Kubernetes namespace

jaeyeon ha·2026년 3월 7일

[교육] Kubernetes

목록 보기

6/34

네임스페이스

단일 클러스터 내에서의 리소스 그룹 격리 메커니즘 제공하여 논리적 격리 제공

[root@master ~]# kubectl get namespace
NAME              STATUS   AGE
default           Active   4h13m
kube-node-lease   Active   4h13m
kube-public       Active   4h13m
kube-system       Active   4h13m

kube-system
기본적으로 kubernetes가 동작하기 위해 필요한 pod 및 자원들을 격리시켜 관리하는 namespace
default
namespace를 따로 지정하지 않을 경우, 기본 설정 namespace

실습 :: namespace 생성

[root@master ~/kube/05]# kubectl create namespace myns1
namespace/myns1 created
[root@master ~/kube/05]# kubectl get namespace
NAME              STATUS   AGE
default           Active   4h20m
kube-node-lease   Active   4h20m
kube-public       Active   4h20m
kube-system       Active   4h20m
myns1             Active   5s

실습 :: namespace yaml 파일로 생성

[root@master ~/kube/05]# kubectl create namespace myns2 --dry-run=client -o yaml > myns2.yaml
[root@master ~/kube/05]# ls
api  myns1.yaml  myns2.yaml  namespace  web1-pod.yaml
[root@master ~/kube/05]# cat myns2.yaml
apiVersion: v1
kind: Namespace
metadata:
  creationTimestamp: null
  name: myns2
spec: {}
status: {}
[root@master ~/kube/05]# vi myns2.yaml
[root@master ~/kube/05]# cat myns2.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: myns2
[root@master ~/kube/05]# kubectl create -f myns2.yaml
namespace/myns2 created
[root@master ~/kube/05]# kubectl create -f web2-pod.yaml -n myns2
pod/web1-pod created

[root@master ~/kube/05]# kubectl get pod -o wide
NAME         READY   STATUS    RESTARTS   AGE     IP               NODE    NOMINATED NODE   READINESS GATES
web1-pod     1/1     Running   0          6m12s   10.233.102.133   node1   <none>           <none>
webserver1   1/1     Running   0          24m     10.233.75.5      node2   <none>           <none>
[root@master ~/kube/05]# kubectl get pod -n myns2
NAME       READY   STATUS    RESTARTS   AGE
web1-pod   1/1     Running   0          30s

실습 :: yaml 파일로 namespace 지정하여 pod 생성

[root@master ~/kube/05]# kubectl create namespace myns3
namespace/myns3 created
[root@master ~/kube/05]# kubectl get namespaces
NAME              STATUS   AGE
default           Active   4h26m
kube-node-lease   Active   4h26m
kube-public       Active   4h26m
kube-system       Active   4h26m
myns1             Active   5m39s
myns2             Active   86s
myns3             Active   7s
[root@master ~/kube/05]# vi web3-pod.yaml
[root@master ~/kube/05]# cat web3-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: web3-pod
  namespace: myns3
spec:
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 80
      protocol: TCP
[root@master ~/kube/05]# kubectl create -f web3-pod.yaml
pod/web3-pod created
[root@master ~/kube/05]# kubectl get pod -n myns3
NAME       READY   STATUS    RESTARTS   AGE
web3-pod   1/1     Running   0          7s

실습 :: yaml 파일을 통해 ns와 pod 동시 생성

[root@master ~/kube/05]# vi web4-pod.yaml
[root@master ~/kube/05]# cat web4-pod.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: myns4

---
apiVersion: v1
kind: Pod
metadata:
  name: web4-pod
  namespace: myns4
spec:
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 80
      protocol: TCP
[root@master ~/kube/05]# kubectl apply -f web4-pod.yaml
namespace/myns4 created
pod/web4-pod created
[root@master ~/kube/05]# kubectl get po -n myns4
NAME       READY   STATUS    RESTARTS   AGE
web4-pod   1/1     Running   0          15s

