Kubernetes Namespaces: Organize Your Cluster
Namespaces provide a way to divide cluster resources between multiple users, teams, or environments.
Default Namespaces
| Namespace | Purpose |
|---|---|
default | Resources with no namespace |
kube-system | Kubernetes system components |
kube-public | Publicly accessible resources |
kube-node-lease | Node heartbeat data |
Creating Namespaces
# Imperative
kubectl create namespace development
# YAML
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Namespace
metadata:
name: production
EOFWorking with Namespaces
# List namespaces
kubectl get namespaces
# Get resources in specific namespace
kubectl get pods -n development
# Get resources in all namespaces
kubectl get pods -A
# Set default namespace for context
kubectl config set-context --current --namespace=developmentResource Quotas
Limit total resources per namespace:
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-quota
namespace: development
spec:
hard:
requests.cpu: "4"
requests.memory: 8Gi
limits.cpu: "8"
limits.memory: 16Gi
pods: "20"
services: "10"Limit Ranges
Set default and max limits for containers:
apiVersion: v1
kind: LimitRange
metadata:
name: default-limits
namespace: development
spec:
limits:
- default:
cpu: 500m
memory: 256Mi
defaultRequest:
cpu: 100m
memory: 128Mi
max:
cpu: "2"
memory: 1Gi
type: ContainerCross-Namespace Communication
Services can be accessed across namespaces:
# Full DNS name
curl http://service-name.namespace.svc.cluster.local
# Example
curl http://database.production.svc.cluster.local:5432Best Practices
- Separate environments: dev, staging, production
- Team-based isolation: frontend, backend, data
- Apply resource quotas: Prevent resource hogging
- Use RBAC per namespace: Control access
- Consistent naming: Use clear, descriptive names
Common Exam Tasks
- Create namespace
- Deploy resources to specific namespace
- Configure ResourceQuota
- Access service across namespaces
Practice Namespaces
Namespace management appears in CKA exams. Practice at Sailor.sh.