Mustafa's Kubernetes
Mastering Kubernetes Namespaces: Best Practices and Insights

Mastering Kubernetes Namespaces: Best Practices and Insights

Shaik Mustafa's photo
Shaik Mustafa
·

4 min read

Welcome to My Blogđź“’

On my profile, you’ll notice different sections like Linux Series, Docker Series, and Mustafa’s Kubernetes, each neatly organized into separate folders. Why? To make it easy for you! Instead of mixing all my articles in one place and causing confusion, I’ve grouped them by topics. So, if you’re looking for Linux-related articles, just head to the Linux Series. Want Docker content? Open the Docker Series folder. This way, everything is well-organized and easy to find.

Kubernetes Namespaces work in a similar way!

Imagine you’re running multiple pods in your cluster—for example, dev-pods, test-pods, and prod-pods. If you run the command kubectl get po, it will list all the pods together, making it hard to manage. Namespaces solve this by organizing pods into separate groups, just like my blog folders. You can manage each environment (dev, test, prod) separately without creating a messy cluster view.

Definition:

In Kubernetes, Namespaces are a way to divide cluster resources between multiple users or applications. They provide a logical separation, enabling better organization, resource management, and security within a Kubernetes cluster.

Why Use Namespaces?

Think of a Kubernetes cluster is like your office building:

  • The cluster is the entire building.

  • Namespaces are like separate offices for different teams or departments.

Without namespaces, all resources (like pods, services, and deployments) would exist in a single space, making management cumbersome.

Key Features of Namespaces

  1. Logical Isolation: Separate resources for different teams or projects.

  2. Access Control: Manage permissions with Role-Based Access Control (RBAC).

  3. Resource Quotas: Set limits on resources (CPU, memory) for each namespace.

  4. Ease of Management: Avoid naming conflicts and organize resources better.

Types of Namespaces:

Kubernetes starts with four default namespaces:

  • default: The default space for objects that do not have a specified namespace.

  • kube-system: Contains system objects created by Kubernetes, such as kube-dns and kube-proxy.

  • kube-public: A namespace for resources available to all users without authentication.

  • kube-node-lease: Used for objects related to cluster scaling.

Real-Time Example 1: Multi-Team Environment

Imagine a company running multiple applications in the same Kubernetes cluster:

  • Team A develops a movie tickets booking service.

  • Team B manages a flight tickets booking service.

Problem Without Namespaces:

  • Both teams create services named backend-service.

  • This causes a conflict as Kubernetes can’t create a resource with same name.

Solution with Namespaces:

  • Create separate namespaces for each team:

    • Namespace team-a for the movie tickets booking service.

    • Namespace team-b for the flight tickets booking service.

  • Each team can now have their own backend-service without conflict.

Real-Time Example 2: Resource Quotas

A startup with a single Kubernetes cluster has:

  • A production environment.

  • A development environment.

Problem Without Namespaces:

  • Developers accidentally use too many resources in development, leaving production starved.

Solution with Namespaces:

  • Create namespaces:

    • production: Allocate high resource quotas.

    • development: Set a lower quota to prevent overuse.

Real-Time Example 3: Access Control with RBAC

A company wants to give:

  • DevOps engineers access to the dev-environment namespace.

  • Database admins access only to the db-environment namespace.

Solution:

  • Define RoleBindings for each namespace.

  • Use RBAC to limit access:

Best Practices for Using Namespaces

  1. Use Namespaces for Environment Separation: Create dev, staging, and prod namespaces for better isolation.

  2. Assign Resource Quotas: Prevent resource contention by limiting usage for each namespace.

  3. Leverage RBAC: Enhance security by restricting access to specific namespaces.

  4. Monitor Namespace Usage: Use tools like Prometheus and Grafana to monitor namespace-specific metrics.

Commands for Namespace Management

  • List all namespaces:

      kubectl get ns

  • Create a new namespace:

      kubectl create ns my-namespace

  • Deploy resources to a specific namespace:

      kubectl apply -f pod.yml -n my-namespace

  • Switch context to a namespace:

      kubectl config set-context --current --namespace=my-namespace

  • Delete a namespace:

      kubectl delete ns my-namespace

Manifest file to create Namespace:

apiVersion: v1
kind: Namespace
metadata:
  name: mustafa

Conclusion

Namespaces are a powerful feature in Kubernetes that help manage and organize resources effectively in a shared cluster. Whether it's separating teams, environments, or applications, namespaces ensure smooth operations, prevent conflicts, and enhance security.

By implementing namespaces, organizations can scale efficiently, manage resources better, and enforce access control, all while maintaining a clean and organized Kubernetes cluster.

If you love stories that inspire learning, growth, and productivity, consider subscribing for more! If this article added value to your journey, your support would mean the world to me — only if it’s within your means. Let’s stay connected on LinkedIn too. Thank you for reading!

Kubernetes#kubernetes #container kubernetes architectureKubernetes namespaces#namespacesKubernetes namespace #k8snamespacesk8s#k8sclusterk8s commands mustafaflmDevopsDevops articlesDevOps Journey
Â