(一)、Namespace概述

你可以认为namespaces是你kubernetes集群中的虚拟化集群。在一个Kubernetes集群中可以拥有多个命名空间，它们在逻辑上彼此隔离。 他们可以为您和您的团队提供组织，安全甚至性能方面的帮助！ 大多数的Kubernetes中的集群默认会有一个叫default的namespace。实际上，应该是3个：

default：你的service和应用pod默认被创建于此。 段落引用kube-system：kubernetes系统组件使用。 段落引用kube-public：公共资源使用。但实际上现在并不常用。

这个默认（default）的namespace并没什么特别，但你不能删除它。这很适合刚刚开始使用kubernetes和一些小的产品系统。但不建议应用于大型生产系统。因为，这种复杂系统中，团队会非常容易意外地或者无意识地重写或者中断其他服务service。相反，请创建多个命名空间来把你的服务service分割成更容易管理的块。

（二）、创建Namespace

不要害怕创建namespace。它不会降低服务的性能，反而大多情况下会提升你的工作效率。目前创建namespace时通过命令和yaml文件来进行创建的

2.1、通过命令创建命名空间

[root@k8s-master k8s]# kubectl create namespace test123
namespace/test123 created
[root@k8s-master k8s]# kubectl get namespace -owide
NAME              STATUS   AGE
default           Active   55d
kube-node-lease   Active   55d
kube-public       Active   55d
kube-system       Active   55d
test              Active   21d
test123           Active   9s

2.2、通过yaml来进行创建

[root@k8s-master k8s]# kubectl apply -f namespace.yaml
namespace/test321 created
[root@k8s-master k8s]# cat namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: test321
  labels:
    name: test
[root@k8s-master k8s]# kubectl get namespace -owide
NAME              STATUS   AGE
default           Active   55d
kube-node-lease   Active   55d
kube-public       Active   55d
kube-system       Active   55d
test              Active   21d
test123           Active   7m6s
test321           Active   17s

（三）、在namespace中创建资源

3.1、创建一个pod没有指定命名空间的

[root@k8s-master namespace]# cat pod-ns.yml
apiVersion: v1
kind: Pod
metadata:
  name: ns-pod
  labels:
    name: ns-pod
spec:
  containers:
  - name: ns-pod
    image: nginx
[root@k8s-master namespace]# kubectl apply -f pod-ns.yml
pod/ns-pod created
[root@k8s-master namespace]# kubectl get pod/ns-pod
NAME     READY   STATUS    RESTARTS   AGE
ns-pod   1/1     Running   0          21s

3.2、创建一个pod指定命名空间的

[root@k8s-master namespace]# cat pod-ns2.yml
apiVersion: v1
kind: Pod
metadata:
  name: ns-pod2
  namespace: test
  labels:
    name: ns-pod2
spec:
  containers:
  - name: ns-pod2
    image: nginx
[root@k8s-master namespace]# kubectl apply -f pod-ns2.yml
pod/ns-pod2 created
[root@k8s-master namespace]# kubectl get pod  -ntest -owide
NAME      READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
ns-pod2   1/1     Running   0          94s   10.244.1.62   k8s-node01   <none>           <none>

由于默认查询的是default命名空间，如果要查询test空间，则需要参数-ntest来查询test命名空间。 注意：命名空间名称满足正则表达式a-z0-9?,最大长度为63位

（四）、删除一个namespace

[root@k8s-master namespace]# kubectl delete namespaces test123
namespace "test123" deleted

注意： 删除一个namespace会自动删除所有属于该namespace的资源。 default和kube-system命名空间不可删除。

重点，删除namespace会出现Terminating处理步骤如下： 1、导出删除namespace的json文件

}[root@k8s-master ingress]#kubectl get ns
NAME              STATUS        AGE
default           Active        69d
kube-node-lease   Active        69d
kube-public       Active        69d
kube-system       Active        69d
test              Active        34d
test321           Terminating   13d
[root@k8s-master ingress]# kubectl get ns/test321 -o json > test321.json

