Alauda Container Platform

Creating Namespaces

TOC

Understanding namespaces

Refer to the official Kubernetes documentation: Namespaces

In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc.) and not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc.).

Creating namespaces by using web console

Within the cluster associated with the project, create a new namespace aligned with the project's available resource quotas. The new namespace operates within the resource quotas allocated to the project (e.g., CPU, memory), and all resources in the namespace must reside within the associated cluster.

  1. In the Project Management view, click on the Project Name for which you want to create a namespace.

  2. In the left navigation bar, click on Namespaces > Namespaces.

  3. Click on Create Namespace.

  4. Configure Basic Information.

    ParameterDescription
    ClusterSelect the cluster linked to the project to host the namespace.
    NamespaceThe namespace name must include a mandatory prefix, which is the project name.

  5. (Optional) Configure Resource Quota.

    Every time a resource limit (limits) for computational or storage resources is specified for a container within the namespace, or each time a new Pod or PVC is added, it will consume the quota set here.

    NOTICE:

    • The namespace's resource quota is inherited from the project's allocated quota in the cluster. The maximum allowable quota for a resource type cannot exceed the remaining available quota of the project. If any resource's available quota reaches 0, namespace creation will be blocked. Contact your platform administrator for quota adjustments.

    • GPU Quota Configuration Requirements:

      • GPU quotas (vGPU or pGPU) can only be configured if GPU resources are provisioned in the cluster.
      • When using vGPU, memory quotas can also be set.

      GPU Unit Definitions:

      • vGPU Units: 100 virtual GPU units (vGPU) = 1 physical GPU core (pGPU).
        • Note: pGPU units are counted in whole numbers only (e.g., 1 pGPU = 1 core = 100 vGPU).
      • Memory Units:
        • 1 memory unit = 256 MiB.
        • 1 GiB = 4 memory units (1024 MiB = 4 × 256 MiB).

    • Default Quota Behavior:

      • If no quota is specified for a resource type, the default is unbounded.
      • This means the namespace can consume all available resources of that type allocated to the project without explicit limits.

    Quota Parameter Description

    CategoryQuota TypeValue and UnitDescription
    Storage Resource QuotaAllGiThe total requested storage capacity of all Persistent Volume Claims (PVCs) in this namespace cannot exceed this value.
    Storage ClassThe total requested storage capacity of all Persistent Volume Claims (PVCs) associated with the selected StorageClass in this namespace cannot exceed this value.

    Note: Please allocate StorageClass to the project that the namespace belongs to in advance.
    Extended ResourcesObtained from the configuration dictionary (ConfigMap); please refer to Extended Resources Quotas description for details.-This category will not be displayed if there is no corresponding configuration dictionary.
    Other QuotasEnter custom quotas; for specific input rules, please refer to Other Quota description.-To avoid problems of resource duplication, the following values are not allowed as quota types:
    • limits.cpu
    • limits.memory
    • requests.cpu
    • requests.memory
    • pods
    • cpu
    • memory

  6. (Optional) Configure Container Limit Range; please refer to Limit Range for more details.

  7. (Optional) Configure Pod Security Admission; please refer to Pod Security Admission for specific details.

  8. (Optional) In the More Configuration area, add labels and annotations for the current namespace.

    Tip: You can define the attributes of the namespace through labels or supplement the namespace with additional information through annotations; both can be used to filter and sort namespaces.

  9. Click on Create.

Creating namespace by using CLI

YAML file examples

# example-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: example
  labels:
    pod-security.kubernetes.io/audit: baseline # Option, to ensure security, it is recommended to choose the baseline or restricted mode.
    pod-security.kubernetes.io/enforce: baseline 
    pod-security.kubernetes.io/warn: baseline

# example-resourcequota.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
  name: example-resourcequota
  namespace: example
spec:
  hard:
    limits.cpu: "20"
    limits.memory: 20Gi
    pods: "500"
    requests.cpu: "2"
    requests.memory: 2Gi

# example-limitrange.yaml
apiVersion: v1
kind: LimitRange
metadata:
  name: example-limitrange
  namespace: example
spec:
  limits:
    - default:
        cpu: 100m
        memory: 100Mi
      defaultRequest:
        cpu: 50m
        memory: 50Mi
      max:
        cpu: 1000m
        memory: 1000Mi
      type: Container

Create via YAML file

kubectl apply -f example-namespace.yaml
kubectl apply -f example-resourcequota.yaml
kubectl apply -f example-limitrange.yaml

Create via command line directly

kubectl create namespace example
kubectl create resourcequota example-resourcequota --namespace=example --hard=limits.cpu=20,limits.memory=20Gi,pods=500 
kubectl create limitrange example-limitrange --namespace=example --default='cpu=100m,memory=100Mi' --default-request='cpu=50m,memory=50Mi' --max='cpu=1000m,memory=1000Mi'