Day 10 of 40DaysofKubernetes : Mastering Kubernetes Namespaces
In this blog, we’ll explore Kubernetes Namespaces, which are essential for organizing and isolating resources within a cluster. Namespaces are incredibly useful when managing multiple environments (e.g., development, staging, and production) within a single Kubernetes cluster. By the end of this guide, you’ll have a clear understanding of namespaces and be able to create, manage, and interact with them confidently.
What Are Kubernetes Namespaces?
Namespaces in Kubernetes provide a mechanism for logical partitioning of resources. They allow multiple teams or projects to share the same cluster while maintaining separation and avoiding resource name conflicts. Namespaces are useful in scenarios like:
Isolating environments (e.g., dev, prod).
Segmenting teams within a cluster.
Controlling resource usage through resource quotas and limits.
By default, Kubernetes clusters come with three namespaces:
default– The default namespace for resources with no specified namespace.kube-system– Used for Kubernetes internal components.kube-public– A namespace readable by everyone, typically used for resources meant to be public.
Now, let’s walk through the key steps to creating and managing Kubernetes namespaces.
Step 1: Create a Namespace
To create a namespace, you can use the kubectl command-line tool. You can define a namespace in two ways: directly from the command line or via a YAML manifest.
Option 1: Create via CLI
kubectl create namespace <namespace-name>
Example:
kubectl create namespace dev-environment
This command will create a namespace called dev-environment.
Option 2: Create via YAML Manifest
You can also define a namespace in a YAML file and apply it to the cluster:
apiVersion: v1
kind: Namespace
metadata:
name: dev-environment
To apply the YAML file, use:
kubectl apply -f namespace.yaml
Step 2: List and Describe Namespaces
Once you have namespaces set up, you can list all the namespaces in your cluster using:
kubectl get namespaces
To get detailed information about a specific namespace, you can describe it:
kubectl describe namespace <namespace-name>
Example:
kubectl describe namespace dev-environment
Step 3: Use a Namespace
Kubernetes resources like pods, services, and deployments can be created in a specific namespace. By default, resources are created in the default namespace unless explicitly mentioned.
To create a resource in a specific namespace, you can either:
- Specify the namespace when creating the resource:
kubectl run nginx --image=nginx --namespace=<namespace-name>
- Set the namespace context for your current session:
kubectl config set-context --current --namespace=<namespace-name>
This sets the context so that any further kubectl commands will automatically apply to the specified namespace.
Step 4: Delete a Namespace
If you no longer need a namespace, you can delete it using the following command:
kubectl delete namespace <namespace-name>
Example:
kubectl delete namespace dev-environment
This will delete the namespace and all resources within it, so proceed with caution.
Task
Step 1: Create Two Namespaces (ns1 and ns2)
kubectl create namespace ns1
kubectl create namespace ns2
Step 2: Create a Deployment in Each Namespace with a Single Replica
Create deploy-ns1 in ns1
kubectl create deployment deploy-ns1 --image=nginx --namespace=ns1 --replicas=1
Create deploy-ns2 in ns2
kubectl create deployment deploy-ns2 --image=nginx --namespace=ns2 --replicas=1
Step 3: Get the IP Address of Each Pod
To get the IP address of the pods, use:
kubectl get pods -o wide --namespace=ns1
kubectl get pods -o wide --namespace=ns2
This will return a list of the pods in each namespace along with their IP addresses.
Step 4: Exec into the Pod of deploy-ns1 and Curl the IP of deploy-ns2 Pod
Get the Pod Name of deploy-ns1 (in ns1)
kubectl get pods --namespace=ns1
Exec into the deploy-ns1 Pod
kubectl exec -it <pod-name-ns1> --namespace=ns1 -- /bin/bash
Curl the IP of the deploy-ns2 Pod (in ns2)
Inside the shell of deploy-ns1's pod:
curl <pod-ip-of-deploy-ns2>
If pod-to-pod communication works, you should see the Nginx HTML response from the pod in ns2.
Step 5: Scale Both Deployments to 3 Replicas
Scale deploy-ns1 in ns1
kubectl scale deployment deploy-ns1 --replicas=3 --namespace=ns1
Scale deploy-ns2 in ns2
kubectl scale deployment deploy-ns2 --replicas=3 --namespace=ns2
Step 6: Create Services to Expose Both Deployments
Create a Service for deploy-ns1 (svc-ns1)
kubectl expose deployment deploy-ns1 --type=ClusterIP --name=svc-ns1 --namespace=ns1 --port=80
Create a Service for deploy-ns2 (svc-ns2)
kubectl expose deployment deploy-ns2 --type=ClusterIP --name=svc-ns2 --namespace=ns2 --port=80
Step 7: Exec into Each Pod and Curl the Service IP of the Other Namespace
Get the Service IPs
You can get the IPs of the services by running:
kubectl get svc --namespace=ns1
kubectl get svc --namespace=ns2
Exec into a Pod in deploy-ns1 and Curl svc-ns2
Exec into a pod in deploy-ns1:
kubectl exec -it <pod-name-ns1> --namespace=ns1 -- /bin/bash
From within the pod, curl the IP address of the svc-ns2 service:
curl <svc-ns2-ip>
Exec into a Pod in deploy-ns2 and Curl svc-ns1
Similarly, exec into a pod in deploy-ns2:
kubectl exec -it <pod-name-ns2> --namespace=ns2 -- /bin/bash
From within the pod, curl the IP address of the svc-ns1 service:
curl <svc-ns1-ip>
Step 8: Curl Using Service Name Instead of IP
Now, try curling the service name directly. Inside a pod in ns1:
curl svc-ns2
You will likely get an error stating that the host cannot be resolved.
Step 9: Use FQDN to Curl the Service
To resolve services between namespaces, you need to use their Fully Qualified Domain Name (FQDN):
curl svc-ns2.ns2.svc.cluster.local
In the case of svc-ns1, the FQDN would be:
curl svc-ns1.ns1.svc.cluster.local
Now, this curl should work, and you should get a response.
Step 10: Delete the Namespaces
Once you’re done, you can clean up by deleting both namespaces, which will also delete all resources (deployments, services) within them:
kubectl delete namespace ns1
kubectl delete namespace ns2
Conclusion
Namespaces are an essential tool in managing Kubernetes clusters efficiently, especially when dealing with multi-tenancy or organizing resources for different environments. They offer a logical division of resources, help in enforcing resource limits, and simplify operations when you’re scaling workloads across teams.
By following the steps outlined above, you can create, use, and manage namespaces effectively within your Kubernetes clusters.
Reference
