Namespace resource lifecycle¶

In Kubernetes, a Namespace functions as an abstract cluster (virtual cluster) that allows a single physical cluster to be partitioned into multiple isolated groups.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md] This lifecycle involves the creation of the Namespace, the deployment of resources within it, and the eventual deletion of the Namespace and its contents.

Usage scenarios¶

Namespaces are primarily intended for environments with multiple teams or projects requiring resource isolation.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md] For smaller clusters with only a few users, creating Namespaces is often unnecessary.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]

Creation¶

Namespaces are created using the kubectl create namespace command.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]

[kubectl](<./kubectl.md>) create namespace demo-namespace

Kubernetes provides four initial Namespaces by default:

• default: The default Namespace for objects that do not specify a Namespace.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]
• kube-system: The Namespace for system objects created by Kubernetes.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]
• kube-public: A Namespace readable by all users (including unauthenticated ones), used for public resources.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]
• kube-node-lease: Contains Lease objects used for node heartbeats to help the control plane detect node failures.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]

Resource deployment¶

Once a Namespace exists, resources can be deployed within it using two primary methods:

1. Command-line argument: The --namespace flag can be used to specify the target Namespace for a request^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].
2. Configuration file: In a resource manifest (e.g., for a Pod), the namespace field under metadata specifies the target Namespace^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].

Context configuration¶

To avoid repeatedly typing the Namespace flag, users can set a persistent default Namespace for the current context using kubectl config set-context.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md] This updates the context so that subsequent commands apply to the specified Namespace by default^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].

Deletion¶

Deleting a Namespace is a destructive operation. When a Namespace is removed, all resources contained within it are also deleted.^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md]

Resource isolation characteristics¶

Namespaces provide several mechanisms for organizing and limiting resources:

• Uniqueness: Resource names must be unique within the same Namespace^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].
• Reusability: Resources in different Namespaces may share the same name^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].
• Resource Management: System resources can be allocated or restricted for a Namespace using ResourceQuota and LimitRange objects^[400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md].

Sources¶

• 400-devops__06-Kubernetes__k8s-ithelp__Day22__README.md

Related¶

• Kubernetes
• [[ResourceQuota]]
• [[LimitRange]]