Kubernetes namespaces help different projects, teams, or customers to share a Kubernetes cluster.
We create Kubernetes objects such as pods, deployments, services, and etc in our cluster. Whatever we have been doing within a namespace.
The default namespace is automatically created Kubernetes when the cluster is first set up.
Kubernetes creates a set of pods and services for its internal purpose such as those required by the networking solution. The DNS Service etc. To isolate these from the user and to prevent you from accidentally deleting or modifying these services Kubernetes creates them under another namespace created that cluster startup named kube-system. Also, Kubernetes automatically creates that is called kube-public this is where resources that should be made available to all users are created.
Show all the pods in default namespace
$ kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 15s
Show all the pods in kube-system namespace
$ kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-f9fd979d6-wtk5k 1/1 Running 2 8d
coredns-f9fd979d6-x5zxv 1/1 Running 2 8d
etcd-kubemaster 1/1 Running 2 8d
kube-apiserver-kubemaster 1/1 Running 2 8d
kube-controller-manager-kubemaster 1/1 Running 2 8d
kube-proxy-jnf5q 1/1 Running 2 8d
kube-proxy-m9krm 1/1 Running 2 8d
kube-proxy-zfbsh 1/1 Running 2 8d
kube-scheduler-kubemaster 1/1 Running 2 8d
weave-net-g4l7r 2/2 Running 6 8d
weave-net-skdlq 2/2 Running 7 8d
weave-net-xg67h 2/2 Running 7 8d
Kubernetes cluster for enterprise or production purposes you want to consider the use of namespace.
You can create your own namespaces as well.
Each of these namespaces can have its own set of policies that define who can do what. You can also assign quota of resources to each of these namespaces that each namespace is guaranteed a certain amount and does not use more than it is allowed.
The app-pod in the default namespace can connect mongdb-pod in the default namespace with mongdb-pod
, However, if the app-pod in the default namespace want to connect mongdb-pod in the production namespace, the format is mongo-pod.production.svc.cluster.local
. you are able to do this because when the service is created a DNS entry is added automatically in this format looking closely at the DNS name of the service.
cluster.local
inmongo-pod.production.svc.cluster.local
is the default domain name of Kubernetes clustersvc
inmongo-pod.production.svc.cluster.local
is the subdomain for serviceproduction
inmongo-pod.production.svc.cluster.local
is a namespacemongo-pod
inmongo-pod.production.svc.cluster.local
is a service name
Create a new namespace
kubectl create namespace
$ kubectl create namespace production
namespace/production created
$ kubectl get namespaces
NAME STATUS AGE
default Active 8d
kube-node-lease Active 8d
kube-public Active 8d
kube-system Active 8d
production Active 2s
2. yaml file
apiVersion: v1
kind: Namespace
metadata:
name: production
$ kubectl create -f production-namespace.yaml
namespace/production created
$ kubectl get namespaces
NAME STATUS AGE
default Active 8d
kube-node-lease Active 8d
kube-public Active 8d
kube-system Active 8d
production Active 6s
List of pods in the default namespace
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 63m
$ kubectl get pods -n default
$ kubectl get pods --namespace=default
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 63m
List of pods in the kube-system namespace
$ kubectl get pods -n kube-system
$ kubectl get pods --namespace=kube-system
NAME READY STATUS RESTARTS AGE
coredns-f9fd979d6-wtk5k 1/1 Running 2 8d
coredns-f9fd979d6-x5zxv 1/1 Running 2 8d
etcd-kubemaster 1/1 Running 2 8d
kube-apiserver-kubemaster 1/1 Running 2 8d
kube-controller-manager-kubemaster 1/1 Running 2 8d
kube-proxy-jnf5q 1/1 Running 2 8d
kube-proxy-m9krm 1/1 Running 2 8d
kube-proxy-zfbsh 1/1 Running 2 8d
kube-scheduler-kubemaster 1/1 Running 2 8d
weave-net-g4l7r 2/2 Running 6 8d
weave-net-skdlq 2/2 Running 7 8d
weave-net-xg67h 2/2 Running 7 8d
pod with namespace
apiVersion: v1
kind: Pod
metadata:
name: apple-pod
labels:
app: apple
type: nginx-server
spec:
containers:
- name: nginx-container
image: nginx
Create Pod in default namespace
$ kubectl create -f apple-pod.yaml
pod/apple-pod created
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
apple-pod 1/1 Running 0 67s
nginx 1/1 Running 0 73m
Create Pod in production namespace
$ kubectl create -f apple-pod.yaml --namespace=production
pod/apple-pod created
$ kubectl get pods --namespace=production
NAME READY STATUS RESTARTS AGE
apple-pod 1/1 Running 0 25s
you can also add namespace name in the metadata section in yaml file
apiVersion: v1
kind: Pod
metadata:
name: apple-pod
namespace: production
labels:
app: apple
type: nginx-server
spec:
containers:
- name: nginx-container
image: nginx
kubectl create -f apple-pod.yaml
pod/apple-pod created
$ kubectl get pods --namespace=production
NAME READY STATUS RESTARTS AGE
apple-pod 1/1 Running 0 14s
you can change the default namespace to other name of namespace
kubectl config set-context $(kubectl config current-context) --namespace=production
$ kubectl config set-context $(kubectl config current-context) --namespace=production
Context "kubernetes-admin@kubernetes" modified.
- if you do not specify the namespace, the namespace is production.
$ kubectl run nginx --image=nginx
pod/nginx created
$ kubectl get pods --namespace=production
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 16s
Show all the pods in all the namespaces
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default apple-pod 1/1 Running 0 22m
default nginx 1/1 Running 0 94m
kube-system coredns-f9fd979d6-wtk5k 1/1 Running 2 8d
kube-system coredns-f9fd979d6-x5zxv 1/1 Running 2 8d
kube-system etcd-kubemaster 1/1 Running 2 8d
kube-system kube-apiserver-kubemaster 1/1 Running 2 8d
kube-system kube-controller-manager-kubemaster 1/1 Running 2 8d
kube-system kube-proxy-jnf5q 1/1 Running 2 8d
kube-system kube-proxy-m9krm 1/1 Running 2 8d
kube-system kube-proxy-zfbsh 1/1 Running 2 8d
kube-system kube-scheduler-kubemaster 1/1 Running 2 8d
kube-system weave-net-g4l7r 2/2 Running 6 8d
kube-system weave-net-skdlq 2/2 Running 7 8d
kube-system weave-net-xg67h 2/2 Running 7 8d
production nginx 1/1 Running 0 4m36s
To limit resource in the namespace create a resource quota
apiVersion: v1
kind: ResourceQuota
metadata:
name: production-quota
namespace: production
spec:
hard:
pods: "1000"
requests.cpu: "11"
requests.memory: 5Gi
limits.cpu: "11"
limits.memory: 10Gi
$ kubectl create -f production-quota.yaml
resourcequota/production-quota created
kubectl get quota --namespace=production
NAME AGE REQUEST LIMIT
production-quota 37s pods: 1/1k, requests.cpu: 0/11, requests.memory: 0/5Gi limits.cpu: 0/11, limits.memory: 0/10Gi