Skip to main content
Namespaces provide logical isolation for resources within a Kubernetes cluster. Use them to separate environments, teams, or applications.

Key Concepts

Namespace

A logical boundary that isolates resources within a cluster.

Resource Quota

Limits on total resource consumption within a namespace.

Limit Range

Default and maximum resource constraints for containers.

System Namespace

Protected namespaces used by Kubernetes components.

Required Permissions

ActionPermission
View namespacesiam:project:infrastructure:kubernetes:read
Create/Edit namespacesiam:project:infrastructure:kubernetes:write
Delete namespacesiam:project:infrastructure:kubernetes:delete

How to Create a Namespace

1

Select Cluster

Choose a cluster from the dropdown.
2

Click Create Namespace

Click the Create Namespace button.
3

Choose a Template

Select a template based on your needs:
  • Basic Namespace - Simple namespace with labels
  • With Resource Quota - Includes CPU, memory, and object count limits
  • With Limit Range - Includes default container resource constraints
4

Configure YAML

Edit the namespace name and any additional settings in the YAML editor.
5

Create

Click Create to apply.
Namespace names must be valid DNS labels: lowercase letters, numbers, and hyphens only. Maximum 63 characters.

How to Edit a Namespace

1

Select the Namespace

Click on the namespace row to open details, then click Edit YAML.
2

Modify YAML

Edit labels, annotations, or other mutable fields.
3

Save

Click Update to apply changes.
Namespace names cannot be changed after creation. Only labels and annotations can be modified.

How to Delete a Namespace

1

Select the Namespace

Click the actions menu on the namespace row.
2

Click Delete

Select Delete from the menu.
3

Confirm

Confirm the deletion.
Deleting a namespace removes ALL resources within it including pods, deployments, services, configmaps, secrets, and PVCs. This action cannot be undone.

System Namespaces

The following namespaces are protected and cannot be deleted:
NamespacePurpose
kube-systemKubernetes system components
kube-publicPublicly accessible cluster data
kube-node-leaseNode heartbeat leases
defaultDefault namespace for resources

Troubleshooting

This usually indicates resources with finalizers that cannot complete:
  • Check for stuck persistent volume claims
  • Look for resources with deletion finalizers
  • Consider manually removing finalizers as a last resort
  • Verify you have write permission
  • Check namespace name follows DNS label rules (lowercase, numbers, hyphens only)
  • Ensure name is not already taken
  • System namespaces (kube-system, kube-public, kube-node-lease, default) cannot be deleted
  • Verify you have delete permission
  • Check current usage against quota limits
  • Either increase quota or reduce resource requests
  • Use kubectl describe resourcequota -n <namespace> to see usage

FAQ

Resource quotas limit total namespace consumption (CPU, memory, object counts). They prevent a single namespace from consuming all cluster resources.
Limit ranges set default resource requests/limits for containers that don’t specify them. They also enforce minimum and maximum constraints.
Yes, by default. Use the DNS name <service>.<namespace>.svc.cluster.local. Apply NetworkPolicies to restrict cross-namespace traffic.
Common patterns:
  • By environment: dev, staging, prod
  • By team: team-a, team-b
  • By application: app-frontend, app-backend