Working with Kubernetes Namespaces

Working with Kubernetes Namespaces

In this short article, we will take a look at namespaces in Kubernetes, explain what they are and how to create them on the command line and in a configuration file, with some quick reference command examples using kubectl.

What are Kubernetes Namespaces?

In Kubernetes, namespaces provides a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc) and not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc).

If a resource is namespaced, that means it cannot be created without a namespace.

Working with Kubernetes Namespaces Using kubectl

Note that on the command line, if a namespace is not specified for a given kubectl command, then objects from the default namespace are shown.

1. View existing namespaces.

To see objects within a specific namespace, the name of the namespace must be specified. It is considered bad practice to create objects in the default namespace as it makes it harder to implement NetworkPolicies, use RBAC, and segregate objects. (Read more in our Kubernetes best practices article.)

# View existing namespaces
kubectl get namespaces

Here I have a namespace listed called ingress-nginx.

kubernetes namespaces ingress-nginx
  • default —The default namespace set by the system.
  • kube-system —This namespace is assigned to resources that are created by the Kubernetes system.
  • kube-public —This namespace is created by the system and is visible to all users, even users that aren’t authenticated.
  • kube-node-lease —This namespace holds lease objects associated with each node. These leases allow the kubelet to send heartbeats so that you can determine node availability.

2. List the pods contained in a namespace.

# List the pods contained in a namespace
kubectl get pods --namespace ingress-nginx

# Note the short format for namespace can be used (-n)
kubectl get pods -n ingress-nginx
view the pods within the namespace

3. List pods in the default namespace.

To view pods in the default namespace (no namespace specified):

# List pods in the default namespace
kubectl get pods

Note that my three pods in the ingress-nginx namespace are not displayed here.

4. Create a new namespace.

To create a new namespace:

# Create a new namespace called jacks-blog
kubectl create namespace jacks-blog
create a new namespace
# Delete a namespace called jacks-blog
kubectl delete namespace jacks-blog
delete a namespace

Read more about the kubectl delete deployment command.

6. See details about a namespace.

To see details about a namespace:

# Describe a namespace
kubectl describe namespace nginx-ingress

7. Show resource usage of pods in a namespace.

To see the resource usage (CPU / Memory) of pods in a particular namespace:

# Show resource usage of pods in ingress-nginx namespace
kubectl top pod --namespace=ingress-nginx

Creating a Namespace Using a YAML Configuration File

Creating a namespace in a YAML configuration is defined as the example below:

# namespace.yaml
apiVersion: v1
kind: Namespace
  name: jacks-blog
# Apply the namespace.yaml file
kubectl apply -f namespace.yml
kubernetes namespaces yaml file

Key Points

Namespaces are easy to work with in Kubernetes and can be manipulated using the kubectl command line tool, or declared in YAML configuration files. They allow the separation and logical organization of groups of resources. Effective use of namespaces can make cluster management more streamlined.

Also, anything that can be run via kubectl can be run within a Spacelift stack. Spacelift helps you manage the complexities and compliance challenges of using Kubernetes. It brings with it a GitOps flow, so your Kubernetes Deployments are synced with your Kubernetes Stacks, and pull requests show you a preview of what they’re planning to change. It also has an extensive selection of policies, which lets you automate compliance checks and build complex multi-stack workflows.

The Most Flexible CI/CD Automation Tool

Spacelift is an alternative to using homegrown solutions on top of a generic CI. It helps overcome common state management issues and adds several must-have capabilities for infrastructure management.

Start free trial