Kubernetes also has an additional construct for isolation at the cluster level. In most cases, you can run Kubernetes and never worry about namespaces; everything will run in the default namespace if not specified. However, in cases where you run multitenancy communities or want broad-scale segregation and isolation of the cluster resources, namespaces can be used to this end.
To start, Kubernetes has two namespaces:
kube-system is used for all the system-level containers we saw in Chapter 1, Kubernetes and Container Operations, under the Services running on the minions section. The UI, logging, DNS, and so on are all run under
kube-system. Everything else the user creates runs in the default namespace. However, ...