ruk·si

☸️ Kubernetes
Namespaces

Updated at 2018-12-31 02:47

Namespaces represent multiple virtual clusters inside a single physical cluster. If your cluster only a few trusted users, you probably don't need namespaces as namespaces are mainly a way to divide cluster resources and limit access between multiple groups.

Prefer labels to distinguish similar resources within a namespace. Use labels for e.g. different versions of the same software. Don't use annotations for that as you can't select resources based on those.

Objects without a namespace will get assigned to default namespace.

# list namespaces
kubectl get namespaces
NAME          STATUS    AGE
default       Active    1d
kube-system   Active    1d
kube-public   Active    1d

Object names must unique inside a namespace, not cluster. So you can have nginx pod multiple times in a cluster but they have to be in separate namespaces.

Namespaces might make API usage complex so avoid them if not required.

kubectl --namespace=my-namespace run nginx --image=nginx
kubectl --namespace=my-namespace get pods

# but you can make it easier for a single session
kubectl config set-context $(kubectl config current-context) --namespace=my-namespace
kubectl config view | grep namespace:

You can use dot notation to reach services in other namespaces. Assume we have service foo in a namespace aaa. Pods in aaa reach the service with a simple foo DNS query. Pods in other namespaces have to use aaa.foo.

Low-level objects are not in any namespace. For example nodes and persistent volumes are not in any namespace.

Sources