At the core of nearly all digital transformation initiatives is technology that helps companies move faster, drive innovation and fuel growth—all without missing a beat in day-to-day operations. This year at SUSECON 2019 in Nashville, we’re displaying how our open, open source approach to software-defined infrastructure and application delivery solutions makes it easier for organizations to achieve that on their own terms giving them the freedom to transform their way. SUSECON 2019 is all about creating your kind of open and this year we’re really focusing on how you can lead your company into a digital transformation by learning how to apply reliable, secure open source solutions to meet the demands of your business.
At SUSECON 2019, you will learn the latest developments in enterprise-class Linux, OpenStack, Ceph storage, Kubernetes, Cloud Foundry and other open source projects from technical experts, ecosystem partners and your peers from around the world. If you’re concerned about the future of your organizations digital transformation and interested in the latest technology innovations like software-defined storage, cloud or container technologies, then you will want to be sure to attend. In addition, here are three sessions you will want to be sure to include on your agenda.
Getting Started with Kubernetes [HO1113]
1.Introduction to Containers and Microservices 2. Container Orchestration tools 3. Introduction to Kubernetes 4. Kubernetes Architecture 5. Key Features of Kubernetes a. Container grouping using pod b. Self-healing c. Auto-scalability d. DNS management e. Load balancing f. Rolling update or rollback g. Resource monitoring and logging 6. Lab: Installing Kubernetes cluster 7. Lab: Deploying Multi-Tier Application
An Introduction to Microservices Architecture [BOV1079]
IT Organisations are hearing the word Microservices a lot. But what actually are they? This session will give an introduction to Microservices and how they can help your business succeed. We will discuss the various types of Microservice architectures and how they fit into the Software Defined Infrastructure and Cloud paradigm and explain how you can take your existing business application or product and break it down into its component services. We want to introduce the principles so that you can enable your organisation to succeed and start architecting 12 factor apps today. We will give you various hints and tips to get started as well as give guidance as to some of the common pitfalls organisations experience. This session is aimed at Enterprise or Application Architects, IT Managers and Developers that are new to the world of Microservices and 12 factor apps
SPEAKERS
Rob Knight, EMEA Platform and Management Technical Strategist, SUSE
Stephen Mogg, Technical Strategist, SAP and Public Cloud, SUSE
Session Type: Business Overview
Topics: Application Delivery, Business Applications & Middleware, Cloud Infrastructure, Container Technologies, DevOps, Digital Transformation, Internet of Things, Private/Public/Hybrid Cloud Technologies, Software-Defined Solutions
SUSECON 2019 is all about open done your way and why wouldn’t it be? We’re the “open” open source company after all! In today’s business environment, every company is a digital company. IT infrastructure needs to not only keep pace but also move fast enough to accommodate strategic business and technology initiatives. At SUSECON 2019, you’ll see how our open, open source approach helps ourcustomers and partners transform IT, delivering increased agility and faster innovation, done their way. We’ll explore digital transformation that enables customers and partners in a way that suits them and one way we will be exploring this is by focusing on foundation and flexibility. Here’s a look at a few sessions that will really hone in on these areas.
5 Ways Companies Are Using SUSE High Performance Computing in AI, Machine Learning and Analytics [BOV1043]
This session will go through five examples of how SUSE HPC solutions are being used across different industries for powering AI and machine learning applications. Advanced analytics applications using artificial intelligence (AI), machine learning (ML), deep learning and cognitive computing or learning are increasingly being used in the intelligence community, engineering, and cognitive computing industries. The need to analyze massive amount of data and transaction-intensive workloads are driving the use of HPC into the business arena and making these tools main stream for a variety of industries. Commercial users are getting into high performance applications for fraud detection, personalized medicine, manufacturing, smart cities, autonomous vehicles and many other areas. And because of these more data-intensive workloads, commercial users all need an HPC-based infrastructure to run these AI, ML and cognitive computing applications effectively.
