Back to Glossary
Core Concepts

Namespace

A virtual partition within a cluster that isolates resources, access control, and networking between teams or environments.

What is Namespace?

Namespaces are Kubernetes's primary mechanism for multi-tenancy within a single cluster. Every API object except cluster-scoped resources (Nodes, PersistentVolumes, ClusterRoles) belongs to exactly one namespace. Namespaces allow different teams, environments (dev/staging/prod), or products to share a cluster while maintaining logical separation — enforced by RBAC policies, NetworkPolicies, and ResourceQuotas.

By default, Kubernetes ships with four namespaces: default (for resources created without specifying a namespace), kube-system (for control plane components like CoreDNS and the scheduler), kube-public (for publicly readable cluster information), and kube-node-lease (for node heartbeat lease objects). Most teams create additional namespaces per team or per environment.

ResourceQuotas applied to a namespace cap total CPU, memory, and object counts, preventing any single team from monopolizing cluster resources. LimitRanges set default resource requests and limits for Pods in a namespace that don't declare their own. Together these tools turn namespaces into billing units for internal chargeback.

Example

# List all namespaces
kubectl get namespaces

# Create a new namespace
kubectl create namespace team-payments

# List all resources in a namespace
kubectl get all -n team-payments

# Set default namespace for current context
kubectl config set-context --current --namespace=team-payments

Cost & Waste Implications

Empty or abandoned namespaces are common in clusters with frequent developer churn. They often retain orphaned resources — ConfigMaps, Secrets, PVCs, Services — that continue to incur costs or security risks even though no active workload references them. A namespace audit is often the fastest path to identifying low-risk cleanup targets.

KorPro— Kubernetes Cost Optimization

How KorPro Helps

KorPro provides a namespace-level view of resource counts, estimated cloud cost, and orphaned resource density so platform teams can prioritize cleanup by namespace rather than scanning resources one by one.

Scan Your Cluster Free

Related Terms

RBAC(RBAC)

Security

Role-Based Access Control — Kubernetes's authorization mechanism that grants permissions through role bindings.

Read definition

Resource Requests and Limits

Configuration

Per-container declarations of guaranteed CPU/memory (requests) and hard maximums (limits) that drive scheduling and enforcement.

Read definition

Orphaned Resource

FinOps

A Kubernetes resource that is no longer referenced by any active workload but continues to exist in the cluster, often incurring cost.

Read definition

ConfigMap

Configuration

An API object that stores non-sensitive configuration data as key-value pairs, injected into Pods as env vars or mounted files.

Read definition

Stop Wasting Money on Orphaned Kubernetes Resources

KorPro connects to your clusters across GCP, AWS, and Azure — no agents, no installation — and surfaces every orphaned resource with its monthly cost estimate.

Get Started Free Contact Sales