alcide

Alcide Blog

Cloud-native Security Provider

Kubernetes Namespaces Simplified With Alcide Runtime

Oct 20, 2020 11:11:46 AM / by Alon Berger

Working with Kubernetes namespaces enables you to manage users spread across multiple teams and projects. Namespaces are essentially virtual clusters backed by the same physical single cluster. As Kubernetes clusters help in managing workloads and deployed objects, these numbers increase and can become unmanageable over time.

The namespaces concept introduces order and better organization when handling a large number of objects. It brings essential management capabilities in terms of categories, filters, and also very common with applying network and security policies.

As you start to build more and more services on top of Kubernetes, ongoing monitoring is no longer a simple task. In order to help with superior administration and enforcement of best practices, we at Alcide have recently introduced the Kubernetes namespaces view, as part of our Alcide Runtime (ART) solution.

Below is the platform’s application view, a real-time grid of all applications, microservices, and network activity. On this map, you can view and inspect each of the Kubernetes clusters, drilling down to all running applications and their network traffic to and from external domains.

Application and Namespaces view on Alcide's platform 

 

The addition of the namespaces hierarchy view lets you monitor and track issues within your organization’s active namespaces. A good example of a real-life use case is when a specific service in one namespace is communicating with a service on another namespace.

The application view dashboard consolidates all active policies such as network, security, and container orchestration, providing users with an immediate understanding of inbound and outbound rules across cloud infrastructure and microservices interactions.

The decision making of how many namespaces to create for a specific purpose is often a real challenge. This ultimately boils down to the scale and size of your environmental structure.For smaller teams, the best practice is usually using the “default” namespace for your services.

When dealing with larger numbers of microservices, it becomes necessary to start splitting into multiple clusters and namespaces, for both production and staging environments.Eventually, namespaces are integral when working in teams, and a centralized panoramic view like the one Alcide provides is key for a well-organized environment and effectively configured clusters.

To conclude, Kubernetes namespaces are your dear friend when coordinating different teams through the development pipeline. With Alcide’s Runtime and its application view, we provide enhanced visibility and strict security guardrails, enforced by embedded security and compliance policies into the organization’s microservices.

If you would like to give it a try, make sure to check our 14-day trial.

 

 

Topics: network security, Runtime, namespaces

Subscribe to Email Updates