SPEAKERS
Jeff Reser, Product & Solutions Marketing, SUSE
Kay Tate, ISV Programs Manager
Session Type: Business Overview
Topics: Machine Learning
Technical Level: Business Level Overview
Secure by default – anti-exploit techniques and hardenings in SUSE products [TUT1046]
Security is more important then ever. That’s why we at SUSE enable anti-exploit techniques and hardenings in our products. This talk explains to you the basic of technologies like – Stack cannaries – Fortify source – Address space layout randomization – NX and shows you how they protect your infrastructure from attackers.
SPEAKERS
Johannes Segitz, SUSE
Marcus Meissner, SUSE
Session Type: Technical Tutorial
Topics: Security & Compliance
Technical Level: Technical Intermediate
SUSE Best Practices: Sharing Expertise, Experience and Knowledge for Solution-based Documentation [BOV1058]
A lot of *hidden* IT experience exists in the ecosystem of nearly any enterprise. This is also the case for SUSE, no matter which product or technology you are looking at. For every product or solution, there are subject matter experts that have profound know-how and skills. Often it is partly documented via scripts, or in form of emails, or simple write-ups. But this kind of information is usually not publicly accessible. The purpose of the SUSE Best Practices is to change the situation. Our goal is to make existing knowledge and experience available to a broader audience. This new series of documentation, in contrast to the SUSE product documentation which mainly guides through SUSE product installation and usage, delivers a series of topic-driven documentation and provides installation and implementation *experiences*. And YOU can contribute, too! Share your experience and knowledge in the true spirit of *Open Source*. You don’t have to be a “skilled writer”, you don’t need to have knowledge in “complex tools”. We will also give an overview on *how to* contribute for example via AsciiDoc. Join the session and learn more.
SPEAKERS
Meike Chabowski, SUSE
Session Type: Business Overview
Topics: Enterprise Linux
Technical Level: Business Level Overview
Add these to your list of can’t miss sessions and register today! Follow me @JeffReserNC for updates and the latest news in big systems and HPC!
Why are Services Partners key to a digital transformation? Recently, SUSE had the chance to catch up with Katy Ring, Research Director, at 451 Research. As a Research Director, Katy sees a lot of companies taking on digital transformation projects. We wanted to get her insight into the reasons why companies often work with services partners when embarking on their transformation. Katy shared several main reasons.
Services Partners can help set direction, prioritize, and staff projects
IT shops are being asked to manage and maintain their existing technology. Yet, they are also being asked to meet the future needs of the business. Many IT shops are confused as to where to get started and ultimately do nothing. A services partner can help set direction, help get them started, and prioritize projects with discrete milestones.
Services Partners can provide the skills you don’t have
Having the right skill sets are imperative to meeting the needs of the digital economy. Traditionally IT personnel had silo’d skills, that is, an IT shop would have a database specialist or a network specialist. Today’s IT personnel is expected to be more of an IT generalist. That is, IT departments are asking their teams to understand different parts of the IT stack, as well as to be adjustable and adaptable to get the job done. However, more than 60% of IT shops have no plans to change the structure of their organizations. A services partner can provide those generalist skills, providing knowledge transfer and consulting skills to help shops manage the new technology.
Services Partners often collaborate with product managers and engineering
Re-imagining the relationship you have with your technology vendor will help you quickly get to where you want to go. Choosing a vendor with a strong services arm will be able to help you get started in the right direction with your transformation project. They can help you assess your technical environment and help you prioritize goals and milestones. Working with the services arm of your technology vendor also enables you to reach back into the product and engineering teams to help you get the solution you require.
The bottom line
If you are thinking about taking the leap to technology such as OpenStack or Containers, it really does make the most sense to make that leap with an IT services partner. SUSE Global Services is that partner. From discovery, design and architecture workshops to engaging with dedicated premium engineers that know you and your infrastructure, SUSE has the offerings you need to make the leap to your digital transformation.
The OpenStack Foundation have just released the session agenda for the inaugural Open Infrastructure Summit, which will be taking place in May in Denver, Colorado. As you’ll no doubt already know, the OpenStack Summits are no more, so we’ll instead be getting together to talk about all the different open infrastructure components that businesses are using to build their infrastructures.
Whether you’re a die-hard OpenStack fan, if Kubernetes is more your bag, maybe Kata Containers floats your boat or if Ceph is more your bag, then there’s something for you in the Mile High City this May.
