jonsully1.dev

Understanding Kubernetes Namespaces: A Simple Explanation

Cover Image for Understanding Kubernetes Namespaces: A Simple Explanation
Photo by 7AV 7AV  on Unsplash
John O'Sullivan
John O'Sullivan
Senior Lead Engineer

Imagine you’re working in a large office building. The building houses multiple departments, like HR, Finance, and IT. Each department has its own space, resources, and team members. While they all share the same building, they operate independently and don’t interfere with each other. This is similar to how namespaces work in Kubernetes.

In Kubernetes, a namespace is like a virtual compartment or a "department" within a cluster. It helps organize and isolate resources (like applications, services, and configurations) so that different teams or projects can work independently without stepping on each other’s toes. For example, you might have one namespace for your development team and another for production. This way, the development team can test new features without affecting the live production environment.

Key Points About Namespaces:

  1. Isolation: Namespaces provide a way to separate resources within the same Kubernetes cluster.
  2. Unique Names: Resource names (like Pods or Services) must be unique within a namespace but can be reused across different namespaces.
  3. Not Nested: Namespaces cannot be nested inside each other.
  4. Resource Quotas: You can limit the amount of resources (like CPU or memory) that a namespace can use.
  5. DNS: Services in a namespace get their own DNS address, making it easy to communicate within the namespace.

When to Use Namespaces:

  • Multiple Teams: If you have multiple teams working on the same cluster, namespaces help keep their work separate.
  • Environments: You can use namespaces to separate environments like development, staging, and production.
  • Resource Management: Namespaces allow you to set resource limits for different projects or teams.

How Namespaces Are Used in Kubernetes Tools

Let’s look at how namespaces are used in popular Kubernetes tools like Helm, ArgoCD, Harbor, and the general Kubernetes deployment process.

1. Helm:

Helm is a package manager for Kubernetes that helps you deploy applications. When you install a Helm chart, you can specify a namespace for the deployment. For example:

helm install my-app ./my-chart --namespace=development

This command deploys the application in the development namespace. Helm ensures that all resources created by the chart are scoped to that namespace.

2. ArgoCD:

ArgoCD is a GitOps tool that automates application deployments. It uses namespaces to manage applications in different environments. For example:

  • You can deploy an application to the staging namespace for testing.
  • Once tested, you can promote the same application to the production namespace.

ArgoCD ensures that the correct resources are deployed to the correct namespaces based on your Git repository configurations.

3. Harbor:

Harbor is a container image registry. While Harbor itself doesn’t directly use Kubernetes namespaces, the images stored in Harbor are often used in Kubernetes deployments. For example:

  • You might store development images in a dev repository and production images in a prod repository.
  • When deploying these images using Kubernetes, you would specify the appropriate namespace (e.g., development or production).

4. Kubernetes Deployment Process:

When deploying applications directly using Kubernetes (without Helm or ArgoCD), you specify the namespace in your YAML files or commands. For example:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
  namespace: production
spec:
  replicas: 3
  template:
    spec:
      containers:
      - name: my-app
        image: my-app:1.0

This YAML file deploys the my-app application to the production namespace. You can also use kubectl to deploy resources to a specific namespace:

kubectl apply -f my-app.yaml --namespace=production

Practical Example: Using Namespaces in a Real-World Scenario

Let’s say you’re working on a project with three environments: development, staging, and production. Here’s how you might use namespaces:

  1. Development Namespace:

    • Used by developers to test new features.
    • Resources are labeled with env: dev.
    • Resource quotas are set to limit usage.

  2. Staging Namespace:

    • Used for pre-production testing.
    • Resources are labeled with env: staging.
    • Mirrors the production environment but with fewer resources.

  3. Production Namespace:

    • Used for the live application.
    • Resources are labeled with env: prod.
    • Strict resource quotas and monitoring are in place.

By using namespaces, you ensure that:

  • Developers can experiment without affecting production.
  • Staging is a safe place to test before going live.
  • Production remains stable and isolated.

Conclusion

Namespaces in Kubernetes are like virtual compartments that help you organize and isolate resources within a cluster. They’re especially useful in environments with multiple teams, projects, or environments. Tools like Helm, ArgoCD, and Harbor leverage namespaces to streamline deployments and manage resources effectively.

By using namespaces, we can keep our Kubernetes cluster clean, organised, and efficient—just like a well-managed office building.