Autoscaling beginner β± 15 minutes K8s 1.28+
Goldilocks VPA Dashboard for Resource Optimization
Deploy Goldilocks to visualize VPA recommendations across all workloads and identify over-provisioned or under-provisioned containers with actionable
By Luca Berton β’ β’ π 5 min read
π‘ Quick Answer: Goldilocks creates VPA objects for every Deployment in labeled namespaces and provides a dashboard showing βjust rightβ resource recommendations β identifying which containers are over-provisioned (wasting money) or under-provisioned (risking OOM).
The Problem
- You have 200+ Deployments β which ones are over/under-provisioned?
- VPA recommendations exist but nobody reads
kubectl describe vpafor each one - Need a visual dashboard for platform teams to review resource efficiency
- Want to identify quick wins (containers requesting 4Gi but using 200Mi)
The Solution
Install Goldilocks
helm repo add fairwinds-stable https://charts.fairwinds.com/stable
helm install goldilocks fairwinds-stable/goldilocks \
--namespace goldilocks --create-namespace \
--set dashboard.enabled=true \
--set vpa.enabled=trueEnable for Namespaces
# Label namespaces to enable Goldilocks analysis
kubectl label namespace default goldilocks.fairwinds.com/enabled=true
kubectl label namespace production goldilocks.fairwinds.com/enabled=true
kubectl label namespace staging goldilocks.fairwinds.com/enabled=true
# Goldilocks auto-creates VPA (mode=Off) for every Deployment in labeled namespacesAccess Dashboard
# Port-forward to dashboard
kubectl port-forward -n goldilocks svc/goldilocks-dashboard 8080:80
# Or expose via Ingress
kubectl apply -f - << 'INGRESS'
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: goldilocks
namespace: goldilocks
spec:
rules:
- host: goldilocks.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: goldilocks-dashboard
port:
number: 80
INGRESSDashboard Shows Per-Container
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Namespace: production β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Deployment: api-server β
β βββββββββββββββ¬βββββββββββ¬βββββββββββ¬βββββββββββ¬ββββββββββββββ β
β β Container β Current β Lower β Target β Upper β β
β βββββββββββββββΌβββββββββββΌβββββββββββΌβββββββββββΌββββββββββββββ€ β
β β api (CPU) β 1000m β 50m β 150m β 500m β β
β β api (Mem) β 2Gi β 128Mi β 256Mi β 1Gi β β
β β β OVER-PROVISIONED: saving 850m CPU, 1.75Gi memory β β
β βββββββββββββββΌβββββββββββΌβββββββββββΌβββββββββββΌββββββββββββββ€ β
β β sidecar β 100m β 10m β 25m β 100m β β
β βββββββββββββββ΄βββββββββββ΄βββββββββββ΄βββββββββββ΄ββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Deployment: worker β
β βββββββββββββββ¬βββββββββββ¬βββββββββββ¬βββββββββββ¬ββββββββββββββ β
β β worker(CPU) β 200m β 300m β 800m β 2000m β β
β β worker(Mem) β 512Mi β 1Gi β 2Gi β 4Gi β β
β β β UNDER-PROVISIONED: needs 600m more CPU, 1.5Gi more RAM β β
β βββββββββββββββ΄βββββββββββ΄βββββββββββ΄βββββββββββ΄ββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββExport Recommendations as YAML
# Get all VPA recommendations programmatically
kubectl get vpa -n production -o json | jq '
.items[] |
{
deployment: .spec.targetRef.name,
containers: [.status.recommendation.containerRecommendations[] |
{
name: .containerName,
target_cpu: .target.cpu,
target_memory: .target.memory,
current_cpu: .lowerBound.cpu,
upper_cpu: .upperBound.cpu
}
]
}
'Common Issues
No recommendations showing
- Cause: VPA needs 24-48h of metrics; or metrics-server not installed
- Fix: Wait; verify
kubectl top podsworks
Dashboard shows βNo dataβ
- Cause: Namespace not labeled
- Fix:
kubectl label ns <name> goldilocks.fairwinds.com/enabled=true
Best Practices
- Enable on all non-system namespaces β comprehensive visibility
- Review weekly β top 10 over-provisioned workloads = quick cost wins
- Apply βTargetβ recommendations β balanced between lower/upper bound
- Combine with VPA Auto β Goldilocks shows, VPA applies
- Track savings β before/after resource reduction per namespace
Key Takeaways
- Goldilocks = VPA recommendations + web dashboard (visual)
- Label namespaces to enable; auto-creates VPA objects per Deployment
- Shows current vs recommended resources per container
- Identifies over-provisioned (wasting money) and under-provisioned (risking OOM)
- Typical finding: 40-60% of cluster resources are over-provisioned
- Use βTargetβ column as the recommended right-size value
- Apply recommendations gradually; monitor for OOM/throttling after changes
Recommended
Kubernetes Recipes β The Complete Book100+ production-ready patterns with detailed explanations, best practices, and copy-paste YAML. Everything in one place.
Get the Book βπ
Learn by Doing
CopyPasteLearn β Hands-on Cloud & DevOps CoursesMaster Kubernetes, Ansible, Terraform, and MLOps with interactive, copy-paste-run lessons. Start free.
Browse Courses β#goldilocks #vpa #cost-optimization #resource-management #dashboard
π Deepen Your Skills β Hands-on Courses
Courses by CopyPasteLearn.com β Learn IT by Doing
Want More Kubernetes Recipes?
This recipe is from Kubernetes Recipes, our 750-page practical guide with hundreds of production-ready patterns.