Paint it black (well, green actually)
Of course, SUSE will be there – we’re founding members of the OpenStack Foundation, and were the first to release an enterprise-ready OpenStack distribution way back in the mists of time (2011 if you want to be precise). We’ve been planning the theme for our booth for a while now, and it’s going to stand out as always – over the years you’ve met the SUSE Pit Crew, the SUSE Surgical Team and the SUSE Flight Crew, so you’ll have to wait and see what 2019 brings. Rest assured, the colour green will be very evident, and there will of course be chameleons.
Some of the team from SUSE will be presenting through the week, so be sure to come along to say hello to the team at the booth, and check out some of our sessions:
We’re also running our ever-popular and always over-subscribed free OpenStack training courses, with the Oracle of OpenStack, Ron Terry. Come along to gain your OpenStack superpowers, and maybe even some new, limited edition SUSE swag…
Don’t forget to register now for the Open Infrastructure Summit, as prices go up on the 27th February. We look forward to seeing you at the Colorado Convention Centre – we’ll be the ones surrounded by chameleons wearing something green. What was your favourite OpenStack Summit, and your favourite SUSE theme from past Summits? Tweet me, or add a comment below to let me know.
*Note – John Denver is not associated with the Open Infrastructure Summit. John Denver does not promote SUSE nor the Open Infrastructure Summit, but was probably a big fan of chameleons**. Other Johns are available, all rights reserved, no copyright infringement intended.
Since joining Rancher Labs to head up the Australia, New Zealand, and Singapore region, my day revolves around discussing containers/Kubernetes use cases and adoption with many of the top enterprises, DevOps groups, and executives in the area. Not only is this a great learning experience and a fantastic way to meet people, it is also a huge eye opener into the many reasons why Kubernetes adoption is growing so rapidly and what the current challenges are. I want to quickly share some of my observations and make an offer for you to join us for some free hands-on training.
Some Observations
Everyone is Doing Something with Kubernetes
It doesn’t matter which event, meetup, or customer discussion I’m in — every enterprise is doing something with Kubernetes. It’s like the adoption of virtualization, only the discussion is slightly different. It’s not so much about which vendor or standard — Kubernetes is the focus. Instead, it’s about how to do Kubernetes and what are the associated best practices, scalable architectures, and security considerations.
Kubernetes Native, but How to Do It at Operational Scale?
The community and ecosystem around Kubernetes is growing every day, with strong capabilities, so there is a strong desire to stay on “native” Kubernetes and not get sucked down a branch, fork, or vendor-specific offshoot of Kubernetes. It seems that most enterprise and groups begin this way and get into production with Kubernetes. However, there is a clear point at which scale becomes an operational challenge and basic tools need to be supplemented or worked on to help manage multiple Kubernetes namespaces, multiple clusters, authentication, RBAC, policy, monitoring, and logging across many development teams.
It’s About Consuming Kubernetes, Not “Making” Kubernetes
Nobody wants to be in the business of creating Kubernetes snowflakes, or be in the business of allocating their resources to do work that adds no value. There is a learning curve for operationalizing Kubernetes, using Kubernetes, and deploying workloads into Kubernetes environments. Many enterprises are looking for ways to eliminate the learning curve or the need for specialized skills and instead just consume Kubernetes, using a Kubernetes-as-a-Service model. Much larger and faster gains can be made if consuming Kubernetes becomes the focus instead of making Kubernetes.
Both On-Premise and Public Cloud Kubernetes
As enterprises grow, iterate, and merge, an ever-increasing mixture of infrastructure environments and needs emerges. The same enterprise may create Kubernetes clusters using on-premise bare metal, with OpenStack and VMware-type infrastructures, as well as out on public clouds using Amazon, Google, Azure, Alibaba, and others. The portability and rapid pace of containers lends itself to these hybrid or multi-cloud scenarios (more so than VMs) and is quite quickly sprawling in this way. There is also quite an urgent need for air-gapped Kubernetes environments.
