What Is a Kubernetes Namespace? (Explained Simply)
Namespaces in Kubernetes divide your cluster into virtual sections. Here's what they are, why they matter, and how to use them.
If you've run kubectl get pods and gotten nothing, but you know pods exist — you were probably looking in the wrong namespace. Here's what namespaces are and how to use them.
What Is a Namespace?
A namespace is a way to divide a single Kubernetes cluster into multiple virtual clusters.
Think of it like folders on your computer. One cluster, multiple namespaces — resources in each namespace are isolated from each other.
cluster
├── namespace: default (your stuff if you don't specify)
├── namespace: production (production workloads)
├── namespace: staging (staging workloads)
├── namespace: monitoring (Prometheus, Grafana)
└── namespace: kube-system (Kubernetes system components)
Default Namespaces
When you install Kubernetes, these namespaces exist out of the box:
| Namespace | Purpose |
|---|---|
default | Where resources go if you don't specify a namespace |
kube-system | Kubernetes internal components (DNS, scheduler, controller manager) |
kube-public | Readable by all users, rarely used |
kube-node-lease | Node heartbeat objects |
Basic Namespace Commands
# List all namespaces
kubectl get namespaces
# Create a namespace
kubectl create namespace staging
# Get pods in a specific namespace
kubectl get pods -n staging
# Get pods across ALL namespaces
kubectl get pods --all-namespaces
# or shorter:
kubectl get pods -A
# Delete a namespace (deletes everything inside it!)
kubectl delete namespace stagingUsing Namespaces in YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
namespace: staging # <-- specify here
spec:
replicas: 2
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: myapp:v1.2What Namespaces Do and Don't Isolate
They DO isolate:
- Pod names (same pod name can exist in different namespaces)
- Services (a Service in
stagingis different fromproduction) - ConfigMaps and Secrets
- RBAC (you can give different permissions per namespace)
- Resource quotas (limit CPU/memory per namespace)
They DON'T isolate:
- Network traffic by default (pods can still reach each other across namespaces unless you add NetworkPolicy)
- Nodes (all namespaces share the same nodes)
- Cluster-wide resources: Nodes, PersistentVolumes, ClusterRoles, StorageClasses
Resource Quotas Per Namespace
You can limit how much CPU and memory a namespace can use:
apiVersion: v1
kind: ResourceQuota
metadata:
name: staging-quota
namespace: staging
spec:
hard:
requests.cpu: "4"
requests.memory: 8Gi
limits.cpu: "8"
limits.memory: 16Gi
pods: "20"This prevents one team from consuming all cluster resources.
Set a Default Namespace for kubectl
Typing -n staging every command gets old. Set a default:
kubectl config set-context --current --namespace=staging
# Now all commands default to staging
kubectl get pods # same as kubectl get pods -n stagingReal-World Namespace Strategy
Small team:
default / staging / production
Multi-team:
team-a-dev / team-a-prod
team-b-dev / team-b-prod
monitoring / logging / security
By environment:
dev / staging / prod
monitoring / platform
Pick one convention and stick to it. Mixing strategies creates confusion.
Resources
Stay ahead of the curve
Get the latest DevOps, Kubernetes, AWS, and AI/ML guides delivered straight to your inbox. No spam — just practical engineering content.
Related Articles
Build a Kubernetes Cluster with kubeadm from Scratch (2026)
Step-by-step guide to building a real multi-node Kubernetes cluster using kubeadm — no managed services, no shortcuts.
How to Migrate from Ingress-NGINX to Kubernetes Gateway API in 2026
Step-by-step guide to migrating from Ingress-NGINX to Kubernetes Gateway API. Includes YAML examples, implementation choices, testing strategy, and cutover plan.
How to Set Up HashiCorp Vault for Secrets Management from Scratch (2026)
HashiCorp Vault is the industry standard for secrets management. This step-by-step guide shows you how to install Vault, configure it, and integrate it with Kubernetes.