Kubernetes namespace
Namespace
A namespace is an area for Kubernetes resources. It allows one cluster to be divided into multiple logical units and provides a mechanism for applying permissions and policies to subsections of a cluster. In other words, it provides a way to group and manage resources.
Using namespaces
Namespaces are used to separate applications that should run according to their purpose.
In summary:
- Separate shared areas when one cluster is shared by multiple teams or users.
- Separate software environments such as development, test, and production.
- Separate areas visible to the infrastructure team from areas visible to the development team.
- Permission boundary
- Resource boundary
Working with namespaces
-
Create a namespace
- CLI
kubectl create namespace blue kubectl get namespaces - YAML
kubectl create namespace green --dry-run=client -o yaml > green-ns.yaml kubectl create -f green-ns.yaml
- CLI
-
Manage namespaces
kubectl get namespaces kubectl delete namespace
Listing namespaces
You can list registered namespaces as follows.
kubectl get namespace
Immediately after installation, the namespace list looks like this.
% kubectl get namespaces
NAME STATUS AGE
default Active 5m30s
kube-node-lease Active 5m31s
kube-public Active 5m31s
kube-system Active 5m31s
There are four namespaces by default.
Default namespaces used when a cluster is created
default
- The default namespace for objects that do not have another namespace.
- Provides an area for resources such as containers, Pods, Services, and ReplicaSets.
kube-system
- Namespace for objects created by the Kubernetes system.
kube-public
- Created automatically, and all users, including unauthenticated users, can access it with read permission.
- Mainly reserved for resources that are publicly visible and readable across the whole cluster.
- This public nature is only a convention, not a requirement.
default namespace
Try listing Pods when nothing exists.
% kubectl get pod
No resources found in default namespace.
From this output, you can see that if a namespace is not specified, default is used by default.
The following commands all perform the same operation.
kubectl get pod
kubectl get pod --namespace default
kubectl get pod -n default
Listing Pods in a specific namespace
kubectl get pods -n [namespace to query]
The following command lists Pods in the kube-system namespace.
% kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6d4b75cb6d-7shzf 1/1 Running 0 6m13s
etcd-minikube 1/1 Running 0 6m28s
kube-apiserver-minikube 1/1 Running 0 6m26s
kube-controller-manager-minikube 1/1 Running 0 6m26s
kube-proxy-dbd6p 1/1 Running 0 6m13s
kube-scheduler-minikube 1/1 Running 0 6m26s
Listing Pods in all namespaces
The command to list Pods in all namespaces is as follows.
kubectl get pods --all-namespaces
Run it.
% kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6d4b75cb6d-7shzf 1/1 Running 0 10m
kube-system etcd-minikube 1/1 Running 0 11m
kube-system kube-apiserver-minikube 1/1 Running 0 11m
kube-system kube-controller-manager-minikube 1/1 Running 0 11m
kube-system kube-proxy-dbd6p 1/1 Running 0 10m
kube-system kube-scheduler-minikube 1/1 Running 0 11m
kube-system storage-provisioner 1/1 Running 1 (10m ago) 11m
Only kube-system appears here because no additional Pods were created.
Creating namespaces
Create a namespace from the CLI
The command to create a namespace from the CLI is as follows.
kubectl create namespace [namespace name to create]
Create a namespace named blue.
% kubectl create namespace blue
namespace/blue created
Check whether it was created.
% kubectl get namespaces
NAME STATUS AGE
blue Active 10s <<<<<<<< created blue namespace
default Active 27m
kube-node-lease Active 27m
kube-public Active 27m
kube-system Active 27m
Create a namespace with YAML
Create a namespace with YAML.
kubectl create namespace [namespace name to create] --dry-run=client -o yaml
% kubectl create namespace green --dry-run=client -o yaml
apiVersion: v1
kind: Namespace
metadata:
creationTimestamp: null
name: green
spec: {}
status: {}
Create it as the green-ns.yaml file.
$ kubectl create namespace green --dry-run -o yaml > green-ns.yaml
Edit green-ns.yaml to leave only what is needed.
apiVersion: v1
kind: Namespace
metadata:
name: green
Create the namespace with the generated green-ns.yaml.
% kubectl create -f green-ns.yaml
namespace/green created
Check whether it was created.
% kubectl get namespaces
NAME STATUS AGE
blue Active 11m
default Active 27m
green Active 43s <<<<<<<< created green namespace
kube-node-lease Active 27m
kube-public Active 27m
kube-system Active 27m
Creating a Pod in a specific namespace
Create a Pod in a specific namespace from the CLI
Create a Pod by specifying the namespace flag (--namespace) as green.
% kubectl run nginx --image=nginx:1.14 --port 80 --namespace green
pod/nginx created
If you list Pods in the green namespace, you can see that it was created successfully.
% kubectl get pods -n green
NAME READY STATUS RESTARTS AGE
webserver 1/1 Running 0 48s
Delete a specific namespace resource
Delete the Pod created in the green namespace.
% kubectl delete pod nginx -n green
pod "nginx" deleted
Note: If you delete a namespace, all Pods inside it are also deleted.
Create a Pod in a specific namespace from YAML
Create the nginx.yaml file.
$ kubectl run nginx --image=nginx:1.14 --port 80 --dry-run=client -o yaml > nginx.yaml
Edit the generated nginx.yaml file as follows.
apiVersion: v1
kind: Pod
metadata:
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx:1.14
name: nginx
ports:
- containerPort: 80
This time, create it by specifying the namespace flag.
kubectl create -f nginx.yaml -n green
Specify namespace in YAML and create a Pod in that namespace
In the nginx.yaml file, specify green under metadata > namespace as follows.
apiVersion: v1
kind: Pod
metadata:
labels:
run: nginx
name: nginx
namespace: green # specify namespace
spec:
containers:
- image: nginx:1.14
name: nginx
ports:
- containerPort: 80
Now create it without specifying the namespace flag (-n green). If a Pod with the same name already exists, delete it first.
% kubectl create -f nginx.yaml
pod/nginx created
If you list Pods in the green namespace, you can see that it was created successfully.
% kubectl get pods -n green
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 17s
Switch the namespace to use: kubectl config
Switch the default namespace to a namespace whose name is not default.
Usage: Register a context that includes the namespace.
$ kubectl config --help
$ kubectl config set-context NAME --cluster=kubernetes ...
$ kubectl config view
Switch to the registered namespace context.
$ kubectl config use-context NAME
View config help
kubectl config --help
The output shows subcommands such as current-context, get-contexts, set-context, use-context, and view, along with usage information for modifying kubeconfig files.
View config settings
kubectl config view
Execution result:
% kubectl config view
apiVersion: v1
clusters:
- cluster:
... middle omitted ...
contexts:
- context:
cluster: minikube
extensions:
- extension:
last-update: Sat, 10 Sep 2022 09:22:47 KST
provider: minikube.sigs.k8s.io
version: v1.26.1
name: context_info
namespace: default
user: minikube
name: minikube
current-context: minikube
... omitted ...
Add a new context
kubectl config use-context green@kubenetes --cluster=minikube --user=kubernates-admin --namespace=green
Check the current context
% kubectl config current-context
minikube
Change the current context
kubectl config use-context [context name]