How to Create Kubernetes Namespace

Kubernetes, a popular container orchestration platform provides a mechanism called namespaces to logically isolate groups of resources within a single cluster. Namespaces enable teams to manage and organize their applications avoiding conflicts and improving resource utilization.

Creating namespaces in Kubernetes is a fundamental task that helps in organizing and managing resources within a cluster. In this article, we will cover the process of creating Kubernetes namespaces explaining the concepts, commands, and best practices involved.

What is Kubernetes Namespaces

A namespace is a virtual cluster within a physical cluster. It allows you to group related resources such as pods, services, deployments, and configmaps under a specific namespace. This isolation ensures that resources within a namespace are not directly accessible or affected by resources in other namespaces.

Kubernetes namespaces provide a way to divide cluster resources between multiple users. They are intended for use in environments with many users spread across multiple teams or projects. Namespaces help in:

• Resource Isolation: Different teams can work within their own namespaces without interfering with each other.
• Resource Quotas: Administrators can set resource limits for each namespace.
• Access Control: Role Based Access Control (RBAC) can be applied to namespaces to control access to resources.

By default, Kubernetes starts with four initial namespaces:

1. default: The default namespace for objects with no other namespace.
2. kube-system: The namespace for objects created by the Kubernetes system.
3. kube-public: A special namespace that is readable by all users including those not authenticated. This namespace is mostly reserved for cluster usage.
4. kube-node-lease: This namespace holds lease objects associated with each node which improves the performance of the node heartbeats as the cluster scales.

Creating Kubernetes Namespace

You can install Minikube on Ubuntu for local development or use a cloud provider like Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), or Azure Kubernetes Service (AKS) for production. There are primarily two methods to create Kubernetes namespaces:

Using kubectl Command

The simplest way to create a namespace is by using the kubectl command line tool. Open the terminal and run the following command:

kubectl create namespace my-namespace

This command creates a namespace named my-namespace. You can verify the creation by listing all namespaces:

kubectl get namespaces

Using YAML File

For more complex configurations you can create a namespace using a YAML file. This method allows you to define additional metadata and labels. Create Kubernetes namespace YAML file with nano command for example namespace.yaml with the following content:

apiVersion: v1
kind: Namespace
metadata:
  name: my-namespace
  labels:
    name: my-namespace

Apply the YAML file using kubectl:

kubectl apply -f namespace.yaml

This command will create the namespace as defined in the YAML file.

Managing Namespaces

After creating Kubernetes namespaces here is how you can manage the namespaces with the following commands:

Delete Namespace

To delete a namespace and all the resources within it use the following command:

kubectl delete namespace my-namespace

With this command, it will remove all resources within the namespace.

Switch Namespaces

To switch the context to a different namespace you can use the following command:

kubectl config set-context --current --namespace=my-namespace

This command sets the current context to my-namespace so all subsequent kubectl commands will be executed within this namespace.

Resource Quotas

Resource quotas are used to limit the resource consumption within a namespace. Here’s an example of a resource quota YAML file:

apiVersion: v1
kind: ResourceQuota
metadata:
  name: my-quota
  namespace: my-namespace
spec:
  hard:
    pods: "10"
    requests.cpu: "4"
    requests.memory: "8Gi"
    limits.cpu: "10"
    limits.memory: "16Gi"

Apply the resource quota using the following command:

kubectl apply -f resource-quota.yaml

Network Policies

Network policies control the communication between pods in different namespaces. Here’s an example of a network policy YAML file:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-all
  namespace: my-namespace
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - {}
  egress:
  - {}

Apply the network policy using:

kubectl apply -f network-policy.yaml

Role Based Access Control

RBAC allows you to define roles and bind them to users or groups within a namespace. Here’s an example of a role and role binding YAML file:

Role YAML

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: my-namespace
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

Role Binding YAML

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: read-pods
  namespace: my-namespace
subjects:
- kind: User
  name: jane
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io

Apply the role and role binding using the respective kubectl command.

Conclusion

Namespaces in Kubernetes are a powerful feature that helps in organizing and managing resources within a cluster. By using namespaces you can achieve better resource isolation apply resource quotas and manage access control effectively. Whether you are working in a development testing or production environment namespaces provide the necessary tools to manage your Kubernetes resources efficiently.

FAQ