실습 :: 현재 사용중인 context 확인 및 변경

[root@master ~/kube/05]# kubectl create ns myns5
namespace/myns5 created

[root@master ~/kube/05]# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: <https://127.0.0.1:6443>
  name: cluster.local
contexts:
- context:
    cluster: cluster.local
    user: kubernetes-admin
  name: kubernetes-admin@cluster.local
current-context: kubernetes-admin@cluster.local
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: DATA+OMITTED
    client-key-data: DATA+OMITTED

[root@master ~/kube/05]# kubectl config set-context kubernetes-user@cluster.local --cluster=cluster.local --user=kubernetes-admin --namespace=myns5
Context "kubernetes-user@cluster.local" created.
[root@master ~/kube/05]# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: <https://127.0.0.1:6443>
  name: cluster.local
contexts:
- context:
    cluster: cluster.local
    user: kubernetes-admin
  name: kubernetes-admin@cluster.local
- context:
    cluster: cluster.local
    namespace: myns5
    user: kubernetes-admin
  name: kubernetes-user@cluster.local
current-context: kubernetes-admin@cluster.local
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: DATA+OMITTED
    client-key-data: DATA+OMITTED

[root@master ~/kube/05]# kubectl config use-context kubernetes-user@cluster.local
Switched to context "kubernetes-user@cluster.local".
[root@master ~/kube/05]# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: <https://127.0.0.1:6443>
  name: cluster.local
contexts:
- context:
    cluster: cluster.local
    user: kubernetes-admin
  name: kubernetes-admin@cluster.local
- context:
    cluster: cluster.local
    namespace: myns5
    user: kubernetes-admin
  name: kubernetes-user@cluster.local
current-context: kubernetes-user@cluster.local
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: DATA+OMITTED
    client-key-data: DATA+OMITTED

[root@master ~/kube/05]# kubectl run web5-pod --image=nginx --port=80
pod/web5-pod created
[root@master ~/kube/05]# kubectl get pod
NAME       READY   STATUS    RESTARTS   AGE
web5-pod   1/1     Running   0          5s
[root@master ~/kube/05]# kubectl get pod -n myns5
NAME       READY   STATUS    RESTARTS   AGE
web5-pod   1/1     Running   0          16s
[root@master ~/kube/05]# kubectl get pod -n default
NAME         READY   STATUS    RESTARTS   AGE
web1-pod     1/1     Running   0          16m
webserver1   1/1     Running   0          34m

▶ context 원상복구

[root@master ~/kube/05]# kubectl config use kubernetes-admin@cluster.local
Switched to context "kubernetes-admin@cluster.local".
[root@master ~/kube/05]# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: <https://127.0.0.1:6443>
  name: cluster.local
contexts:
- context:
    cluster: cluster.local
    user: kubernetes-admin
  name: kubernetes-admin@cluster.local
- context:
    cluster: cluster.local
    namespace: myns5
    user: kubernetes-admin
  name: kubernetes-user@cluster.local
current-context: kubernetes-admin@cluster.local
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: DATA+OMITTED
    client-key-data: DATA+OMITTED
[root@master ~/kube/05]# kubectl get pod
NAME         READY   STATUS    RESTARTS   AGE
web1-pod     1/1     Running   0          18m
webserver1   1/1     Running   0          36m

실습 :: namespace 분리 가능한 resource 확인
NAMESPACED == true :: 분리 가능
NAMESPACED == false :: 분리 불가

[root@master ~/kube/05]# kubectl api-resources | head -10
NAME                              SHORTNAMES   APIVERSION                             NAMESPACED   KIND
bindings                                       v1                                     true         Binding
componentstatuses                 cs           v1                                     false        ComponentStatus
configmaps                        cm           v1                                     true         ConfigMap
endpoints                         ep           v1                                     true         Endpoints
events                            ev           v1                                     true         Event
limitranges                       limits       v1                                     true         LimitRange
namespaces                        ns           v1                                     false        Namespace
nodes                             no           v1                                     false        Node
persistentvolumeclaims            pvc          v1                                     true         PersistentVolumeClaim

jaeyeon ha

이전 포스트

Kubernetes 아키텍쳐

다음 포스트

Kubernetes namespace

[교육] Kubernetes

네임스페이스

Kubernetes 아키텍쳐

Kubernetes resource apiVersion

0개의 댓글