2、编辑该文件把spec.finalizers下的配置全部删除

    "spec": {
        "finalizers": [
            "kubernetes"
        ]
    }

3、运行kube-proxy

[root@k8s-master ingress]# kubectl proxy
Starting to serve on 127.0.0.1:8001

4、重启个窗口，通过api执行强制删除操作curl -k -H "Content-Type: application/json" -X PUT --data-binary @test321.json http://127.0.0.1:8001/api/v1/namespaces/test321/finalize

[root@k8s-master ingress]# curl -k -H "Content-Type: application/json" -X PUT --data-binary @test321.json http://127.0.0.1:8001/api/v1/namespaces/test321/finalize
{
  "kind": "Namespace",
  "apiVersion": "v1",
  "metadata": {
    "name": "test321",
    "uid": "79aed65d-3cda-4eda-a240-0a33f26d5f9d",
    "resourceVersion": "6929936",
    "creationTimestamp": "2021-12-16T10:53:29Z",
    "deletionTimestamp": "2021-12-17T10:14:42Z",
    "labels": {
      "kubernetes.io/metadata.name": "test321",
      "name": "test"
    },
    "annotations": {
      "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"labels\":{\"name\":\"test\"},\"name\":\"test321\"}}\n"
    },
    "managedFields": [
      {
        "manager": "kubectl-client-side-apply",
        "operation": "Update",
        "apiVersion": "v1",
        "time": "2021-12-16T10:53:29Z",
        "fieldsType": "FieldsV1",
        "fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:kubectl.kubernetes.io/last-applied-configuration":{}},"f:labels":{".":{},"f:kubernetes.io/metadata.name":{},"f:name":{}}}}
      },
      {
        "manager": "kube-controller-manager",
        "operation": "Update",
        "apiVersion": "v1",
        "time": "2021-12-17T10:14:47Z",
        "fieldsType": "FieldsV1",
        "fieldsV1": {"f:status":{"f:conditions":{".":{},"k:{\"type\":\"NamespaceContentRemaining\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionContentFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionDiscoveryFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceDeletionGroupVersionParsingFailure\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"NamespaceFinalizersRemaining\"}":{".":{},"f:lastTransitionTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}}}}},
        "subresource": "status"
      }
    ]
  },
  "spec": {

  },
  "status": {
    "phase": "Terminating",
    "conditions": [
      {
        "type": "NamespaceDeletionDiscoveryFailure",
        "status": "True",
        "lastTransitionTime": "2021-12-17T10:14:47Z",
        "reason": "DiscoveryFailed",
        "message": "Discovery failed for some groups, 2 failing: unable to retrieve the complete list of server APIs: auth.ilinux.io/v2beta1: the server is currently unable to handle the request, metrics.k8s.io/v1beta1: the server is currently unable to handle the request"
      },
      {
        "type": "NamespaceDeletionGroupVersionParsingFailure",
        "status": "False",
        "lastTransitionTime": "2021-12-17T10:14:47Z",
        "reason": "ParsedGroupVersions",
        "message": "All legacy kube types successfully parsed"
      },
      {
        "type": "NamespaceDeletionContentFailure",
        "status": "False",
        "lastTransitionTime": "2021-12-17T10:14:47Z",
        "reason": "ContentDeleted",
        "message": "All content successfully deleted, may be waiting on finalization"
      },
      {
        "type": "NamespaceContentRemaining",
        "status": "False",
        "lastTransitionTime": "2021-12-17T10:14:47Z",
        "reason": "ContentRemoved",
        "message": "All content successfully removed"
      },
      {
        "type": "NamespaceFinalizersRemaining",
        "status": "False",
        "lastTransitionTime": "2021-12-17T10:14:47Z",
        "reason": "ContentHasNoFinalizers",
        "message": "All content-preserving finalizers finished"
      }
    ]
  }
}

5、查看已经被删除 [root@k8s-master ingress]# kubectl get ns NAME STATUS AGE default Active 69d kube-node-lease Active 69d kube-public Active 69d kube-system Active 69d test Active 34d