Mastering Namespaces and Services in Kubernetes | Day 33 of 90 Days of DevOps

Learn how to master Namespaces and Services in Kubernetes, two important concepts that help you organize and expose your applications in a cluster, in this tutorial for Day 33 of 90 Days of DevOps.

Welcome to Day 33 of 90 Days of DevOps.

Today, we will learn how to master Namespaces and Services in Kubernetes, two important concepts that help us organize and expose our applications in a cluster.

We will also deploy a sample Nginx web server within a Namespace and expose it as a Service.

By the end of this blog post, you will be able to:

• Understand what Namespaces and Services are and why they are useful
• Create and delete Namespaces and Services using kubectl
• Deploy a sample Nginx web server within a Namespace
• Expose and access the web server as a Service

Let’s get started!

Understanding Namespaces and Services in Kubernetes

Namespaces and Services are two fundamental concepts in Kubernetes that help us manage the complexity and scalability of our applications. Let’s see what they are and how they work.

What is a Namespace?

A Namespace is a logical grouping of resources within a Kubernetes cluster. A Namespace provides a scope for names, meaning that resources can have the same name as long as they belong to different Namespaces. A Namespace also isolates resources from each other, meaning that resources in one Namespace cannot see or access resources in another Namespace, unless explicitly allowed.

Namespaces are useful for:

• Organizing your cluster into logical units, such as teams, projects, environments, etc.
• Sharing your cluster resources among multiple users or groups, with different access levels and quotas
• Avoiding name conflicts for resources that have common names, such as pods, services, deployments, etc.

By default, every Kubernetes cluster has three Namespaces:

• default: This is the default Namespace where your resources are created if you don’t specify any other Namespace.
• kube-system: This is the Namespace where the system components of Kubernetes are created and managed, such as the API server, the scheduler, the controller manager, etc.
• kube-public: This is the Namespace that is readable by all users (including unauthenticated ones) and is mostly reserved for cluster usage, such as exposing the cluster information.

You can create your own custom Namespaces to suit your needs and preferences.

What is a Service?

A Service is an abstraction that defines a logical set of Pods and a policy to access them. A Service allows you to expose your Pods to other Pods within the cluster or to external clients outside the cluster.

A Service is useful for:

• Providing a stable and reliable way of accessing your Pods, regardless of their location or status
• Load balancing the traffic among your Pods, distributing the requests evenly, and avoiding overloading
• Discovering your Pods dynamically, using DNS or environment variables

There are four types of Services in Kubernetes:

• ClusterIP: This is the default type of Service that exposes your Pods within the cluster using an internal IP address. This type of Service is only accessible from within the cluster.
• NodePort: This type of Service exposes your Pods on each node’s IP address using a static port. This type of Service is accessible from outside the cluster using <node-ip>:<node-port>.
• LoadBalancer: This type of Service exposes your Pods using an external load balancer provided by your cloud provider or platform. This type of Service is accessible from outside the cluster using <load-balancer-ip>:<port>.
• ExternalName: This type of Service maps your Pods to an external domain name using a CNAME record. This type of Service does not have any selectors or ports.

Practical Guide: Deploying Nginx within a Namespace

In this section, we will deploy a sample Nginx web server within a Kubernetes Namespace and expose it as a Service. We will use kubectl, the command-line tool that interacts with Kubernetes clusters, to perform various operations on our resources.

To deploy Nginx within a Namespace, follow these steps:

1. Create a namespace before creating the manifest file.

kubectl create namespace nginx

2. Create a YAML file named deployment.yml with the following content:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: nginx
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      namespace: nginx
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          ports:
            - containerPort: 80

This file defines a Deployment object named nginx-deployment that creates three replicas of Pods that run the nginx:latest image. The Deployment belongs to the nginx Namespace and has the label app: nginx. The Pods expose port 80 for the web server.

3. Apply the YAML file to create the Deployment by running:

kubectl apply -f deployment.yml

This will create the Deployment and its associated ReplicaSet and Pods.

4. Verify that the Deployment is created by running:

kubectl get deployments -n nginx

The -n flag specifies the Namespace that we want to query.

You should see something like this:

This shows that you have one Deployment named nginx-deployment that has three replicas ready and up-to-date in the nginx Namespace.

5. Verify that the Pods are running by running:

kubectl get pods -n nginx

You should see something like this:

This shows that you have three Pods named nginx-deployment-<random-string> that are running and ready in the nginx Namespace.

6. Expose the Pods as a Service by running:

kubectl expose deployment nginx-deployment -n nginx --port=80 --type=LoadBalancer

This will create a Service object named nginx-deployment that exposes port 80 of the Pods as a LoadBalancer service in the nginx Namespace. A LoadBalancer service allocates an external IP address and routes traffic from that IP address to the Pods.

7. Verify that the Service is created by running:

kubectl get services -n nginx

You should see something like this:

This shows that you have one Service named nginx-deployment that exposes port 80 of the Pods as port 80 on an external IP address in the nginx Namespace.

8. Access the Nginx web server from your browser by going to http://<external-ip>:<servicePort>/.

You should see something like this:

Congratulations! You have successfully deployed a sample Nginx web server within a Kubernetes Namespace and exposed it as a Service.

Conclusion

In this blog post, we learned how to master Namespaces and Services in Kubernetes, two important concepts that help us organize and expose our applications in a cluster. We also deployed a sample Nginx web server within a Namespace and exposed it as a Service.

I hope you enjoyed this blog post and learned something new. If you have any questions or feedback, please feel free to leave a comment below.

If you want to follow my journey of learning DevOps, you can check out my GitHub profile and my LinkedIn profile.

Thank you for reading and stay tuned for more!