This content originally appeared on DEV Community and was authored by Subham Nandi
GitHub link -
Step 1: Introduction to Kubernetes Namespaces
What are namespaces?
Namespaces in Kubernetes provide a mechanism to divide a single cluster into multiple virtual clusters. They allow for separating the resources and objects (like pods, services, and deployments) within a Kubernetes cluster, enabling better organization, isolation, and management of resources.
Why are namespaces important?
- Isolation: Resources in different namespaces are isolated from each other, meaning you can avoid naming conflicts and prevent unwanted interactions between different environments (e.g., dev, test, prod).
- Resource Organization: You can group resources logically based on their environment, application, or ownership.
- Security: Role-Based Access Control (RBAC) can be applied at the namespace level, allowing fine-grained access control.
-
Default Namespace: If a namespace is not specified, resources are created in the
defaultnamespace. Kubernetes also creates other system namespaces likekube-system, which contains control plane components.
Step 2: Viewing Existing Namespaces
By default, Kubernetes comes with a few namespaces. You can list them using:
kubectl get namespaces
Example output:
NAME STATUS AGE
default Active 1d
kube-node-lease Active 1d
kube-public Active 1d
kube-system Active 1d
- default: The default namespace where resources are created if no namespace is specified.
-
kube-system: Contains system-related components (like
kube-dns,kube-proxy). - kube-public: A public namespace that is readable by everyone, used mainly for cluster information.
- kube-node-lease: Tracks the heartbeats of nodes.
Step 3: Creating a New Namespace (Declarative Way)
A namespace can be created either imperatively or declaratively.
Let's first create a namespace declaratively using a YAML file.
- Create a
namespace.yamlfile with the following content:
apiVersion: v1
kind: Namespace
metadata:
name: demo
- Apply the YAML file to create the namespace:
kubectl apply -f namespace.yaml
Output:
namespace/demo created
- Verify the namespace was created:
kubectl get namespaces
You should see the newly created namespace demo.
Step 4: Creating a Namespace (Imperative Way)
You can also create a namespace directly using a simple command without a YAML file:
kubectl create namespace demo-imp
Output:
namespace/demo-imp created
Again, verify:
kubectl get namespaces
Both demo and demo-imp namespaces should now be listed.
Step 5: Deploying Resources to Specific Namespaces
Let’s create a Deployment in the newly created demo namespace. By default, resources are created in the default namespace unless specified otherwise. We will use the --namespace or -n flag to target the demo namespace.
- Create an NGINX deployment in the
demonamespace:
kubectl create deployment nginx-demo --image=nginx --namespace=demo
Output:
deployment.apps/nginx-demo created
- Verify the deployment:
kubectl get deployments --namespace=demo
Output:
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-demo 1/1 1 1 10s
- Check the running pods in the
demonamespace:
kubectl get pods --namespace=demo
Output:
NAME READY STATUS RESTARTS AGE
nginx-demo-5d8fbbf94d-5htgj 1/1 Running 0 12s
Step 6: Accessing Resources in a Namespace
Resources within the same namespace can communicate with each other directly by their name. However, for cross-namespace communication, the Fully Qualified Domain Name (FQDN) must be used.
- Get the Pod IP for the NGINX pod in the
demonamespace:
kubectl get pod -o wide --namespace=demo
Output:
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-demo-5d8fbbf94d-5htgj 1/1 Running 0 1m 10.244.0.5 minikube <none> <none>
The IP of the pod is 10.244.0.5.
- Let’s create another NGINX deployment in the
defaultnamespace:
kubectl create deployment nginx-default --image=nginx
Verify the pods:
kubectl get pods --namespace=default
Output:
NAME READY STATUS RESTARTS AGE
nginx-default-6b76b5b8ff-7txdh 1/1 Running 0 10s
Step 7: Testing Communication Between Namespaces
Let’s check if the nginx-default pod in the default namespace can communicate with the nginx-demo pod in the demo namespace.
- Exec into the
nginx-defaultpod in thedefaultnamespace:
kubectl exec -it nginx-default-6b76b5b8ff-7txdh --namespace=default -- /bin/sh
Now, from within this shell, try to curl the IP of the NGINX pod in the demo namespace:
curl 10.244.0.5
Output:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p>
</body>
</html>
The communication is successful because we used the Pod IP. However, direct DNS-based communication between namespaces requires FQDN.
- Exit the pod shell:
exit
Step 8: Deleting a Namespace
To delete a namespace, simply use:
kubectl delete namespace demo
Output:
namespace "demo" deleted
This will remove all the resources within the namespace as well.
Step 9: Cleaning Up Resources
To clean up all the resources created in this demo, delete the nginx-default deployment from the default namespace and any other resources you created:
kubectl delete deployment nginx-default
kubectl delete namespace demo-imp
This content originally appeared on DEV Community and was authored by Subham Nandi
Subham Nandi | Sciencx (2024-10-07T15:39:22+00:00) 40 Days Of Kubernetes (10/40). Retrieved from https://www.scien.cx/2024/10/07/40-days-of-kubernetes-10-40/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.