To prevent system capacities from being exhausted, you can set up quotas. Quotas are operational limits. For example, the number of gigabytes allowed for each project can be controlled so that cloud resources are optimized. Quotas can be enforced at both the tenant (or project) and the tenant-user level.
Using the Dashboard, you can view default Compute and Block Storage quotas for new tenants, as well as update quotas for existing tenants.
The following table describes the standard set of project quotas:
- Gigabytes / gigabytes - Total size of all volumes (root disks and additional volumes) in a tenant.
- Floating IPs / floating_ips - Total number of floating IP addresses available in a tenant. (Please note: The floating IP value shown in the dashboard is the current number remaining in the quota, not the total number of floating IPs available to the cloud. Therefore it is possible to have a quota which allows more floating IPs than are actually available in the system.)
- Fixed IPs - IP addresses allowed to be assigned to each instance for each project. We recommend that it be set to -1.
- Injected File Content Bytes / injected_file_content_bytes - Amount of data that can be passed via cloud-init in a single injected file.
- Injected Files / injected_files - Maximum number of injected files that can be passed to a single instance.
- Instances / instances - Number of instances that can be launched in a tenant.
- Keypairs - Number of key pairs allowed.
- Metadata Items / metadata_items - Number of metadata items (key value pairs) that can be passed at instance creation.
- RAM (in MB) / Ram / ram - Total memory available to assign to instances.
- Security Groups / security_groups - Number of security groups that can be configured in a tenant.
- Security Group Rules / security_group_rules - Number of individual rules that can be added to a single security group.
- Snapshots - Volume snapshots allowed for each project.
- VCPUs / Cores / cores - Number of virtual CPUs that can be allocated to instances.
- Volumes / volumes - Number of volumes that can be created in a tenant.
Note: A quota that has a limit value of -1 means that the quota is unlimited.
Default Project Quotas
When a new tenant is created, it inherits a set of default values for each quota. You may view the default quotas for your environment via the dashboard in the Admin -> Defaults tab, or by running nova quota-defaults from the command line.
The default quotas are not user-configurable. If you wish the defaults for your environment to be changed, please open a support case and we will modify the defaults on your behalf.
Quotas may be modified for tenants via the dashboard, command line, or API.
Currently the command line and API both offer the full range of quota values for modification, while the dashboard allows the modification of all but two quota values: security_groups and security_group_rules.
In the dashboard, quotas can be modified from the Admin -> Defaults tab. You may simply select Modify Quotas to update project quotas. From the command line, you may use the nova quota-update command. For further details, you may run the nova help quota-update command.
Note: The dashboard may not show all possible project quotas. To view and update the quotas for a service, use its command-line client. For example:
$ nova quota-defaults +-----------------------------+-------+ | Property | Value | +-----------------------------+-------+ | metadata_items | 128 | | injected_file_content_bytes | 10240 | | ram | 51200 | | floating_ips | 10 | | key_pairs | 100 | | instances | 10 | | security_group_rules | 20 | | injected_files | 5 | | cores | 20 | | fixed_ips | -1 | | injected_file_path_bytes | 255 | | security_groups | 10 | +-----------------------------+-------+
For example, to update a default value for a project:
$ nova quota-class-update default --instances 15