Ashok Nagaraj
Ashok Nagaraj

Posted on

Namespace as a Service with vanilla kubernetes objects

With plain kubernetes objects a simple multi-tenancy model can be achieved using the following kubernetes objects:

  1. namespace
    This creates a namespace object with additional annotations (to be used later for additional capabilities)

  2. resourcequota to apply quotas in-terms of:

  3. cpu

  4. memory

  5. total storage volume

  6. pv counts

  7. pvc counts

  8. pod counts

  9. secret counts

  10. service counts (clusterIP, nodePort and loadBalancer)

  11. limitrange default min and max for cpu, memory and pvc sizes


  1. networkpolicy to restrict ingress and egress traffic

  2. serviceaccount for generic account for machine users and automation use-cases

  3. rbac for authorization use cases

Repo link with a helm chart to do the above is here

