How to Use Kubernetes Namespaces

In order to have a logical separation for different groups of resources, Kubernetes gives us the namespaces feature. It is also convenient when you have a big environment that is managed by multiple users or teams, and each one needs their own “space” for the resources that they are assigned to manage and administer. This is a much better solution than creating numerous Kubernetes clusters just to facilitate different groups of services or deployments, and to isolate teams to their own space.

Each namespace is a separate virtual cluster and, by default, resources in different namespaces are well isolated from each other and cannot talk to each other, but this can be changed by editing various network policies. In general, it is recommended to keep communication between namespaces disabled, in order for resources to stay isolated and more secure by reducing the attack surface.

In this tutorial, we will go over various ways to manage namespaces in Kubernetes on a Linux system. You will learn about kubectl commands that can be used to manage namespaces and see pertinent namespace information. Let’s get started!

In this tutorial you will learn:

  • What are namespaces used for in Kubernetes?
  • How to view information about configured namespaces
  • YAML syntax for creating a Kubernetes namespace
  • How to create or delete a namespace
  • How to add a resource to a namespace in Kubernetes
How to Use Kubernetes Namespaces
How to Use Kubernetes Namespaces
Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Any Linux distro
Software Kubernetes
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

Use Scale Command in Kubernetes



DID YOU KNOW?
Unless you have a relatively large Kubernetes environment which is managed by separate people, or unless you have very a diverse environment that requires some kind of isolation from other resources, it should not be necessary to create any extra namespaces. Kubernetes offers labels if you need a way to group your resources without the need for creating new namespaces.

The examples below assume that you already have your Kubernetes cluster up and running, and have access to the kubectl command.

  1. To view all of the configured namespaces in your Kubernetes cluster, execute this command:
    $ kubectl get namespaces
    NAME              STATUS   AGE
    default           Active   22s
    kube-node-lease   Active   24s
    kube-public       Active   24s
    kube-system       Active   24s
    

    Since we have not configured any extra namespaces yet, the output just shows the four default Kubernetes namespaces:

    default is the namespace that your resources will go into by default, unless otherwise specified.
    kube-node-lease is the namespace for lease objects of each node, which send a heartbeat back to the control plane.
    kube-system is the namespace for any objects that were created by Kubernetes itself.
    kube-public is the namespace for resources that need to be accessible for all users regardless if they are authenticated or not.

  2. To see information about a specific namespace, you can execute:
    $ kubectl get namespaces [name of namespace]
    
  3. The describe argument will give you extra information and details about a namespace you want to investigate:
    $ kubectl describe namespaces [name of namespace]
    
  4. To create a new namespace, we can use the following YAML syntax as a template:
    apiVersion: v1
    kind: Namespace
    metadata:
      name: [name of namespace]

    Then, execute the following command to add it to Kubernetes:



    $ kubectl create -f ./my-new-namespace.yaml
    
  5. Another way is to create the namespace imperatively by using the following kubectl command syntax:
    $ kubectl create namespace [name of namespace]
    
  6. To delete a namespace, we can issue the following command.
    $ kubectl delete namespaces [name of namespace]
    

    Keep in mind that the previous command will also delete all resources that exist under the namespace.

  7. Next, let’s see how to add an object to a namespace. As an example, we will create a new instance of Nginx and add it to the my-servers namespace:
    $ kubectl run --image=nginx nginx-server --port=80 -n=my-servers
    
    We can see that our Nginx pod is inside of the my-servers namespace in Kubernetes
    We can see that our Nginx pod is inside of the my-servers namespace in Kubernetes

Closing Thoughts




In this tutorial, we saw how to use namespaces in Kubernetes on a Linux system. Namespaces are a nice feature that we can use to isolate resources in Kubernetes, without the need to create completely separate clusters. This is handy for large teams that are assigned to manage different parts of the cluster, or when we have a slew of diverse resources that should be isolated and logically separated from each other.



Comments and Discussions
Linux Forum