kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix indentation / markdown formatting for list numbering. (#17465)

pull/17473/head
Mitesh Jain 2019-11-07 14:52:42 +05:30 committed by Kubernetes Prow Robot
parent 244f802a33
commit ff22d19e59
1 changed files with 146 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

296
content/en/docs/tasks/administer-cluster/namespaces.md
View File

@ -109,7 +109,7 @@ More information on `finalizers` can be found in the namespace [design doc](http
## Deleting a namespace
1. Delete a namespace with
Delete a namespace with
```shell
kubectl delete namespaces <insert-some-namespace-name>
@ -125,199 +125,195 @@ This delete is asynchronous, so for a time you will see the namespace in the `Te
1. Understand the default namespace
By default, a Kubernetes cluster will instantiate a default namespace when provisioning the cluster to hold the default set of Pods,
Services, and Deployments used by the cluster.
By default, a Kubernetes cluster will instantiate a default namespace when provisioning the cluster to hold the default set of Pods,
Services, and Deployments used by the cluster.
Assuming you have a fresh cluster, you can introspect the available namespace's by doing the following:
Assuming you have a fresh cluster, you can introspect the available namespace's by doing the following:
```shell
kubectl get namespaces
```
```
NAME STATUS AGE
default Active 13m
```
```shell
kubectl get namespaces
```
```
NAME STATUS AGE
default Active 13m
```
2. Create new namespaces
For this exercise, we will create two additional Kubernetes namespaces to hold our content.
For this exercise, we will create two additional Kubernetes namespaces to hold our content.
In a scenario where an organization is using a shared Kubernetes cluster for development and production use cases:
In a scenario where an organization is using a shared Kubernetes cluster for development and production use cases:
The development team would like to maintain a space in the cluster where they can get a view on the list of Pods, Services, and Deployments
they use to build and run their application. In this space, Kubernetes resources come and go, and the restrictions on who can or cannot modify resources
are relaxed to enable agile development.
The development team would like to maintain a space in the cluster where they can get a view on the list of Pods, Services, and Deployments
they use to build and run their application. In this space, Kubernetes resources come and go, and the restrictions on who can or cannot modify resources
are relaxed to enable agile development.
The operations team would like to maintain a space in the cluster where they can enforce strict procedures on who can or cannot manipulate the set of
Pods, Services, and Deployments that run the production site.
The operations team would like to maintain a space in the cluster where they can enforce strict procedures on who can or cannot manipulate the set of
Pods, Services, and Deployments that run the production site.
One pattern this organization could follow is to partition the Kubernetes cluster into two namespaces: `development` and `production`.
One pattern this organization could follow is to partition the Kubernetes cluster into two namespaces: `development` and `production`.
Let's create two new namespaces to hold our work.
Let's create two new namespaces to hold our work.
Use the file [`namespace-dev.json`](/examples/admin/namespace-dev.json) which describes a `development` namespace:
Create the `development` namespace using kubectl:
{{< codenew language="json" file="admin/namespace-dev.json" >}}
```shell
kubectl create -f https://k8s.io/examples/admin/namespace-dev.json
```
Create the `development` namespace using kubectl.
And then let's create the `production` namespace using kubectl:
```shell
kubectl create -f https://k8s.io/examples/admin/namespace-dev.json
```
```shell
kubectl create -f https://k8s.io/examples/admin/namespace-prod.json
```
And then let's create the `production` namespace using kubectl.
To be sure things are right, list all of the namespaces in our cluster.
```shell
kubectl create -f https://k8s.io/examples/admin/namespace-prod.json
```
To be sure things are right, list all of the namespaces in our cluster.
```shell
kubectl get namespaces --show-labels
```
```
NAME STATUS AGE LABELS
default Active 32m <none>
development Active 29s name=development
production Active 23s name=production
```
```shell
kubectl get namespaces --show-labels
```
```
NAME STATUS AGE LABELS
default Active 32m <none>
development Active 29s name=development
production Active 23s name=production
```
3. Create pods in each namespace
A Kubernetes namespace provides the scope for Pods, Services, and Deployments in the cluster.
