# Goldilocks — Right-Size Kubernetes Resource Requests > Goldilocks is a Kubernetes utility by Fairwinds that uses the Vertical Pod Autoscaler to generate resource request and limit recommendations, helping teams optimize costs and prevent OOM kills. ## Install Save in your project root: # Goldilocks — Right-Size Kubernetes Resource Requests ## Quick Use ```bash # Install via Helm helm repo add fairwinds-stable https://charts.fairwinds.com/stable helm install goldilocks fairwinds-stable/goldilocks --namespace goldilocks --create-namespace # Label a namespace to enable recommendations kubectl label namespace default goldilocks.fairwinds.com/enabled=true ``` ## Introduction Goldilocks creates VPA (Vertical Pod Autoscaler) objects for workloads in labeled namespaces, then presents the resulting resource recommendations through a web dashboard. It helps teams find the right CPU and memory requests — not too high (wasting money), not too low (risking OOM kills). ## What Goldilocks Does - Automatically creates VPA objects in recommend-only mode for labeled namespaces - Collects CPU and memory recommendations from VPA for each container - Displays recommendations in a web dashboard organized by namespace and workload - Highlights over-provisioned and under-provisioned containers - Supports both guaranteed and burstable QoS class recommendations ## Architecture Overview Goldilocks consists of two components: a controller that watches namespaces for the enabled label and creates corresponding VPA objects in recommendation mode, and a dashboard that reads VPA status recommendations and renders them in a web UI. The VPA recommender (installed separately) analyzes historical resource usage from metrics-server to produce the actual recommendations. ## Self-Hosting & Configuration - Deploy via Helm chart with the VPA recommender as a prerequisite - Label namespaces with goldilocks.fairwinds.com/enabled=true to opt in - Exclude specific workloads with goldilocks.fairwinds.com/enabled=false labels - Access the dashboard via port-forward or Ingress on port 8080 - Configure the controller to use existing VPA objects instead of creating new ones ## Key Features - Namespace-scoped opt-in via labels for gradual rollout - Dashboard shows lower bound, target, upper bound, and uncapped recommendations - Works in recommend-only mode: never changes running workloads - Compatible with any Kubernetes cluster running VPA and metrics-server - Low overhead: the controller is lightweight and the dashboard is read-only ## Comparison with Similar Tools - **VPA (standalone)** — provides recommendations via kubectl; Goldilocks adds a visual dashboard and namespace automation - **Kubecost** — full cost monitoring platform; Goldilocks focuses specifically on resource right-sizing - **KRR (Robusta)** — CLI-based recommendation tool using Prometheus; Goldilocks uses VPA and provides a web dashboard - **Keda** — event-driven horizontal scaling; Goldilocks recommends vertical resource sizing - **Requests Advisor (Sysdig)** — commercial right-sizing feature; Goldilocks is open source and self-hosted ## FAQ **Q: Does Goldilocks change my resource requests automatically?** A: No. Goldilocks runs VPA in recommend-only mode. You review and apply recommendations manually. **Q: Do I need VPA installed first?** A: Yes. Goldilocks requires the VPA recommender component to generate resource recommendations. **Q: How long before recommendations stabilize?** A: VPA typically needs several days of metrics history to produce stable recommendations. Initial estimates appear within hours. **Q: Can I use Goldilocks without the dashboard?** A: Yes. The controller creates VPA objects whose recommendations you can read via kubectl get vpa. ## Sources - https://github.com/FairwindsOps/goldilocks - https://goldilocks.docs.fairwinds.com --- Source: https://tokrepo.com/en/workflows/b5f41445-3c0d-11f1-9bc6-00163e2b0d79 Author: AI Open Source