How I create new namespace in Kubernetes

It could be as simple as calling from a shell in your app:

kubectl create namespace <your-namespace-name>

Essentially, kubectl talks to the kube-apiserver.

You can also directly call the kube-apiserver. This is an example to list the pods:

$ curl -k -H 'Authorization: Bearer <token>' \
              https://$KUBERNETES_SERVICE_HOST:6443/api/<api-version>/namespaces/default/pods

More specifically to create a namespace:

$ curl -k -H -X POST -H 'Content-Type: application/json' \
                     -H 'Authorization: Bearer <token>' \
                     https://$KUBERNETES_SERVICE_HOST:6443/api/v1/namespaces/ -d '
{
    "apiVersion": "v1",
    "kind": "Namespace",
    "metadata": {
        "name": "mynewnamespace"
    }
}'

In case you are wondering about the <token>, it's a Kubernetes Secret typically belonging to a ServiceAccount and bound to a ClusterRole that allows you to create namespaces.

You can create a Service Account like this:

$ kubectl create serviceaccount namespace-creator

Then you'll see the token like this (a token is automatically generated):

$ kubectl describe sa namespace-creator
Name:                namespace-creator
Namespace:           default
Labels:              <none>
Annotations:         <none>
Image pull secrets:  <none>
Mountable secrets:   namespace-creator-token-xxxxx
Tokens:              namespace-creator-token-xxxxx
Events:              <none>

Then you would get the secret:

$ kubectl describe secret namespace-creator-token-xxxxx
Name:         namespace-creator-token-xxxx
Namespace:    default
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: namespace-creator
              kubernetes.io/service-account.uid: <redacted>

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  7 bytes
token:      <REDACTED> <== This is the token you need for Authorization: Bearer

Your ClusterRole should look something like this:

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: namespace-creator
rules:
- apiGroups: ["*"]
  resources: ["namespaces"]
  verbs: ["create"]

Then you would bind it like this:

$ kubectl create clusterrolebinding namespace-creator-binding --clusterrole=namespace-creator --serviceaccount=namespace-creator

When it comes to writing code you can use any HTTP client library in any language to call the same endpoints.

There are also libraries like the client-go library that takes care of the plumbing of connecting to a kube-apiserver.


you can create namespace using below command:

kubectl create namespace << namespace_name>>.

Please find below some examples 

kubectl create namespace dev 
kubectl create namespace test
kubectl create namespace prod

To see namespace created:

kubectl get namespace   
     or  
kubectl get ns
     or 
kubectl get namespaces

To avoid mentioning namespace in every kubectl command execution like while creating pod,deployment or any other kubernetes object, set namespace like as mentioned below:

kubectl config set-context --current --namespace=test

I hope this helped!!

Tags:

Kubernetes

Recent Posts