Quota on nodeports service affects creation of clusterip service

Cluster information:

Kubernetes version: 1.19.4
Cloud being used: bare-metal
Installation method: in-house scripts for prod cluster, minikube for test
Host OS: CoreOS in prod, whatever OS minikube uses by default
CNI and version: not sure
CRI and version: not sure


Hi k8s api folks,

I have question about quota in k8s.

Having 2 services of type nodeports I do set a hard quota limiting services.nodeports to 0.
Then I’m failing to create clusterip service with error:

$ k create svc clusterip cip --tcp=1234:1234
Error from server (Forbidden): services "cip" is forbidden: exceeded quota: default-quota, requested: services.nodeports=0, used: services.nodeports=2, limited: services.nodeports=0

Do I understand right that the creation of clusterip service requires 0 services of nodeports, therefore in total, taking in account 2 already existed, I exceed the quota?

Might it be a bug or it’s expected behavior?
If expected, may you explain why clusterip requires 0 nodeports?

This sounds wrong - can you file a github issue, ideally with full YAML of all services and quotas, so we can reproduce it?

Yup, here it is