Kubernetes v1.36 Enhances Pod Resource Management with Beta In-Place Vertical Scaling

Introduction

The Kubernetes community continues to refine resource management capabilities for complex workloads. Following the graduation of Pod-Level Resources to Beta in v1.34 and the General Availability (GA) of In-Place Pod Vertical Scaling in v1.35, version 1.36 brings another milestone: In-Place Pod-Level Resources Vertical Scaling is now Beta and enabled by default. This feature allows users to dynamically adjust the aggregate resource budget of a running Pod, often without restarting any containers.

Why Pod-Level In-Place Resize Matters

Modern Pods often include multiple containers, such as sidecars for logging or service meshes. Managing individual container resource limits can become cumbersome. The Pod-level resource model simplifies this by allowing containers to share a collective pool of CPU and memory. With v1.36, you can now adjust this aggregate boundary on-the-fly, eliminating the need for manual per-container recalculations—especially useful during traffic spikes.

For containers without individual limits, their effective boundaries automatically scale to fit the new Pod-level dimensions, ensuring a seamless expansion of the shared pool.

How It Works: Resource Inheritance and Resize Policy

When a Pod-level resize is initiated, the Kubelet treats the change as a resize event for every container that inherits its limits from the Pod-level budget. To decide whether a container restart is necessary, the Kubelet checks the resizePolicy defined within each container:

• Non-disruptive updates: If a container's restartPolicy is set to NotRequired, the Kubelet attempts to update the cgroup limits dynamically via the Container Runtime Interface (CRI). No restart needed.
• Disruptive updates: If set to RestartContainer, the container will be restarted to safely apply the new aggregate boundary.

It is important to note that currently, resizePolicy is not supported at the Pod level. The Kubelet always defers to individual container settings to determine the update method.

Real-World Example: Scaling a Shared Resource Pool

Consider a Pod with a 2 CPU Pod-level limit. Containers inside have no individual limits, so they share the total pool.

Initial Pod Specification

apiVersion: v1
kind: Pod
metadata:
  name: shared-pool-app
spec:
  resources:
    limits:
      cpu: "2"
      memory: "4Gi"
  containers:
  - name: main-app
    image: my-app:v1
    resizePolicy:
    - resourceName: "cpu"
      restartPolicy: "NotRequired"
  - name: sidecar
    image: logger:v1
    resizePolicy:
    - resourceName: "cpu"
      restartPolicy: "NotRequired"

The Resize Operation

To double the CPU capacity to 4 CPUs, apply a patch using the resize subresource:

kubectl patch pod shared-pool-app --subresource resize --patch \
  '{"spec":{"resources":{"limits":{"cpu":"4"}}}}'

Because both containers have restartPolicy: NotRequired for CPU, the Kubelet applies the new 4-CPU limit without restarting either container.

Node-Level Reality: Feasibility and Safety Checks

Applying a resize patch is only the first step. The Kubelet performs several checks to ensure node stability:

1. Capacity verification: The Kubelet checks if the node has enough unallocated resources to accommodate the new Pod-level budget. If not, the resize request is rejected.
2. Container cgroup updates: For containers with NotRequired policy, the Kubelet directly updates cgroup limits via CRI. If any CRI call fails, the Kubelet falls back to a disruptive approach or reports an error.
3. Resource reclamation: After updating cgroups, the Kubelet monitors that containers do not exceed the new limits. If a container attempts to use more than allocated, it may be throttled or OOM-killed as per standard Kubernetes behavior.
4. Status reporting: The Kubelet updates the Pod's status at .status.resize to reflect the current resize state (e.g., InProgress, Succeeded, Failed).

These checks ensure that in-place scaling does not compromise the overall stability of the node or other workloads.

Benefits and Use Cases

• Reduced downtime: Non-disruptive updates for containers that support it mean fewer restarts during resource adjustments.
• Simplified management: Operators no longer need to recalculate individual container limits when scaling the entire Pod.
• Better responsiveness: During traffic surges, Pod-level resources can be expanded instantly, allowing sidecar-heavy Pods to handle increased load.

Conclusion

The Beta graduation of In-Place Pod-Level Resources Vertical Scaling in Kubernetes v1.36 marks a significant step forward in resource flexibility. By enabling dynamic, non-disruptive resizing of shared resource pools, this feature empowers operators to build more resilient and efficient clusters. For more details, refer to the official Kubernetes documentation on resource management.