TF 0256 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
CPU requests not specified
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
Containers are defined without specifying CPU resource requests, preventing Kubernetes from accurately scheduling workloads based on node capacity and resource needs. This can lead to inefficient resource allocation and unpredictable application performance.
Impact
Without explicit CPU requests, pods may be scheduled onto nodes without sufficient resources, causing resource contention, degraded performance, or instability for both the affected pod and other workloads sharing the same node.
Resolution
Set 'containers[].resources.requests.cpu'.