The role of namespaces
The main function is to realize resource isolation of multiple environments or resource isolation of multi-tenants ;
The concept of tenants: when I buy a cloud server, I am its tenant.
By default, all Pods in the kubenetes cluster can access each other , but different Pods may need to be isolated in the actual environment , then different Pods can be divided into different Namespaces .
Kubernetes can form a logical "group" by allocating the resources within the cluster to different Namespaces, so as to facilitate the isolated use and management of resources in different groups
Through the kubernetes authorization mechanism , different Namespaces can be handed over to different tenants for management , thus realizing multi-tenant resource isolation.
Combining the resource quota mechanism of kubernetes in the recording work , limit the resources that different tenants can occupy , such as CPU usage, memory usage, etc., to realize the management of tenants' available resources
That is, even if a resource leak occurs in a pod, it cannot interfere with my underlying resource memory; cpu...
After the cluster is started, kubernetes will create several Namespaces by default.
#View Namespace
[root@master ~]# kubectl get ns
NAME STATUS AGE
default Active 5d17h
kube-node-lease Active 5d17h #Heartbeat maintenance between cluster nodes , introduced in v1.13
kube-public Active 5d17h #Resources under this namespace can be accessed by everyone, including unauthenticated users
kube-system Active 5d17h #All resources created by the kubernetes system are in this namespace ( when this is running, you need to check whether the pod below is normal; it is normal )
#All unspecified Namespace objects will be allocated in the default namespace
#View the pod resources in the default space
[root@master ~]# kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
nginx-696649f6f9-t4xm6 1/1 Running 0 5d17h
#View pod resources in kube-system space
[root@master ~]# kubectl get pods -n kube-system(系统创建的system空间)
NAME READY STATUS RESTARTS AGE
coredns-6955765f44-dzhkh 1/1 Running 0 5d17h
coredns-6955765f44-rn4ds 1/1 Running 0 5d17h
etcd-master 1/1 Running 0 5d17h
kube-apiserver-master 1/1 Running 0 5d17h
kube-controller-manager-master 1/1 Running 7 5d17h
kube-flannel-ds-2p922 1/1 Running 0 5d17h
kube-flannel-ds-fz8bz 1/1 Running 0 5d17h
kube-flannel-ds-plfvb 1/1 Running 0 5d17h
kube-proxy-7k4lf 1/1 Running 0 5d17h
kube-proxy-h485n 1/1 Running 0 5d17h
kube-proxy-m45qq 1/1 Running 0 5d17h
kube-scheduler-master 1/1 Running 5 5d17h
Namespace resource operation command
view command
#View all Namespace information
[root@master ~]# kubectl get ns
NAME STATUS AGE
default Active 5d17h
kube-node-lease Active 5d17h
kube-public Active 5d17h
kube-system Active 5d17h
#View the specified Namespace information
[root@master ~]# kubectl get ns default
NAME STATUS AGE
default Active 5d17h
#View the details of the specified Namespace
[root@master ~]# kubectl describe ns default
Name: default
Labels: <none>
Annotations: <none>
Status: Active # Active indicates that the namespace is in use, and Terminatind indicates that the namespace is being deleted
No resource quota. #Resource limitation for Namespace
No LimitRange resource. #Resource limit for each component in Namespace
This is often configured in work to limit the acquisition of underlying hardware resources.
create command
#Create Namespace
[root@master ~]# kubectl create ns dev
namespace/dev created
#View the specified Namespace
[root@master ~]# kubectl get ns dev
NAME STATUS AGE
dev Active 34s
delete command
#Delete the specified Namespace
[root@master ~]# kubectl delete ns dev
namespace "dev" deleted
Create a Namespace in the form of a configuration file
#Create Namespace through yml file
[root@master ~]# vim ns_dev.yml
apiVersion: v1
kind: Namespace
metadata:
name: dev
#Create Namspace
[root@master ~]# kubectl create -f ns_dev.yml
#View Namespace
[root@master ~]# kubectl get ns
NAME STATUS AGE
default Active 5d18h
dev Active 8s
kube-node-lease Active 5d18h
kube-public Active 5d18h
kube-system Active 5d18h
#Delete Namespace
[root@master ~]# kubectl delete -f ns_dev.yml
namespace "dev" deleted
Delete the namespace configured by the yml file; kubectl delete -f ns_dev.yml