Public Cloud Kubernetes Providers
Most enterprises are now seriously looking at the Kubernetes services offered by public cloud providers, like EKS (now available in Australia & Singapore), GKE, and AKS. These are viable options and really do support some of the notions mentioned in my other observations, like consumability. Technical discussions here become much less about the Kubernetes cluster control planes and architecture, and more about integration of these clusters into enterprise management capabilities like authentication domains, security models, deployment pipelines, and multi-cloud strategies (e.g. on-premise or multiple public clouds).
Our Offer
We run free, half-day training sessions called Rancher Rodeos throughout the world. Among others, this month we have Rodeos in Sydney, Melbourne, and Singapore (registration for Singapore is not open yet). During these sessions, DevOps and IT professionals can get hands-on experience with how to quickly deploy an enterprise-ready Kubernetes environment on any infrastructure or cloud provider (or multiples of these) using Rancher. We will show how Rancher helps make enterprise Kubernetes consumable and native, with rapid results for development and infrastructure teams.
Please take us up on the offer, register here, and join us!
Find a Rodeo workshop near you
Rancher Rodeos are free, in-depth workshops where you can learn to deploy containers and Kubernetes in production.
First of all, you still have time on your side to plan a course of action that best suits your needs.
Here are some options that you can consider:
Upgrade to the latest version – SUSE Linux Enterprise Server 15.
This is a good opportunity for you to upgrade to the Multimodal OS, SUSE Linux Enterprise 15. As a result, you will gain the platform that best positions you for IT Transformation. Refer upgrade path documentation for information about the upgrade scenarios.
Extend your support by another 3 years.
You can purchase Long Term Service Pack (LTSS) Support so you can continue receiving maintenance and security patches, as well as get more comprehensive migration, configuration and break-fix technical support, till March 31, 2022.
With Long Term Service Pack Support (LTSS) from SUSE, you can align your support needs with your data center deployment plans. LTSS gives you up to 3 additional years of support on a service pack after its general availability phase ends. This lets you plan ahead for upgrade path at your own pace, and gives you more time to get your operations ready.
We live in a world where instructions abound on everything from a house remodel to a business transformation. With YouTube videos, online classes, and the impervious Google search, it’s tempting to take on these d0-it-yourself (DIY) projects – all with the goal of saving ourselves or our company a bit of money.
On the surface, this may sound like a good idea but the cost of a DIY IT Transformation can run the gamut of simply lagging behind your competition to a stalled IT project to the investing in what can end up as “the dreaded shelfware.”
The cost of downtime has been reported on recently in another blog post, but that is only one of many hazards you could face when undertaking a DIY transformation. Another tangible risk is buying software subscriptions for products you don’t have the skills to implement and maintain – leaving you in a state of having your precious dollars invested in shelfware.
“Shelfware” uses up to 37 percent of your company’s software budget and some industries report losses of up to $18 billion. It’s no wonder that in a recent study, IDC predicts that 70% of siloed IT transformation initiatives will ultimately fail.
There’s a Better Path to Transformation
According to a recent Forrester study, a large percentage of executives think that digital will influence almost half of their revenue by 2020. Key to the success will be speed of new technology Implementation and response time to resolve issues.
That’s why SUSE has a team available to help you re-imagine your business – because you cannot afford to be cautious as you approach your digital transformation. Your competitors aren’t.
From consulting workshops and engagements to 12-month, fixed-cost packages that include both consulting and dedicated support services, you can trust our team. We will proactively listen and provide realistic options to help you realize the outcomes that you need to be competitive in this digital world.
How to Start Your Transformation?
The mismatch between a software system’s capabilities to a company’s skill set is one of the largest causes of failure and biggest expenses in a transformation project.
SUSE Select Services can help you bridge the gap between your in house team and the new skills required for the software you need, curbing your spending on shelfware. This 12-month, tiered offering also includes knowledge transfer and consulting so that your in-house team is confident with your software purchase.
Select Services provides a number of benefits with the flexibility to choose the level of service that matches your business needs. All three tiers offer extraordinary value, built-in flexibility and ways to develop a true trusted relationship with a company dedicated to the success of your business.
Download the Paper
The white paper “Three Reasons Why You Need a Services Partner for IT Transformation” discusses some more pitfalls involved in attempting a “do it yourself” transformation. You can download it here.
