Kubernetes Namespace Concepts

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Overview

A namespace is a construct that allows logically dividing a Kubernetes cluster for management purposes, a logical partition of a Kubernetes cluster. A namespace provides scope for:

  • named resources to avoid naming collisions
  • delegating management authority to trusted users
  • the ability to limit community resource consumption via limits, quotas and RBAC rules.

In OpenShift, namespaces are known as OpenShift Projects.

A namespace is NOT a strong security boundary. Also, the namespace mechanism cannot guarantee that a pod in one namespace will not impact a pod in another namespace.

Object names must be unique within a specific namespace.

The Default Namespace

It's not good practice to use the default namespace for anything of significance.

Namespace Operations

Namespace Operations



- the value of this field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces

Retrieved from "https://kb.novaordis.com/index.php?title=Kubernetes_Namespace_Concepts&oldid=61123"