Remove all CPU limits cluster-wide to eliminate CFS throttling

CPU limits cause CFS throttling even when nodes have idle capacity.
Move to a request-only CPU model: keep CPU requests for scheduling
fairness but remove all CPU limits. Memory limits stay (incompressible).

Changes across 108 files:
- Kyverno LimitRange policy: remove cpu from default/max in all 6 tiers
- Kyverno ResourceQuota policy: remove limits.cpu from all 5 tiers
- Custom ResourceQuotas: remove limits.cpu from 8 namespace quotas
- Custom LimitRanges: remove cpu from default/max (nextcloud, onlyoffice)
- RBAC module: remove cpu_limits variable and quota reference
- Freedify factory: remove cpu_limit variable and limits reference
- 86 deployment files: remove cpu from all limits blocks
- 6 Helm values files: remove cpu under limits sections

stacks/osm_routing/main.tf

@@ -10,7 +10,24 @@ resource "kubernetes_namespace" "osm-routing" {
     name = "osm-routing"
     labels = {
       "istio-injection" : "disabled"
-      tier = local.tiers.aux
+      tier                               = local.tiers.aux
+      "resource-governance/custom-quota" = "true"
+    }
+  }
+}
+
+resource "kubernetes_resource_quota_v1" "osm_routing" {
+  metadata {
+    name      = "tier-quota"
+    namespace = kubernetes_namespace.osm-routing.metadata[0].name
+  }
+  spec {
+    hard = {
+      "requests.cpu"    = "4"
+      "requests.memory" = "6Gi"
+      "limits.cpu"      = "16"
+      "limits.memory"   = "16Gi"
+      pods              = "20"
     }
   }
 }
@@ -77,7 +94,6 @@ resource "kubernetes_deployment" "osrm-foot" {
               memory = "256Mi"
             }
             limits = {
-              cpu    = "100m"
               memory = "1Gi"
             }
           }
@@ -158,7 +174,6 @@ resource "kubernetes_deployment" "osrm-bicycle" {
               memory = "256Mi"
             }
             limits = {
-              cpu    = "100m"
               memory = "1Gi"
             }
           }
@@ -235,16 +250,15 @@ resource "kubernetes_deployment" "otp" {
           }
           env {
             name  = "JAVA_TOOL_OPTIONS"
-            value = "-Xmx1536m"
+            value = "-Xmx3g"
           }
           resources {
             requests = {
               cpu    = "100m"
-              memory = "1Gi"
+              memory = "2Gi"
             }
             limits = {
-              cpu    = "2"
-              memory = "2Gi"
+              memory = "4Gi"
             }
           }
         }

stacks/osm_routing/providers.tf

@@ -2,7 +2,6 @@
 variable "kube_config_path" {
   type    = string
   default = "~/.kube/config"
-  sensitive = true
 }
 
 provider "kubernetes" {