bookmark_borderNamespace in Kubernetes

Kubernetes namespaces help different projects, teams, or customers to share a Kubernetes cluster.

We create Kubernetes objects such as pods, deployments, services, and etc in our cluster. Whatever we have been doing within a namespace.

The default namespace is automatically created Kubernetes when the cluster is first set up.

Kubernetes creates a set of pods and services for its internal purpose such as those required by the networking solution. The DNS Service etc. To isolate these from the user and to prevent you from accidentally deleting or modifying these services Kubernetes creates them under another namespace created that cluster startup named kube-system. Also, Kubernetes automatically creates that is called kube-public this is where resources that should be made available to all users are created.

Show all the pods in default namespace

$ kubectl get pods -n default
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          15s

Show all the pods in kube-system namespace

$ kubectl get pods -n kube-system
NAME                                 READY   STATUS    RESTARTS   AGE
coredns-f9fd979d6-wtk5k              1/1     Running   2          8d
coredns-f9fd979d6-x5zxv              1/1     Running   2          8d
etcd-kubemaster                      1/1     Running   2          8d
kube-apiserver-kubemaster            1/1     Running   2          8d
kube-controller-manager-kubemaster   1/1     Running   2          8d
kube-proxy-jnf5q                     1/1     Running   2          8d
kube-proxy-m9krm                     1/1     Running   2          8d
kube-proxy-zfbsh                     1/1     Running   2          8d
kube-scheduler-kubemaster            1/1     Running   2          8d
weave-net-g4l7r                      2/2     Running   6          8d
weave-net-skdlq                      2/2     Running   7          8d
weave-net-xg67h                      2/2     Running   7          8d

Kubernetes cluster for enterprise or production purposes you want to consider the use of namespace.

You can create your own namespaces as well.

Each of these namespaces can have its own set of policies that define who can do what. You can also assign quota of resources to each of these namespaces that each namespace is guaranteed a certain amount and does not use more than it is allowed.

The app-pod in the default namespace can connect mongdb-pod in the default namespace with mongdb-pod, However, if the app-pod in the default namespace want to connect mongdb-pod in the production namespace, the format is mongo-pod.production.svc.cluster.local. you are able to do this because when the service is created a DNS entry is added automatically in this format looking closely at the DNS name of the service.

  1. cluster.local in mongo-pod.production.svc.cluster.local is the default domain name of Kubernetes cluster
  2. svc in mongo-pod.production.svc.cluster.local is the subdomain for service
  3. production in mongo-pod.production.svc.cluster.local is a namespace
  4. mongo-pod in mongo-pod.production.svc.cluster.local is a service name

Create a new namespace

  1. kubectl create namespace
$ kubectl create namespace production
namespace/production created
$ kubectl get namespaces
NAME              STATUS   AGE
default           Active   8d
kube-node-lease   Active   8d
kube-public       Active   8d
kube-system       Active   8d
production        Active   2s

2. yaml file

apiVersion: v1
kind: Namespace
metadata:
  name: production
$ kubectl create -f production-namespace.yaml
namespace/production created
$ kubectl get namespaces
NAME              STATUS   AGE
default           Active   8d
kube-node-lease   Active   8d
kube-public       Active   8d
kube-system       Active   8d
production        Active   6s

List of pods in the default namespace

$ kubectl get pods
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          63m
$ kubectl get pods -n default
$ kubectl get pods --namespace=default
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          63m