Kubernetes clusters can manage large numbers of unrelated workloads concurrently and organizations often choose to deploy projects created by separate teams to shared clusters. Even with relatively light use, the number of deployed objects can quickly become unmanageable, slowing down operational responsiveness and increasing the chance of dangerous mistakes.
Kubernetes uses a concept called namespaces to help address the complexity of organizing objects within a cluster. Namespaces allow you to group objects together so you can filter and control them as a unit. Whether applying customized access control policies or separating all of the components for a test environment, namespaces are a powerful and flexible concept for handling objects as a group.
In this article, we’ll discuss how namespaces work, introduce a few common use cases, and cover how to use namespaces to manage your Kubernetes objects. Towards the end, we’ll also take a look at a Rancher feature called projects that builds on and extends the namespaces concept.
What are Namespaces and Why Are They Important?
Namespaces are the organizational mechanism that Kubernetes provides to categorize, filter by, and manage arbitrary groups of objects within a cluster. Each workload object added to a Kubernetes cluster must be placed within exactly one namespace.
Namespaces impart a scope for object names within a cluster. While names must be unique within a namespace, the same name can be used in different namespaces. This can have some important practical benefits for certain scenarios. For example, if you use namespaces to segment application life cycle environments — like development, staging, and production — you can maintain copies of the same objects, with the same names, in each environment.
Namespaces also allow you to easily apply policies to specific slices of your cluster. You can control resource usage by defining ResourceQuota objects, which set limits on consumption on a per-namespace basis. Similarly, when using a CNI (container network interface) that supports network policies on your cluster, like Calico or Canal (Calico for policy with flannel for networking), you can apply a NetworkPolicy to the namespace with rules that dictate how pods can be communicate with one another. Different namespaces can be given different policies.
One of the greatest benefits of using namespaces is being able to take advantage of Kubernetes RBAC (role-based access control). RBAC allows you to develop roles, which group a list of permissions or abilities, under a single name. ClusterRole objects exist to define cluster-wide usage patterns, while the Role object type is applied to a specific namespace, giving greater control and granularity. Once a Role is created, a RoleBinding can grant the defined capabilities to a specific user or group of users within the context of a single namespace. In this way, namespaces let cluster operators map the same policies to organized sets of resources.
Common Namespace Usage Patterns
Namespaces are an incredibly flexible feature that doesn’t impose a specific structure or organizational pattern. That being said, there are some common patterns that many teams find useful.
Mapping Namespaces to Teams or Projects
One convention to use when setting up namespaces is to create one for each discrete project or team. This melds well with many of the namespace characteristics we mentioned earlier.
By giving a team a dedicated namespace, you can allow self-management and autonomy by delegating certain responsibilities with RBAC policies. Adding and removing members from the namespace’s RoleBinding objects is a simple way to control access to the team’s resources. It is also often useful to set resource quotas for teams and projects. This way, you can ensure equitable access to resources based the organization’s business requirements and priorities.
Using Namespaces to Partition Life Cycle Environments
Namespaces are well suited for carving out development, staging, and production environments within cluster. While it recommended to deploy production workloads to an entirely separate cluster to ensure maximum isolation, for smaller teams and projects, namespaces can be a workable solution.
As with the previous use case, network policies, RBAC policies, and quotas are big factors in why this can be successful. The ability to isolate the network to control communication to your components is a fundamental requirement when managing environments. Likewise, namespace-scoped RBAC policies allow operators to set strict permissions for production environments. Quotas help you guarantee access to important resources for your most sensitive environments.
The ability to reuse object names is also helpful here. Objects can be rolled up to new environments as they they are tested and released while retaining their original name. This helps avoid confusion around which objects are analogous across environments and reduces cognitive overhead.
Using Namespaces to Isolate Different Consumers
Another use case that namespaces can help with is segmenting workloads by their intended consumers. For instance, if your cluster provides infrastructure for multiple customers, segmenting by namespace allows you to manage each independently while keeping track of usage for billing purposes.