A Kubernetes namespace provides the scope for Pods, Services, and Deployments in the cluster.
Users interacting with one namespace do not see the content in another namespace.
Users interacting with one namespace do not see the content in another namespace.
To demonstrate this, let's spin up a simple Deployment and Pods in the `development` namespace.
To demonstrate this, let's spin up a simple Deployment and Pods in the `development` namespace.
We first check what is the current context:
We first check what is the current context:
```shell
kubectl config view
```
```yaml
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: REDACTED
server: https://130.211.122.180
name: lithe-cocoa-92103_kubernetes
contexts:
- context:
cluster: lithe-cocoa-92103_kubernetes
user: lithe-cocoa-92103_kubernetes
name: lithe-cocoa-92103_kubernetes
current-context: lithe-cocoa-92103_kubernetes
kind: Config
preferences: {}
users:
- name: lithe-cocoa-92103_kubernetes
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
token: 65rZW78y8HbwXXtSXuUw9DbP4FLjHi4b
- name: lithe-cocoa-92103_kubernetes-basic-auth
user:
password: h5M0FtUUIflBSdI7
username: admin
```
```shell
kubectl config view
```
```yaml
apiVersion: v1
clusters:
cluster:
certificate-authority-data: REDACTED
server: https://130.211.122.180
name: lithe-cocoa-92103_kubernetes
contexts:
context:
cluster: lithe-cocoa-92103_kubernetes
user: lithe-cocoa-92103_kubernetes
name: lithe-cocoa-92103_kubernetes
current-context: lithe-cocoa-92103_kubernetes
kind: Config
preferences: {}
users:
name: lithe-cocoa-92103_kubernetes
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
token: 65rZW78y8HbwXXtSXuUw9DbP4FLjHi4b
name: lithe-cocoa-92103_kubernetes-basic-auth
user:
password: h5M0FtUUIflBSdI7
username: admin
```
```shell
kubectl config current-context
```
```
lithe-cocoa-92103_kubernetes
```
```shell
kubectl config current-context
```
```
lithe-cocoa-92103_kubernetes
```
The next step is to define a context for the kubectl client to work in each namespace. The values of "cluster" and "user" fields are copied from the current context.
The next step is to define a context for the kubectl client to work in each namespace. The values of "cluster" and "user" fields are copied from the current context.
```shell
kubectl config set-context dev --namespace=development --cluster=lithe-cocoa-92103_kubernetes --user=lithe-cocoa-92103_kubernetes
kubectl config set-context prod --namespace=production --cluster=lithe-cocoa-92103_kubernetes --user=lithe-cocoa-92103_kubernetes
```
```shell
kubectl config set-context dev --namespace=development --cluster=lithe-cocoa-92103_kubernetes --user=lithe-cocoa-92103_kubernetes
kubectl config set-context prod --namespace=production --cluster=lithe-cocoa-92103_kubernetes --user=lithe-cocoa-92103_kubernetes
```
The above commands provided two request contexts you can alternate against depending on what namespace you
wish to work against.
The above commands provided two request contexts you can alternate against depending on what namespace you
wish to work against.
Let's switch to operate in the `development` namespace.
Let's switch to operate in the `development` namespace.
```shell
kubectl config use-context dev
```
```shell
kubectl config use-context dev
```
You can verify your current context by doing the following:
You can verify your current context by doing the following:
```shell
kubectl config current-context
dev
```
```shell
kubectl config current-context
dev
```
At this point, all requests we make to the Kubernetes cluster from the command line are scoped to the `development` namespace.
At this point, all requests we make to the Kubernetes cluster from the command line are scoped to the `development` namespace.
Let's create some contents.
Let's create some contents.
```shell
kubectl run snowflake --image=k8s.gcr.io/serve_hostname --replicas=2
```
We have just created a deployment whose replica size is 2 that is running the pod called `snowflake` with a basic container that just serves the hostname.
