Namespaces

Kubernetes Namespaces

All Kubernetes resources, other than nodes and persistent storage volumes, exist within a namespace.

Namespaces are partially isolated environments that run inside a single physical Kubernetes cluster. This allows different teams, projects, and customers to share a Kubernetes cluster. Namespaces have separate pods and resources, but cannot be nested and can still communicate with each other.

Kubernetes namespaces have the following uses:

Isolation: Teams, projects, and customers exist in their own environment within a cluster, and do not impact each other's work.
Security: Use access controls to limit users or processes to certain namespaces.
Resource control: Use resource quotas to divide a cluster's resources between teams and users.
Organization: Separate development, testing, and production environments into different namespaces on one cluster.
Performance: Use multiple namespaces on the same cluster to reduce the number of items the Kubernetes API must search when performing operations.

For more information on using namespaces, see the Namespaces page in the Kubernetes documentation.

kubectl Commands for Namespaces

Create a namespace:
```
kubectl create namespace
```
View namespaces:
```
kubectl get namespace
```
Set a different namespace as default:
```
kubectl config set-context --current --namespace=<namespace>
```
Delete a namespace:
CAUTION
This action cannot be undone.
```
kubectl delete namespace
```

Reserved Namespaces

Reserved namespaces are already in use by HPE Ezmeral Runtime Enterprise. You cannot adopt reserved namespaces for your Kubernetes tenants.

If you deploy optional add-ons, HPE Ezmeral Runtime Enterprise reserves additional namespaces.

Platform and Cluster Administrators can query a deployed cluster for the reserved namespaces with the following command:

kubectl get hpecpconfig -n hpecp -o jsonpath='{.items[0].spec.reservedNamespaceNames}' | tr , ' ' | tr -d '[]'

The HPE Ezmeral Runtime Enterprise default reserved namespaces are:

airflow-base
airflowop-system
argocd
auth
cert-manager
default
ezctl
ezmysql
ezml-model-mgmt
gatekeeper-system
hpe-csi
hpe-externalclusterinfo
hpe-ldap
hpe-nfscsi
hpe-nodesvc
hpe-secure
hpe-sparkoperator
hpe-storage
hpe-system
hpe-templates-compute
hpecp
hpecp-bootstrap
hpecp-cert-manager
hpecp-falco
hpecp-observability
istio-system
kd-apps
kd-mlops
kd-spark
kiali-operator
knative-eventing
knative-serving
kube-node-lease
kube-public
kube-system
kubeflow
kubeflow-jobs
kubeflow-operator
kubeflow-user-example-com
kubernetes-dashboard
mapr-external-info
prism-ns
velero

If a Kubernetes Data Fabric cluster is deployed, HPE Ezmeral Runtime Enterprise also reserves the namespace corresponding to the name of the Data Fabric cluster.

For example, if a Data Fabric cluster is named df-cluster, HPE Ezmeral Runtime Enterprise reserves the df-cluster namespace.

HPE Ezmeral Runtime Enterprise 5.7 Documentation
Abstract	HPE Ezmeral Container Platform is a unified container platform built on open source Kubernetes and designed for both cloud-native applications and non-cloud-native applications running on any infrastructure either on-premises, in multiple public clouds, in a hybrid model, or at the edge.
Published	November 2024
Edition	5.7.0