What exactly is Kubernetes namespace and how is it different from linux namespaces (mnt,pid,net,ipc,uts,user,cgroup)?
Difference between Kubernetes namespace and Linux namespaces?
2.2k Views Asked by karthik v At
2
There are 2 best solutions below
0
On
I would say kubernetes namespace is built on linux namespace and add more meanings (functions). Like mentioned in Arghya's answer, kubernetes also uses namespace for RBAC. But when installing kubenetes on Linux, the linux namespace is used to separate resources. Kubernete also supports Windows, it must used something else on Windows.
In sum, Kubernetes namespace is a high level concept and Linux namespace is a little bit low level. Kubernetes uses Linux namespace, but can also support other implementations.
Ref:
https://cloud.redhat.com/blog/kubernetes-namespaces-demystified-how-to-make-the-most-of-them https://kubernetes.io/docs/tasks/tools/install-kubectl-windows/
There is no relationship to linux namespace.Kubernetes namespace is a logical construct to segregate cluster resources(such as pods, secrets) between multiple users. You can apply RBAC using role and rolebinding which defines who can do what in which namespace. That's how the isolation is achieved using namespaces. Internally the cluster resources are stored in ETCD(a key value store) and kubernetes API server allows or denies a user's request to perform CRUD operations on the cluster resources based what has been defined in RBAC policy. Interestingly if you get access to ETCD somehow then you can do everything across all namespaces. So the control is at the Kubernetes API Server layer.