Once again, namespace features allow you to control network and access policies and define quotas for your consumers. In cases where the offering is fairly generic, namespaces allow you to develop and deploy a different instance of the same templated environment for each of your users. This consistency can make management and troubleshooting significantly easier.
Understanding the Preconfigured Kubernetes Namespaces
Before we take a look at how to create your own namespaces, let’s discuss what Kubernetes sets up automatically. By default, three namespaces are available on new clusters:
default: Adding an object to a cluster without providing a namespace will place it within the default namespace. This namespace acts as the main target for new user-added resources until alternative namespaces are established. It cannot be deleted.
kube-public: The kube-public namespace is intended to be globally readable to all users with or without authentication. This is useful for exposing any cluster information necessary to bootstrap components. It is primarily managed by Kubernetes itself.
kube-system: The kube-system namespace is used for Kubernetes components managed by Kubernetes. As a general rule, avoid adding normal workloads to this namespace. It is intended to be managed directly by the system and as such, it has fairly permissive policies.
While these namespaces effectively segregate user workloads the system-managed workloads, they do not impose any additional structure to help categorize and manage applications. Thankfully, creating and using additional namespaces is very straightforward.
Working with Namespaces
Managing namespaces and the resources they contain is fairly straightforward with kubectl. In this section we will demonstrate some of the most common namespace operations so you can start effectively segmenting your resources.
Viewing Existing Namespaces
To display all namespaces available on a cluster, use use the kubectl get namespaces command:
kubectl get namespaces
NAME STATUS AGE
default Active 41d
kube-public Active 41d
kube-system Active 41d
The command will show all available namespaces, whether they are currently active, and the resource’s age.
To get more information about a specific namespace, use the kubectl describe command:
kubectl describe namespace default
Name: default
Labels: field.cattle.io/projectId=p-cmn9g
Annotations: cattle.io/status={"Conditions":[{"Type":"ResourceQuotaInit","Status":"True","Message":"","LastUpdateTime":"2022-11-17T23:17:48Z"},{"Type":"InitialRolesPopulated","Status":"True","Message":"","LastUpda...
field.cattle.io/projectId=c-7tf7d:p-cmn9g
lifecycle.cattle.io/create.namespace-auth=true
Status: Active
No resource quota.
No resource limits.
This command can be used to display the labels and annotations associated with the namespace, as well as any quotas or resource limits that have been applied.
Creating a Namespace
To create a new namespace from the command line, use the kubectl create namespace command. Include the name of the new namespace as the argument for the command:
kubectl create namespace demo-namespace
namespace "demo-namespace" created
You can also create namespaces by applying a manifest from a file. For instance, here is a file that defines the same namespace that we created above:
Assuming the spec above is saved to a file called demo-namespace.yml, you can apply it by typing:
kubectl apply -f demo-namespace.yml
Regardless of how we created the namespace, if we check our available namespaces again, the new namespace should be listed (we use ns, a shorthand for namespaces, the second time around):
kubectl get ns
NAME STATUS AGE
default Active 41d
demo-namespace Active 2m
kube-public Active 41d
kube-system Active 41d
Our namespace is available and ready to use.
Filtering and Performing Actions by Namespace
If we deploy a workload object to the cluster without specifying a namespace, it will be added to the default namespace:
Error from server (AlreadyExists): deployments.extensions "demo-nginx" already exists
To apply an action to a different namespace, we must include the --namespace= option in the command. Let’s create a deployment with the same name in the demo-namespace namespace:
This newest deployment was successful even though we’re still using the same deployment name. The namespace provided a different scope for the resource name, avoiding the naming collision we experienced earlier.
To see details about the new deployment, we need to specify the namespace with the --namespace= option again:
This confirms that we have created another deployment called demo-nginx within our demo-namespace namespace.
Selecting Namespace by Setting the Context
If you want to avoid providing the same namespace for each of your commands, you can change the default namespace that commands will apply to by configuring your kubectlcontext. This will modify the namespace that actions will apply to when that context is active.
To list your context configuration details, type:
kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* Default Default Default
The above indicates that we have a single context called Default that is being used. No namespace is specified by the context, so the default namespace applies.
To change the namespace used by that context to our demo-context, we can type:
If you no longer require a namespace, you can delete it.
