What are Kubernetes Namespaces?
Kubernetes namespaces are a method by which a single cluster used by an organization can be divided and categorized into multiple sub-clusters and managed individually. Each of these clusters can function as individual modules where users across various modules can interact and share information as necessary.
While the clusters can function autonomously, they are still connected to other clusters and aren’t completely independent, and can even support one cluster nested within another. In general, there is a default namespace where all the resources exist. Unless otherwise specified, all the relevant commands will apply to this default namespace.
When are Kubernetes Namespaces Used?
Kubernetes namespaces are used in various scenarios for different reasons. A few of those scenarios are mentioned below:
In an organization, different projects run simultaneously, and within those projects, different departments work in parallel. As a result, having a space specific to a project and a team becomes important. It helps protect project resources by limiting accessibility to non-team members.
In some ways, this is an extension of Project Compartmentalization. If you’re testing a new microservice for an operational project, it is best to do that testing in an isolated environment. This way, you can tinker, tweak, and iteratively improve the efficiency of a project without visibly affecting the live process.
Access and Permissions
Role-Based Access Controls (RBAC) are another crucial part of any application development lifecycle. There must be limitations on which users can access a cluster and have the permissions to make changes that could negatively impact operations. Namespaces can be used to add further restrictions that prevent tampering with the microservice and other security vulnerabilities.
With these, the cluster or namespace operator can divide resources into different teams, projects, and modules in an efficient manner. Otherwise, the memory leaks across different modules and services could lead to an increase in the demand for resources, and as a result, degrade overall performance.
These are a few scenarios in which K8 namespaces should be used. Let us illustrate how a namespace can be created with a simple example:
Example of How to Create a Kubernetes Namespace
Method 1: YAML File
You first need to create a YAML file. The name of this file must be my-namespace.yaml. Within this, you’ll need to assign the key-value pairs that denote a Namespace
apiVersion: v1 kind: Namespace metadata: name: namespace1
Here, you see the kind of key that has the value, Namespace. This is because we are creating a Namespace. If we were creating a pod, we would define the value as Pod.
We’ve assigned the name of the namespace as namespace1, but you can name it based on the purpose of your namespace.
Now, use the following command to create the namespace:
kubectl create -f ./my-namespace.yaml
With this, you’ve created your namespace. You can also view your namespace with the following command:
kubectl get namespaces namespace1
If you want more details regarding your namespace, then use the following command:
kubectl describe namespaces namespace1
This will display the following details regarding your namespace:
Name: namespace1 Labels: <none> Annotations: <none> Status: Active No resource quota. Resource Limits Type Resource Min Max Default ---- -------- --- --- --- Container cpu - - 100m
Method 2: Without a YAML File
Using this method, you can simply use the command below to directly create a namespace without a YAML file.
kubectl create namespace namespace1
The only thing you need to ensure is that the name of the namespace is a valid DNS label. You can further create pods within your namespace to divide the cluster, assign resources to them, and delete them when they are no longer required.
Benefits of Kubernetes Namespaces
There are numerous benefits to creating and managing namespaces despite it being considered a tedious task. A few of the more important advantages include:
Optimization and Efficiency
This is perhaps the most significant advantage of having a namespace. It becomes relatively easy for people to work on their own projects and communicate only when necessary. It improves productivity and makes the entire process of development more manageable and agile.
Easy Resource Distribution
With namespaces, assigning resources to different pods and containers becomes relatively easy. The operator can readily view and understand how many resources are required at any given moment if the resources are being used optimally, and how many additional resources are required. Furthermore, it tracks the end-of-life timestamp for microservices and reassigns those resources as soon as the service is shut down.
If anomalies or issues occur in a system, namespaces can give better clarity as to the location and root cause of the problem. This makes it easier for the operators to troubleshoot, mitigate the problem, and solve it more efficiently.
Operators and cluster administrators can easily scale the system whenever it is required. This is because of the containerized nature of namespaces. Whenever the demand for a specific resource exceeds the current limitations of a namespace, it can be increased, usually for a nominal fee. The system can be easily scaled without affecting operations.
In addition, there are other benefits such as iterative development, experimentation, higher security, increased stability, and more.