Note that `kubectl run` creates deployments only on Kubernetes cluster >= v1.2. If you are running older versions, it creates replication controllers instead.
If you want to obtain the old behavior, use `--generator=run/v1` to create replication controllers. See [`kubectl run`](/docs/reference/generated/kubectl/kubectl-commands/#run) for more details.
```shell
kubectl run snowflake --image=k8s.gcr.io/serve_hostname --replicas=2
```
We have just created a deployment whose replica size is 2 that is running the pod called `snowflake` with a basic container that just serves the hostname.
Note that `kubectl run` creates deployments only on Kubernetes cluster >= v1.2. If you are running older versions, it creates replication controllers instead.
If you want to obtain the old behavior, use `--generator=run/v1` to create replication controllers. See [`kubectl run`](/docs/reference/generated/kubectl/kubectl-commands/#run) for more details.
```shell
kubectl get deployment
```
```
NAME READY UP-TO-DATE AVAILABLE AGE
snowflake 2/2 2 2 2m
```
```shell
kubectl get pods -l run=snowflake
```
```
NAME READY STATUS RESTARTS AGE
snowflake-3968820950-9dgr8 1/1 Running 0 2m
snowflake-3968820950-vgc4n 1/1 Running 0 2m
```
```shell
kubectl get deployment
```
```
NAME READY UP-TO-DATE AVAILABLE AGE
snowflake 2/2 2 2 2m
```
```shell
kubectl get pods -l run=snowflake
```
```
NAME READY STATUS RESTARTS AGE
snowflake-3968820950-9dgr8 1/1 Running 0 2m
snowflake-3968820950-vgc4n 1/1 Running 0 2m
```
And this is great, developers are able to do what they want, and they do not have to worry about affecting content in the `production` namespace.
And this is great, developers are able to do what they want, and they do not have to worry about affecting content in the `production` namespace.
Let's switch to the `production` namespace and show how resources in one namespace are hidden from the other.
Let's switch to the `production` namespace and show how resources in one namespace are hidden from the other.
```shell
kubectl config use-context prod
```
```shell
kubectl config use-context prod
```
The `production` namespace should be empty, and the following commands should return nothing.
The `production` namespace should be empty, and the following commands should return nothing.
```shell
kubectl get deployment
kubectl get pods
```
```shell
kubectl get deployment
kubectl get pods
```
Production likes to run cattle, so let's create some cattle pods.
Production likes to run cattle, so let's create some cattle pods.
```shell
kubectl run cattle --image=k8s.gcr.io/serve_hostname --replicas=5
```shell
kubectl run cattle --image=k8s.gcr.io/serve_hostname --replicas=5
kubectl get deployment
```
```
NAME READY UP-TO-DATE AVAILABLE AGE
cattle 5/5 5 5 10s
```
kubectl get deployment
```
```
NAME READY UP-TO-DATE AVAILABLE AGE
cattle 5/5 5 5 10s
```
```shell
kubectl get pods -l run=cattle
```
```
NAME READY STATUS RESTARTS AGE
cattle-2263376956-41xy6 1/1 Running 0 34s
cattle-2263376956-kw466 1/1 Running 0 34s
cattle-2263376956-n4v97 1/1 Running 0 34s
cattle-2263376956-p5p3i 1/1 Running 0 34s
cattle-2263376956-sxpth 1/1 Running 0 34s
```
```shell
kubectl get pods -l run=cattle
```
```
NAME READY STATUS RESTARTS AGE
cattle-2263376956-41xy6 1/1 Running 0 34s
cattle-2263376956-kw466 1/1 Running 0 34s
cattle-2263376956-n4v97 1/1 Running 0 34s
cattle-2263376956-p5p3i 1/1 Running 0 34s
cattle-2263376956-sxpth 1/1 Running 0 34s
```
At this point, it should be clear that the resources users create in one namespace are hidden from the other namespace.