2017-03-31 20:50:16 +00:00
---
2018-02-27 18:51:46 +00:00
reviewers:
2017-03-31 20:50:16 +00:00
- derekwaynecarr
- mikedanese
- thockin
title: Namespaces
2018-06-22 18:20:04 +00:00
content_template: templates/concept
2018-06-06 23:51:26 +00:00
weight: 30
2017-03-31 20:50:16 +00:00
---
2018-06-22 18:20:04 +00:00
{{% capture overview %}}
2017-03-31 20:50:16 +00:00
Kubernetes supports multiple virtual clusters backed by the same physical cluster.
These virtual clusters are called namespaces.
2018-06-22 18:20:04 +00:00
{{% /capture %}}
{{% capture body %}}
2017-03-31 20:50:16 +00:00
## When to Use Multiple Namespaces
Namespaces are intended for use in environments with many users spread across multiple
teams, or projects. For clusters with a few to tens of users, you should not
need to create or think about namespaces at all. Start using namespaces when you
need the features they provide.
2019-04-10 01:58:12 +00:00
Namespaces provide a scope for names. Names of resources need to be unique within a namespace,
but not across namespaces. Namespaces can not be nested inside one another and each Kubernetes
2019-05-07 06:11:40 +00:00
resource can only be in one namespace.
2017-03-31 20:50:16 +00:00
2017-10-22 06:31:25 +00:00
Namespaces are a way to divide cluster resources between multiple users (via [resource quota ](/docs/concepts/policy/resource-quotas/ )).
2017-03-31 20:50:16 +00:00
In future versions of Kubernetes, objects in the same namespace will have the same
access control policies by default.
It is not necessary to use multiple namespaces just to separate slightly different
resources, such as different versions of the same software: use [labels ](/docs/user-guide/labels ) to distinguish
resources within the same namespace.
## Working with Namespaces
2018-01-10 10:44:15 +00:00
Creation and deletion of namespaces are described in the [Admin Guide documentation
2017-08-27 10:25:45 +00:00
for namespaces](/docs/admin/namespaces).
2017-03-31 20:50:16 +00:00
### Viewing namespaces
You can list the current namespaces in a cluster using:
```shell
2019-04-09 01:21:04 +00:00
kubectl get namespace
2019-03-07 09:31:05 +00:00
```
```
2017-05-26 02:24:58 +00:00
NAME STATUS AGE
default Active 1d
kube-system Active 1d
2017-10-22 03:41:19 +00:00
kube-public Active 1d
2017-03-31 20:50:16 +00:00
```
2017-10-22 03:41:19 +00:00
Kubernetes starts with three initial namespaces:
2017-03-31 20:50:16 +00:00
* `default` The default namespace for objects with no other namespace
* `kube-system` The namespace for objects created by the Kubernetes system
2018-07-26 02:52:56 +00:00
* `kube-public` This namespace is created automatically and is readable by all users (including those not authenticated). This namespace is mostly reserved for cluster usage, in case that some resources should be visible and readable publicly throughout the whole cluster. The public aspect of this namespace is only a convention, not a requirement.
2017-03-31 20:50:16 +00:00
### Setting the namespace for a request
2019-06-24 06:33:55 +00:00
To set the namespace for a current request, use the `--namespace` flag.
2017-03-31 20:50:16 +00:00
For example:
```shell
2019-06-24 06:33:55 +00:00
kubectl run nginx --image=nginx --namespace=< insert-namespace-name-here >
kubectl get pods --namespace=< insert-namespace-name-here >
2017-03-31 20:50:16 +00:00
```
### Setting the namespace preference
You can permanently save the namespace for all subsequent kubectl commands in that
context.
```shell
2019-06-25 15:44:38 +00:00
kubectl config set-context --current --namespace=< insert-namespace-name-here >
2017-03-31 20:50:16 +00:00
# Validate it
2019-09-25 17:44:02 +00:00
kubectl config view --minify | grep namespace:
2017-03-31 20:50:16 +00:00
```
## Namespaces and DNS
2017-10-10 04:08:58 +00:00
When you create a [Service ](/docs/user-guide/services ), it creates a corresponding [DNS entry ](/docs/concepts/services-networking/dns-pod-service/ ).
2017-03-31 20:50:16 +00:00
This entry is of the form `<service-name>.<namespace-name>.svc.cluster.local` , which means
2017-08-27 10:25:45 +00:00
that if a container just uses `<service-name>` , it will resolve to the service which
2017-03-31 20:50:16 +00:00
is local to a namespace. This is useful for using the same configuration across
multiple namespaces such as Development, Staging and Production. If you want to reach
across namespaces, you need to use the fully qualified domain name (FQDN).
## Not All Objects are in a Namespace
Most Kubernetes resources (e.g. pods, services, replication controllers, and others) are
2017-08-09 12:06:56 +00:00
in some namespaces. However namespace resources are not themselves in a namespace.
2017-03-31 20:50:16 +00:00
And low-level resources, such as [nodes ](/docs/admin/node ) and
2018-03-19 16:55:01 +00:00
persistentVolumes, are not in any namespace.
2018-06-22 18:20:04 +00:00
2018-07-09 20:17:50 +00:00
To see which Kubernetes resources are and aren't in a namespace:
```shell
# In a namespace
2019-03-07 09:31:05 +00:00
kubectl api-resources --namespaced=true
2018-07-09 20:17:50 +00:00
# Not in a namespace
2019-03-07 09:31:05 +00:00
kubectl api-resources --namespaced=false
2018-07-09 20:17:50 +00:00
```
2018-07-26 02:52:56 +00:00
{{% /capture %}}
2019-06-20 17:04:48 +00:00
{{% capture whatsnext %}}
* Learn more about [creating a new namespace ](/docs/tasks/administer-cluster/namespaces/#creating-a-new-namespace ).
* Learn more about [deleting a namespace ](/docs/tasks/administer-cluster/namespaces/#deleting-a-namespace ).
{{% /capture %}}