Deleting a namespace is very powerful because it not only removes the namespaces, but it also cleans up any resources deployed within it. This can be very convenient, but also incredibly dangerous if you are not careful.
It is always a good idea to list the resources associated with a namespace before deleting to verify the objects that will be removed:
kubectl get all --namespace=demo-namespace
NAME READY STATUS RESTARTS AGE
pod/demo-nginx-676fc7d85d-gkdz2 1/1 Running 0 56m
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deployment.apps/demo-nginx 1111 56m
NAME DESIRED CURRENT READY AGE
replicaset.apps/demo-nginx-676fc7d85d 111 56m
Once we are comfortable with the scope of the action, we can delete the demo-namespace namespace and all of the resources within it by typing:
kubectl delete namespace demo-namespace
The namespace and its resources will be removed from the cluster:
kubectl get namespaces
NAME STATUS AGE
default Active 41d
kube-public Active 41d
kube-system Active 41d
If you previously changed the selected namespace in your kubectl context, you can clear the namespace selection by typing:
While cleaning up demo resources, remember to remove the original demo-nginx deployment we initially provisioned to the default namespace:
kubectl delete deployment demo-nginx
Your cluster should now be in the state you began with.
Extending Namespaces with Rancher Projects
If you are using Rancher to manage your Kubernetes clusters, you have access to the extended functionality provided by the projects feature. Rancher projects are an additional organizational layer used to bundle multiple namespaces together.
Rancher projects overlay a control structure on top of namespaces that allow you to group namespaces into logical units and apply policy to them. Projects mirror namespaces in most ways, but act as a container for namespaces instead of for individual workload resources. Each namespace in Rancher exists in exactly one project and namespaces inherit all of the policies applied to the project.
By default, Rancher clusters define two projects:
Default: This project contains the default namespace.
System: This project contains all of the other preconfigured namespaces, including kube-public, kube-system, and any namespaces provisioned by the system.
You can see the projects available within your cluster by visiting the Projects/Namespaces tab after selecting your cluster:
Fig. 1: Rancher projects/namespaces view
From here, you can add projects by clicking on the Create Project button. When creating a project, you can configure the project members and their access rights and can configure security policies and resource quotas.
You can add a namespace to an existing project by clicking the project’s Create Namespace button. To move a namespace to a different project, select the namespace and then click the Move button. Moving a namespace to a new project switches immediately modifies the permissions and policies applied to the namespace.
Rather than introducing new organizational models, Rancher projects simply apply the same abstractions to namespaces that namespaces apply to workload objects. They fill in some usability gaps if you appreciate namespaces functionality but need an additional layer of control.
Conclusion
In this article, we introduced the concept of Kubernetes namespaces and how they can help organize cluster resources. We discussed how namespaces segment and scope resource names within a cluster and how policies applied at the namespace level can influence user permissions and resource allotment.
Afterwards, we covered some common patterns that teams employ to segment their clusters into logical pieces and we described Kubernetes’ preconfigured namespaces and their purpose. Then we took a look at how to create and work with namespaces within a cluster. We ended by taking a look at Rancher projects and how they extend the namespaces concept by grouping namespaces themselves.
Namespaces are an incredibly straightforward concept that help teams organize cluster resources and compartmentalize complexity. Taking a few minutes to get familiar with their benefits and characteristics can help you configure your clusters effectively and avoid trouble down the road.
Expert Training in Kubernetes and Rancher
Join our free online training sessions to learn more about Kubernetes, containers, and Rancher.
You’ve been convinced. It’s 2019 and your IT department has to undergo transformation so your business can meet the needs of a digital transformation. But do you have the resources for this transformation? After all, you can’t stop paying attention to your business-critical day-to-day operations. It’s crucial to maintain your existing operations while integrating new technology.
If you have no one to take on these new responsibilities, your IT transformation project can stall, or even fail. Or maybe you have the resources for your transformation project, but they do not have the appropriate knowledge or experience to successfully get your IT transformation off the ground.