List of pods in the kube-system namespace

$ kubectl get pods -n kube-system
$ kubectl get pods --namespace=kube-system

NAME                                 READY   STATUS    RESTARTS   AGE
coredns-f9fd979d6-wtk5k              1/1     Running   2          8d
coredns-f9fd979d6-x5zxv              1/1     Running   2          8d
etcd-kubemaster                      1/1     Running   2          8d
kube-apiserver-kubemaster            1/1     Running   2          8d
kube-controller-manager-kubemaster   1/1     Running   2          8d
kube-proxy-jnf5q                     1/1     Running   2          8d
kube-proxy-m9krm                     1/1     Running   2          8d
kube-proxy-zfbsh                     1/1     Running   2          8d
kube-scheduler-kubemaster            1/1     Running   2          8d
weave-net-g4l7r                      2/2     Running   6          8d
weave-net-skdlq                      2/2     Running   7          8d
weave-net-xg67h                      2/2     Running   7          8d

pod with namespace

apiVersion: v1
kind: Pod
metadata:
  name: apple-pod
  labels:
    app: apple
    type: nginx-server

spec:
  containers:
    - name: nginx-container
      image: nginx

Create Pod in default namespace

$ kubectl create -f apple-pod.yaml
pod/apple-pod created
$ kubectl get pods
NAME        READY   STATUS    RESTARTS   AGE
apple-pod   1/1     Running   0          67s
nginx       1/1     Running   0          73m

Create Pod in production namespace

$ kubectl create -f apple-pod.yaml --namespace=production
pod/apple-pod created
$ kubectl get pods --namespace=production
NAME        READY   STATUS    RESTARTS   AGE
apple-pod   1/1     Running   0          25s

you can also add namespace name in the metadata section in yaml file

apiVersion: v1
kind: Pod
metadata:
  name: apple-pod
  namespace: production
  labels:
    app: apple
    type: nginx-server

spec:
  containers:
    - name: nginx-container
      image: nginx
kubectl create -f apple-pod.yaml
pod/apple-pod created
$ kubectl get pods --namespace=production
NAME        READY   STATUS    RESTARTS   AGE
apple-pod   1/1     Running   0          14s

you can change the default namespace to other name of namespace

kubectl config set-context $(kubectl config current-context) --namespace=production

$ kubectl config set-context $(kubectl config current-context) --namespace=production
Context "kubernetes-admin@kubernetes" modified.
  • if you do not specify the namespace, the namespace is production.
$ kubectl run nginx --image=nginx
pod/nginx created
$ kubectl get pods --namespace=production
$ kubectl get pods
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          16s

Show all the pods in all the namespaces

$ kubectl get pods --all-namespaces
NAMESPACE     NAME                                 READY   STATUS    RESTARTS   AGE
default       apple-pod                            1/1     Running   0          22m
default       nginx                                1/1     Running   0          94m
kube-system   coredns-f9fd979d6-wtk5k              1/1     Running   2          8d
kube-system   coredns-f9fd979d6-x5zxv              1/1     Running   2          8d
kube-system   etcd-kubemaster                      1/1     Running   2          8d
kube-system   kube-apiserver-kubemaster            1/1     Running   2          8d
kube-system   kube-controller-manager-kubemaster   1/1     Running   2          8d
kube-system   kube-proxy-jnf5q                     1/1     Running   2          8d
kube-system   kube-proxy-m9krm                     1/1     Running   2          8d
kube-system   kube-proxy-zfbsh                     1/1     Running   2          8d
kube-system   kube-scheduler-kubemaster            1/1     Running   2          8d
kube-system   weave-net-g4l7r                      2/2     Running   6          8d
kube-system   weave-net-skdlq                      2/2     Running   7          8d
kube-system   weave-net-xg67h                      2/2     Running   7          8d
production    nginx                                1/1     Running   0          4m36s

To limit resource in the namespace create a resource quota

apiVersion: v1
kind: ResourceQuota
metadata:
  name: production-quota
  namespace: production

spec:
  hard:
    pods: "1000"
    requests.cpu: "11"
    requests.memory: 5Gi
    limits.cpu: "11"
    limits.memory: 10Gi
$ kubectl create -f production-quota.yaml
resourcequota/production-quota created
 kubectl get quota --namespace=production
NAME               AGE   REQUEST                                                  LIMIT
production-quota   37s   pods: 1/1k, requests.cpu: 0/11, requests.memory: 0/5Gi   limits.cpu: 0/11, limits.memory: 0/10Gi
ANOTE.DEV