Sharing is Caring: Your Kubernetes Cluster, Namespaces, and You

Kubernetes namespaces partition workloads into virtual clusters, so multiple teams or applications can safely share a physical cluster. Today, there is no consensus on how to use namespaces in relatio …

Kubernetes namespaces partition workloads into virtual clusters, so multiple teams or applications can safely share a physical cluster. Today, there is no consensus on how to use namespaces in relation to identity, resource limits, and security. This leads to vulnerable applications and inefficient usage of cluster resources. As the number of teams, clusters, and namespaces grows, it becomes difficult to maintain coherence. By aligning identity, resource limits, and your application’s security posture, cluster operators can get more organizational mileage out of Kubernetes namespaces. In this talk, we will… · Walk through common scenarios of how organizations use namespaces today · Show how to enforce RBAC, resource limits, and your application’s security posture (e.g. networking, service accounts) within namespaces · Outline friction in existing namespace management workflows