually reach out to maintainers when they use more than the current quota.
  • Self-service quota increase with manual verification afterwards

Related Objects

Event Timeline

valhallasw created this task.Apr 17 2022, 8:16 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 17 2022, 8:16 PM
taavi added a project: cloud-services-team (Kanban).Apr 17 2022, 8:33 PM
taavi moved this task from Inbox to Needs discussion on the cloud-services-team (Kanban) board.
taavi subscribed.Apr 17 2022, 8:52 PM

Indeed the default CPU quota seems very low (2.0 for both requests and limits). I'd be in favour of a much higher default limits (ideally double the requests). For context, webservices default to 0.15 requests / 0.5 limits and toolforge-jobs defaults to 0.25 / 0.5. We didn't for some reason raise that one when reviewing the quotas for initial toolforge-jobs use.

nskaggs subscribed.May 2 2022, 7:53 PM

@valhallasw Sorry to hear you ran into limitations during your migration! We can consider revising the default. What level would have worked for you?

@Majavah It sounds like you are suggesting defaults of:

1 CPU and 1G by default per container, user expandable to up to 2 CPU and 8G of memory

Do I have this correct?

Andrew subscribed.Jul 27 2022, 3:42 PM
Andrew added a comment.Aug 10 2022, 3:34 PM

It's great to hear from you, @valhallasw ! We discussed this in our weekly meeting today. The general consensus is that users almost /never/ hit our (admittedly low) default quotas, and that the low quotas have the advantage of making us a very unappealing target for potential abuse (e.g. coin miners).

The good news is that the quota approval process has been streamlined recently, so typically it only takes a day or two to get a quota bump. We're updating the docs to reflect this, and I'd also encourage people to just yell for help on IRC if they're impatient and/or blocked for lack of headroom.

nskaggs moved this task from Needs discussion to Graveyard on the cloud-services-team (Kanban) board.Nov 23 2022, 4:46 PM
fnegri edited projects, added cloud-services-team; removed cloud-services-team (Kanban).Jan 18 2023, 6:53 PM
fnegri moved this task from Kanban to Graveyard on the cloud-services-team board.
fnegri moved this task to Inbox on the cloud-services-team board.Jan 18 2023, 9:58 PM
bd808 mentioned this in T362520: [maintain-kubeusers] Increment default services quota.May 14 2024, 4:38 PM
aborrero closed this task as Resolved.Sep 4 2024, 2:42 PM
aborrero claimed this task.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits