Resource creation forbidden by a ResourceQuota

Q: How to fix Kubernetes ResourceQuotaExceeded Resource creation forbidden by a ResourceQuota?

Check the ResourceQuota and its usage: Describing the quota object shows the defined limits and the current usage for each resource, making it clear which limit was exceeded.

Q: How to fix Kubernetes ResourceQuotaExceeded Resource creation forbidden by a ResourceQuota?

Delete unused resources in the namespace: By removing resources that are no longer needed, you free up quota allocation, which may allow the new resource to be created.

Production Risk

ResourceQuotas can prevent new deployments or scaling, but they are a safeguard against resource exhaustion. A properly configured quota prevents one namespace from impacting the entire cluster.

What this means

An attempt to create a resource (like a pod, service, or PVC) was denied because it would violate a ResourceQuota policy applied to the namespace. Quotas are used to limit resource consumption per namespace.

Why it happens

1Creating a pod would exceed the namespace's CPU or memory quota
2Creating a service would exceed the quota for the number of services
3The sum of resource requests in the namespace has reached its limit

How to reproduce

Creating a new resource fails with a 403 Forbidden error that mentions a resource quota.

trigger — this will error

kubectl apply -f my-pod.yaml

expected output

Error from server (Forbidden): error when creating "my-pod.yaml": pods "my-pod" is forbidden: exceeded quota: my-namespace-quota, requested: pods=1, used: pods=5, limited: pods=5

Fix 1

Check the ResourceQuota and its usage

WHEN To see the limits and current consumption

Check the ResourceQuota and its usage

kubectl describe resourcequota my-namespace-quota --namespace=my-ns

Why this works

Describing the quota object shows the defined limits and the current usage for each resource, making it clear which limit was exceeded.

Fix 2

Delete unused resources in the namespace

WHEN The namespace has old or unnecessary resources consuming the quota

Delete unused resources in the namespace

kubectl delete pod old-pod --namespace=my-ns

Why this works

By removing resources that are no longer needed, you free up quota allocation, which may allow the new resource to be created.

Fix 3

Request an increase in the quota

WHEN The current quota is insufficient for the namespace's needs

Request an increase in the quota

kubectl edit resourcequota my-namespace-quota --namespace=my-ns

Why this works

A cluster administrator can edit the ResourceQuota object to increase the limits for the namespace.

What not to do

✕ Delete the ResourceQuota object

This removes all resource limits for the namespace, which can lead to one team or application consuming an unfair share of cluster resources, potentially starving other critical services.

Sources

Official documentation ↗

k8s.io/kubernetes/plugin/pkg/admission/resourcequota/admission.go

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformKubernetes Pod States & Errors

CodeResourceQuotaExceeded

ClassResource Management

SeverityWARNING

TierCritical

ConfidenceHIGH

← All Kubernetes errors