Namespaces are a way to divide cluster resources among multiple users. Namespaces are suited for scenarios where multiple users spread across multiple teams or projects.
Currently, CCI provides general-computing and GPU-accelerated namespaces. You need to select the resource type when creating a namespace, so that the container in the created workload runs on this type of clusters.
- General-computing: Supports creation of container instances with CPU resources. This namespace type is suitable for general computing scenarios.
- CPU-accelerated: Supports creation of container instances with GPU resources. This namespace type is suitable for scenarios such as deep learning, scientific computing, and video processing.
Relationship Between Namespaces and Networks
A namespace corresponds to a subnet in a VPC, as shown in Figure 1. When a namespace is created, it will be associated with an existing VPC or a newly created VPC, and a subnet will be created under the VPC. Containers and other resources created under this namespace will be in the corresponding VPC and subnet.
If you want to run resources of multiple services in the same VPC, you need to consider the network planning, such as subnet CIDR block division and IP address planning.
Namespaces can implement partial environment isolation. If you have a large number of projects and personnel, you can create different namespaces based on project attributes, such as production, test, and development.
Creating a Namespace
- Log in to the CCI console. In the navigation pane, choose Namespaces.
- On the page displayed on the right, click Create for the target namespace type.
If you click Quick Creation, a namespace will be created with a random name and associated with an existing VPC and subnet in random. If no VPCs are available, a VPC will be automatically created with a subnet allocated to each AZ.
- Enter a name for the namespace.
The namespace name must be globally unique in CCI.
- Configure a VPC.
You can use an existing VPC or create a VPC. If you create a VPC, it is recommended that the VPC CIDR block be set to 10.0.0.0/8–24, 172.16.0.0/12–24, or 192.168.0.0/16–24.
The VPC CIDR block and subnet CIDR block cannot be set to 10.247.0.0/16, because this CIDR block is reserved by CCI for containerized workloads. If you use this CIDR block, IP address conflicts may occur, which may result in workload creation failures or service unavailability. If you do not need to access pods through workloads, you can allocate this CIDR block to a VPC.
- Configure a subnet CIDR block.
Ensure that there are sufficient available IP addresses. If the number of IP addresses are insufficient, workloads will fail to be created.Figure 2 Configuring a subnet
- Click Create.
After the creation is complete, you can view the VPC and subnet information on the namespace details page.
Deleting a Namespace
Deleting a namespace will remove all data resources (workloads, ConfigMaps, secrets, and SSL certificates) related to the namespace.
- Log in to the CCI console. In the navigation pane, choose Namespaces. On the page displayed on the right, click the namespace to be deleted.
- In the upper right corner, click Delete. In the dialog box that is displayed, enter DELETE and click Yes.
To delete a VPC or subnet, go to the VPC console.
Creating a Namespace Through kubectl
For details, see Namespace and Network.