Kubernetes Namespace Concepts

From NovaOrdis Knowledge Base
Revision as of 20:55, 30 August 2019 by Ovidiu (talk | contribs) (→‎Overview)
Jump to navigation Jump to search

External

Internal

Overview

A namespace is a construct that allows logically dividing a Kubernetes cluster for management purposes, a logical partition of a Kubernetes cluster. A namespace provides scope for:

  • named resources to avoid naming collisions
  • delegating management authority to trusted users
  • the ability to limit community resource consumption via limits, quotas and RBAC rules.

In OpenShift, namespaces are known as OpenShift Projects.

A namespace is NOT a strong security boundary. Also, the namespace mechanism cannot guarantee that a pod in one namespace will not impact a pod in another namespace.

The Default Namespace

It's not good practice to use the default namespace for anything of significance.

Namespace Operations

Namespace Operations