1
00:00:02,556 --> 00:00:05,398
‫For your first cluster, maybe even possibly your first few

2
00:00:05,480 --> 00:00:08,330
‫clusters, you won't have to worry too much about this

3
00:00:08,360 --> 00:00:10,820
‫concept of namespaces and contexts.

4
00:00:11,060 --> 00:00:13,099
‫But, it is something you need to be aware of that it exists

5
00:00:13,100 --> 00:00:15,170
‫in case you need to use it.

6
00:00:16,250 --> 00:00:19,940
‫Namespaces is essentially virtual clusters,

7
00:00:19,970 --> 00:00:22,623
‫or virtual views, inside a single cluster.

8
00:00:23,570 --> 00:00:26,629
‫It filters not just the view of the command so

9
00:00:26,630 --> 00:00:28,655
‫that you only see certain things when you type commands,

10
00:00:28,656 --> 00:00:31,459
‫but it also, with the right network policy plugins,

11
00:00:32,150 --> 00:00:33,950
‫can control the networking.

12
00:00:34,550 --> 00:00:36,950
‫This is a little bit different than Swarm where Swarm,

13
00:00:37,220 --> 00:00:39,649
‫out-of-the-box, you would create different overlay networks

14
00:00:39,710 --> 00:00:41,150
‫and everything was essentially private.

15
00:00:41,570 --> 00:00:44,630
‫In Kubernetes, networking and control of

16
00:00:44,810 --> 00:00:47,510
‫apps and their privacy, and what they can see and access,

17
00:00:47,540 --> 00:00:50,354
‫and what's physically controlled there is really dependent

18
00:00:50,520 --> 00:00:51,540
‫on your network plugin.

19
00:00:52,070 --> 00:00:55,189
‫Namespaces itself is not related

20
00:00:55,190 --> 00:00:58,009
‫to Docker namespaces, which you may have heard of, which is

21
00:00:58,040 --> 00:01:00,784
‫really a part of the Linux subsystem, and that's kind of

22
00:01:00,890 --> 00:01:03,289
‫how containers work. This isn't anything to do with that.

23
00:01:03,500 --> 00:01:06,529
‫This is simply Kubernetes saying, hey you might

24
00:01:06,530 --> 00:01:09,499
‫have a whole lot of stuff going on in your cluster, and I'm

25
00:01:09,500 --> 00:01:11,959
‫giving you the opportunity to make little mini clusters

26
00:01:11,960 --> 00:01:14,461
‫where you'd set the namespace with a context and that's

27
00:01:16,100 --> 00:01:18,260
‫your view is by changing your context.

28
00:01:18,290 --> 00:01:19,700
‫You can change what you see.

29
00:01:19,940 --> 00:01:23,359
‫Then the namespace is different segments

30
00:01:23,420 --> 00:01:26,989
‫for filtering the commands, as well as potentially

31
00:01:26,990 --> 00:01:29,900
‫the networking. On my system here on my desktop,

32
00:01:29,960 --> 00:01:32,599
‫I simply see kubectl get namespaces and

33
00:01:33,230 --> 00:01:35,560
‫that command shows me 4. That's kind of, out-of-the-box,

34
00:01:35,561 --> 00:01:37,549
‫the standard you're going to see.

35
00:01:37,550 --> 00:01:39,603
‫Default is what you've been working with so far.

36
00:01:39,657 --> 00:01:42,799
‫That's made for the default namespace

37
00:01:42,800 --> 00:01:45,409
‫of your apps. The only thing it really shows you when you

38
00:01:45,410 --> 00:01:46,782
‫did a kubectl get all is the

39
00:01:48,500 --> 00:01:50,989
‫Kubernetes API endpoint itself, right.

40
00:01:51,020 --> 00:01:53,449
‫Until we start adding apps, we didn't really see anything

41
00:01:53,450 --> 00:01:55,729
‫there. There's technically all this stuff running in the

42
00:01:55,730 --> 00:01:58,880
‫background, right. That's what the kubectl get all

43
00:01:59,090 --> 00:02:00,189
‫--all namespaces.

44
00:02:01,130 --> 00:02:04,549
‫You can see all the API containers

45
00:02:04,550 --> 00:02:07,999
‫and whatnot running inside Kubernetes itself

46
00:02:08,120 --> 00:02:11,689
‫with that command. If I look at all the namespaces at once,

47
00:02:12,140 --> 00:02:14,300
‫I get everything including system stuff.

48
00:02:14,360 --> 00:02:16,600
‫This is a view of what it would look like on minikube

49
00:02:17,570 --> 00:02:20,363
‫which puts everything into their own pods for running the

50
00:02:20,570 --> 00:02:21,570
‫cluster itself.

51
00:02:21,830 --> 00:02:23,025
‫There's a lot going on there.

52
00:02:23,450 --> 00:02:25,606
‫The realization is that when you're normally

53
00:02:26,840 --> 00:02:29,633
‫using Kubernetes, the command line focuses on the default

54
00:02:29,810 --> 00:02:31,219
‫namespace, by default.

55
00:02:31,790 --> 00:02:34,436
‫You're only going to see your apps there really, other

56
00:02:34,910 --> 00:02:36,379
‫than the API endpoint.

57
00:02:36,740 --> 00:02:38,809
‫That's a good thing, right. It hides the complexity of

58
00:02:38,810 --> 00:02:40,549
‫what's going on in the background from your everyday

59
00:02:40,550 --> 00:02:42,439
‫command, because you don't really need to see that stuff

60
00:02:42,440 --> 00:02:45,229
‫unless you need to upgrade it, or change it, or if you have

61
00:02:45,230 --> 00:02:47,484
‫a problem. Context comes into play for setting

62
00:02:48,620 --> 00:02:51,050
‫your view for when you're running commands.