No Transformation Can Be Fatal to Your Business (and Your Job)
Whether it’s maintaining uptime, increasing security or improving quality, your team is already stretched to the limit. So how do you tackle your IT transformation when:
A recent 451 Research Group survey shows that more than 60 percent of IT technical team structures will not be changing
A Gartner study shows that in small and medium-sized businesses, the predominant position is ‘no change’ in IT staff levels
Find a Trusted Services Partner
Working with a trusted services provider means these resources are always covered. It also means your company will enjoy seamless integration while you stay focused on day-to-day operations. SUSE Global Services is that partner. And we offer a number of offerings that are designed to jumpstart your IT transformation.
One of these offerings, SUSE Select Services, helps you bridge the gap in your resources providing implementation assistance of key solutions. These key solutions, such as SUSE OpenStack Cloud or SUSE Enterprise Storage, are foundations to a software-defined infrastructure. This 12-month, tiered offering provides a number of benefits designed to give you confidence as you integrate new technologies into your existing infrastructure.
Select Services give you the flexibility to choose the level of service that matches your business needs. All three tiers provide extraordinary value, built-in flexibility and are designed to develop a true trusted relationship with an expert who is dedicated to the success of your business.
We couple consulting with premium support services to ensure successful implementations and smooth integration with your existing infrastructure – avoiding the dreaded shelfware.
All the Benefits in One Services Offering
For one fixed-cost, Select Services gives you all the key benefits you need for success, including:
Dedicated named engineer: This technical expert not only knows the products, but also your IT environment and your business. They will help you get up and running quickly, address changing IT needs and be proactive so that you can get the most out of your technology investment.
Response times tailored to your business requirements: IT disruptions can be costly to the business. That’s why Select Services offers rapid response times of as little as 15 minutes.
Proactive maintenance: To keep your systems running smoothly and up-to-date, your named technical expert will ensure maintenance and patch updates occur on a regular schedule.
Onsite visits: Sometimes you need a technical expert to come on-site; sometimes it’s just nice to put a face to a name. Select Services builds in that on-site time.
Consulting for implementation and knowledge transfer: We know how important it is to get your IT and DevOps teams knowledgeable on new technologies. That’s why we’ve included consulting and knowledge transfer in all three of the Select Services tiers.
Customer success manager: Whether coordinating personnel, facilitating resolution times, or talking technology trends, your customer success manager will provide personalized account management.
Get the Full Paper!
The white paper “Three Reasons Why You Need a Services Partner for IT Transformation” discusses lack of resources and more obstacles companies face when undergoing IT transformation. You can download it here.
At the core of nearly all digital transformation initiatives is technology that helps companies move faster, drive innovation and fuel growth—all without missing a beat in day-to-day operations. This year at SUSECON 2019 in Nashville, we’re displaying how our open, open source approach to software-defined infrastructure and application delivery solutions makes it easier for organizations to achieve that on their own terms giving them the freedom to transform their way. SUSECON 2019 is all about creating your kind of open and this year we’re really focusing on how you can lead your company into a digital transformation by learning how to apply reliable, secure open source solutions to meet the demands of your business.
SUSECON 2019 is all about open done your way and why wouldn’t it be? We’re the “open” open source company after all! In today’s business environment, every company is a digital company. IT infrastructure needs to not only keep pace but also move fast enough to accommodate strategic business and technology initiatives. At SUSECON 2019, you’ll see how our open, open source approach helps ourcustomers and partners transform IT, delivering increased agility and faster innovation, done their way. We’ll explore digital transformation that enables customers and partners in a way that suits them and one way we will be exploring this is by focusing on foundation and flexibility. Here’s a look at a few sessions that will really hone in on these areas.
Why are Services Partners key to a digital transformation? Recently, SUSE had the chance to catch up with Katy Ring, Research Director, at 451 Research. As a Research Director, Katy sees a lot of companies taking on digital transformation projects. We wanted to get her insight into the reasons why companies often work with services partners when embarking on their transformation. Katy shared several main reasons.
You’ve been convinced. It’s 2019 and your IT department has to undergo transformation so your business can meet the needs of a digital transformation. But do you have the resources for this transformation? After all, you can’t stop paying attention to your business-critical day-to-day operations. It’s crucial to maintain your existing operations while integrating new technology.
