Skip to content

Management

In an Org, users with Organization Admin, Infra Admin and Workspace Admin roles have the privilege to create, read, update and delete namespaces.


Create Namespace

  • Navigate to the Web Console
  • Select Namespaces from the left pane and click New Namespace
  • Enter a name for the Namespace
  • Select the Type from the drop-down
  • Wizard: Allows to enter the parameters manually
  • Upload: Allows to upload the parameters as yaml files
  • Repo: Allows to retrieve the parameters from a GitHub repository

Note

If no type is selected, Wizard is considered by default.

  • Enter a namespace description (Optional)
  • Click Save to proceed with the Namespace creation or Cancel to discard the process

Create Namespace

By default, every namespace is created without any resource quotas.

Important

You cannot create duplicate namespaces on the same cluster. Also, you cannot create namespaces with names that are reserved. Specifically "rafay", "rafay-system" and "rafay-infra".


Configure

Configuration details are customer defined. Based on the selection of Type, configuration page differs.

Namespace Wizard

For the Wizard type, configuration page allows to provide General, Resource Quotas, and Limit Ranges details for the new namespace.

General (Optional)

General page shows the details entered during the namespace creation. In addition, perform the below actions to add more details.

  • Click Labels to add ADD KEY-VALUE LABEL and ADD KEY-ONLY LABEL to the namespace. Labels are key/value pairs that are attached to objects like pods.These labels are intended to identify attributes of namespace. Users can add multiple labels for a namespace. Also, labels can be attached and modified at any time

  • Click Annotations to add ADD KEY-VALUE ANNOTATION and ADD KEY-ONLY ANNOTATION to the namespace Annotations are used to attach arbitrary non-identifying metadata to namespace. Users can add multiple annotations for a namespace. The valid annotation keys have prefix (optional) and name

Namespace General Configuration

Resource Quotas (Optional)

Resource Quotas allows to enter the CPU and Memory quotas for a namespace. - Click Resource Quotas in the Configuration page - By default, the namespace resources quotas appears that are already set in Resources Quota page - Click the Configure button to configure a new resource quota or edit the quota within the limit - Limit indicates the maximum limit for the resource(s)

Namespace Resource Quota

To know how to configure the project and namespace quota limit for one or more resources, refer Resources Quota

Failed Scenario

Once the namespace limits are set in Resource Quota, modifying the limits more than the quota throws an error.

Assume the PVC Project Limit is set to 10 in the Project settings page and the PVC namespace resource quota is set to 15. An error message appears as shown in the below example

Namespace Resource Quota

Limit Ranges (Optional)

The Limit Ranges enforces defaults and limits for all Pods and Containers. This entry tracks the usage to ensure it does not exceed resource minimum, maximum and ratio defined in the namespace Limit Ranges.

Limit Ranges allows to enter the Pod and Container storage details.

  • Click Limit Ranges in the Configuration page
  • Enter the Pod and Container Limit ranges

Namespace Resource Quota

Limit Ranges validations occurs only at Pod Admission stage, not on Running Pods.


Upload Spec

For the Upload type, configuration page allows to upload a yaml file that contains the namespace configuration details.

  • Click Upload and select the yaml file.

Important

The 'name' metadata in the yaml file should match the namespace name.

Namespace Upload Type


YAML in Repo

For the Repo type, configuration page allows to provide the below information.

  • Enter the Repository name where the configuration details are stored, Revision and YAML File GitHub path

Important

The 'name' metadata in the yaml file should match the namespace name.

Namespace Repo Type

Click SAVE & GO TO PLACEMENT to proceed or DISCARD CHANGES & EXIT to abort the process


Placement

Placement in the controller is to indicate the "intent" for where/how the user wish to configure their namespace.

  • Select a Drift Action

  • NotSet: Allow anyone to perform actions on the target clusters without restrictions

  • DetectAndNotify: Allow the authorised users to perform actions on the target clusters, detect the actions and notify through alerts
  • BlockAndNotify: Restrict the users to perform any actions on the target clusters for security purpose. Blocked notifications are sent through alerts.

  • Select a Placement Policy type

  • Specific Locations: Allows to select the clusters within a specific region or location
  • Specific Clusters: Allows to select a specific cluster
  • Custom Labels: Allows to select the clusters available with specific labels

In the example below, NotSet and Specific Clusters are selected.

Namespace Placement

  • Click SAVE & GO TO PUBLISH to save and publish the namespace

Click SAVE & RETURN TO CONFIGURATION to save the placement data and return to configuration section if any modifications required (or) DISCARD CHANGES & EXIT to abort the process.

For more information, refer placement policy


Publish

Namespace is now ready to publish. Click Publish to start the deployment process.

Publish Namespace

Click RETURN TO PLACEMENT to return to the placement and perform the required modifications (or) DISCARD CHANGES & EXIT to abort the process and exit the configuration page.


Debugging/Troubleshooting

If there are any issues during deployment, both the application developer and/or the operations user will require RBAC secure facilities to remotely debug.

  • Navigate to the Namespace publish screen
  • Click Debug to view the deployed Namespace, Age (time in minutes since the deployment is complete), Message, Reason, Type, Involved Object, Source, and Count
  • Use the gear icon to show/hide the required columns Debug Namespace

For more information on Debug, refer Debug


Actions

To view the cost details of this namespace, click on the $ icon. This will navigate you to the Cost Explorer page, where you can access detailed cost information for this specific namespace.

Users can publish/unpublish, edit or delete one (or) more namespace(s) from the main namespace list page. Follow the prompts to delete the namespace.

Remove Namespace

Important

The namespaces added to the exclusion list will not be displayed here. Only the namespaces synchronized with clusters and not added to the exclusion list will be listed on this namespace dashboard


Audit Logs

  • Namespace creation and deletion operations are tracked and available in the Audit Logs for all namespaces created implicitly or explicitly through the controller.
  • When namespace sync is disabled during Blueprint creation, a namespace may still be created implicitly during workload or addon creation, and this operation is tracked in the Audit Logs. The deletion of such namespaces is also recorded in the audit log.

The following is an example of a namespace creation log:

Remove Namespace