DEV Community

Cover image for Namespace as a Service
Ashok Nagaraj
Ashok Nagaraj

Posted on

1

Namespace as a Service

Multitenancy in kubernetes

Kubernetes documentation describes 3 models of multitenancy:

  • namespace as a service
  • cluster as a service
  • control-plane as a service

Namespaces are the means of soft isolation in kubernetes

In Kubernetes, namespaces provides a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Namespace-based scoping is applicable only for namespaced objects (e.g. Deployments, Services, etc) and not for cluster-wide objects (e.g. StorageClass, Nodes, PersistentVolumes, etc).
From kubernetes.io/docs

Kubernetes clusters generally being aggregations of computational blocks it makes sense to make them multi-tenant from an economic and efficient use of underlying infrastructure perspective.

In this series we will explore multiple solutions "Namespace as a Service" (for multitenancy within a kubernetes cluster). For the sake of simplicity we will keep RBAC (authentication and authorization) out of the discussion.


Contenders

  • Namespace as a service (using vanilla kubernetes objects)
  • Hierarchical namespaces
  • vCluster from Loft labs
  • Kiosk from Loft labs
  • Capsule from Calstix

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more