The user-specific namespace

Defining a single user that can access the jdoe namespace is probably the best approach. We expect that only John will want to access it. They are the owner of that namespace. It’s their private playground. Even if they choose to add more users to it, they’ll probably do it independently from our YAML definitions.

After all, what’s the point of giving them all privileges if not to let them do things without asking for our permission or involvement? From our perspective, namespace has, and will continue to have only one user.

Exploring the prospective roles

We cannot apply the same logic to the permissions in the default and dev namespaces. We might choose to give everyone in our organization the view role in the default namespace. Similarly, ...

How Did We Get Here?

Pods

ReplicaSets

Services

Deployments

Ingress

Volumes

ConfigMaps

Secrets

Namespaces

Securing Kubernetes Clusters

Managing Resources

Creating A Production-Ready Kubernetes Cluster

Create a Production-Ready Kubernetes Cluster

Persisting State

Deploy Stateful Applications with Persistent State

Create a Docker Swarm

Appendix: Running a Kubernetes Cluster Locally

Replacing Users with Groups

The user-specific namespace

Exploring the prospective roles