Ctrl+K

Kubernetes Namespaces

Kubernetes Namespaces#

  • Isolation - provides isolation among different groups, e.g., prod, dev, team1, team2.

  • Resource Limits - we can put resource limits (memory. cpu, disk) on each “groups” / namespaces.

  • Policies - we can put certain policies for each “groups” / namespaces.

  • DNS - simplified name resolution, e.g. mysql.connect("db-service"), mysql.connect("db-service.dev.svc.cluster.local").

DNS explained for: “db-service.dev.svc.cluster.local”

“db-service”

“dev”

“svc”

“cluster.local”

service name

namespace

Service

domain

Standard namespaces#

  • default

  • kube-system

  • kube-public

Namespaces Resources#

YAML:

apiVersion: ...
kind: ...
metadata:
  name: ...
  namespace: ns-name
  labels:
    ...
spec:
  ...

Command: kubectl [command] [TYPE] [NAME] [--additional-options=value] --namespace=ns-name

Getting Resources in all namespaces:

kubectl get [TYPE] [NAME] --all-namespaces

Switching to Namespace#

kubectl config set-context $(kubectl config current-context) --namespace=new-ns

ResourceQuota#

For putting limitations on the resources in a namespace

compute-quota.yaml

apiVersion: v1
kind: ResourceQuota
metadata:
  name: compute-quota
  namespace: dev
spec:
  hard:
    pods: "10"
    requests.cpu: "4"
    requests.memory: 5Gi
    limits.cpu: "10"
    limits.memory: 10Gi
Contents