63
00:02:51,110 --> 00:02:53,270
‫The kubectl does lots of things, right.

64
00:02:53,300 --> 00:02:54,979
‫It can connect to different clusters.

65
00:02:55,280 --> 00:02:57,779
‫It can change the authentication, or the user, that

66
00:02:58,280 --> 00:03:00,799
‫you're using to talk to the cluster, which we haven't

67
00:03:00,800 --> 00:03:02,869
‫talked about, or the namespace.

68
00:03:02,900 --> 00:03:05,659
‫So, there's these three parts, really, of a context.

69
00:03:05,660 --> 00:03:08,990
‫That is cluster, the authentication, or the user,

70
00:03:09,350 --> 00:03:11,990
‫and then the namespace that you want to see.

71
00:03:12,230 --> 00:03:14,629
‫All that's defined, by default,

72
00:03:15,200 --> 00:03:18,409
‫in a file inside the .kube directory

73
00:03:18,410 --> 00:03:19,490
‫of your home directory.

74
00:03:20,030 --> 00:03:22,370
‫There's a file in there called config, and it will

75
00:03:22,490 --> 00:03:25,699
‫basically be a YAML file of all, three of those parts.

76
00:03:25,940 --> 00:03:28,439
‫You can have multiple entries in there, and you can

77
00:03:29,030 --> 00:03:30,259
‫edit it however you'd like.

78
00:03:30,590 --> 00:03:32,929
‫You could have a bunch of different clusters and as long as

79
00:03:32,930 --> 00:03:35,060
‫you have the certificates to talk to them, the right

80
00:03:35,090 --> 00:03:37,249
‫authentication, you can put all that stuff in that file,

81
00:03:37,580 --> 00:03:39,310
‫and it's something you want to keep secret. It's not

82
00:03:39,320 --> 00:03:41,419
‫something you really want to share because it typically has

83
00:03:41,810 --> 00:03:43,574
‫your authentication keys for talking

84
00:03:44,840 --> 00:03:46,947
‫to a cluster. If you use the kubectl config

85
00:03:48,170 --> 00:03:51,770
‫command with the sub command of get contexts,

86
00:03:51,800 --> 00:03:53,760
‫that's plural, you can see basically the

87
00:03:54,800 --> 00:03:57,328
‫output of that file. Instead of dumping it raw, you

88
00:03:57,890 --> 00:03:59,752
‫can actually see a little nice list of

89
00:04:00,860 --> 00:04:02,540
‫what it's got inside it.

90
00:04:02,750 --> 00:04:05,641
‫In my case, I've got my standard Docker Desktop on my local

91
00:04:05,810 --> 00:04:08,456
‫machine. That entry is in there twice for the last few

92
00:04:08,780 --> 00:04:11,671
‫editions of Docker Desktop because they've changed the name

93
00:04:11,810 --> 00:04:14,089
‫so they're kind of keeping both in there for compatibility.

94
00:04:14,660 --> 00:04:17,660
‫Then I have a local minikube and

95
00:04:17,690 --> 00:04:20,749
‫a remote instance of micro K8s running

96
00:04:20,779 --> 00:04:22,219
‫on an Ubuntu server.

97
00:04:22,490 --> 00:04:24,919
‫So, you can imagine that if I was managing a lot of other

98
00:04:24,920 --> 00:04:27,949
‫servers, I don't necessarily always want to ssh into those

99
00:04:27,950 --> 00:04:30,740
‫machines. I really just want to sit on my local machine

100
00:04:31,070 --> 00:04:32,230
‫and talk to that remote API.

101
00:04:33,050 --> 00:04:36,019
‫You can use the kubectl config command with

102
00:04:36,020 --> 00:04:38,689
‫any of the set options. You definitely want to check out

103
00:04:38,690 --> 00:04:42,110
‫the help there. But, there's set options for setting

104
00:04:42,350 --> 00:04:44,839
‫the defaults for each one of these, so you could

105
00:04:44,840 --> 00:04:47,143
‫potentially change the user to have a different

106
00:04:47,720 --> 00:04:50,464
‫authentication. So, maybe you have God rights instead of

107
00:04:50,600 --> 00:04:53,589
‫just a subset of the commands that Kubernetes is

108
00:04:53,600 --> 00:04:55,699
‫could run. Or, maybe you're going to change the cluster

109
00:04:55,700 --> 00:04:56,700
‫you're talking to.

110
00:04:57,020 --> 00:04:59,715
‫There's even command line plugins if you look around on

111
00:04:59,900 --> 00:05:01,762
‫Google for allowing you to see in your

112
00:05:02,910 --> 00:05:05,790
‫shell which of the context you're using.

113
00:05:06,060 --> 00:05:08,490
‫That's kind of handy when you end up managing a whole bunch

114
00:05:08,520 --> 00:05:10,589
‫different clusters. You want to know, hey which one am I

115
00:05:10,590 --> 00:05:13,469
‫talking to right now? You can actually set that up, kind of

116
00:05:13,470 --> 00:05:16,229
‫like how the get prompts will tell you what branch you're

117
00:05:16,230 --> 00:05:18,542
‫in. These will tell you, in your prompt, what

118
00:05:19,440 --> 00:05:20,389
‫context you have.