An Introduction to Namespaces in Kubernetes

What is a Namespace in Kubernetes

A Namespace is a simple concept. Think of it as a virtual cluster within your physical Kubernetes cluster. A logical unit.

You can have one or many namespaces within 1 physical Kubernetes cluster.

Kubernetes Namespaces

When you create a Kubernetes cluster, there will be a default namespace instantiated to hold sets of Pods, Services, Deployments and other objects.

Command to display Kubernetes namespaces

When you create Namespaces, you can create objects such as Pods, Services and Deployments etc which are specific to that Namespace.

It is helpful to know a bit about how Names and UIDs work in Kubernetes before diving into Namespaces:

Names and UIDs

Each object (for example, Pods) has some attributes and metadata. Among them is “Name” (which is unique across the cluster). Another attribute is UID which is also unique. UIDs (also referred to as UUIDs in a broader context) are Kubernetes system-generated.

Why you may need Namespaces

Namespaces should be used when they are needed. For a smaller userbase (< 100 users), you may not need Namespaces at all.

Here are some situations where you can use Namespaces:

  • You have a large user base and multiple teams and would like to allocate resources based on roles.
  • You are running 1 physical Kubernetes cluster and woule like to have logical units to better
    seperate resources in multiple environments.
  • Security requirements.

Namespace YAML

Here is an example of 2 yaml files I used to create 2 namespaces: Development and Production

{
   "apiVersion": "v1",
   "kind": "Namespace",
   "metadata": {
     "name": "development",
     "labels": {
       "name": "development"
     }
   }
 }
{
   "apiVersion": "v1",
   "kind": "Namespace",
   "metadata": {
     "name": "production",
     "labels": {
       "name": "production"
     }
   }
 }

The files were saved as namespace-development.json and namespace-production.json. I created the namespaces using the following commands:

kubectl create -f namespace-development.json
kubectl create -f namespace-production.json  
Created Development namespace in Kubernetes

Best Practices

  • Use ResourceQuota to limit aggregate resource (CPU, memory etc) consumption per Namespace
  • Create Namespaces for various teams to define application boundaries based on regulatory or security requirements for applications (for example should a pod serving an HR database be in the same namespace as a pod serving a internet facing web application? That would be unlikely.)

Naming Conventions

Naming conventions can be dependent on how your organization and various teams are structured. However, it is good to follow some rules around this. Create Namespaces with <app context-environment> names for example:

  • web-dev
  • backend-prod

Security and Isolation

Helpful Commands

kubectl get namespaces
 NAME              STATUS   AGE
 default           Active   3m57s
 development       Active   7s
kubecctl config use-context development
kubectl config set-context development --namespace=development --cluster=kluster --user=kubernetes-admin
kubectl config use-context development