TechQA.

What's the kube-public namespace for?

9.6k views Asked by At

Just curious about the intent for this default namespace.

kubernetes kubeadm
Original Q&A
2

There are 2 answers

0
Janos Lenart On BEST ANSWER

That namespace exists in clusters created with kubeadm for now. It contains a single ConfigMap object, cluster-info, that aids discovery and security bootstrap (basically, contains the CA for the cluster and such). This object is readable without authentication.

If you are courious:

$ kubectl get configmap -n kube-public cluster-info -o yaml

There are more details in this blog post and the design document:

NEW: kube-public namespace

[...] To create a config map that everyone can see, we introduce a new kube-public namespace. This namespace, by convention, is readable by all users (including those not authenticated). [...]

In the initial implementation the kube-public namespace (and the cluster-info config map) will be created by kubeadm. That means that these won't exist for clusters that aren't bootstrapped with kubeadm. [...]

2
Kartoch On

To complete the previous answer, these are the objects inside the namespace kube-public:

$ kubectl get_all --namespace kube-public
NAME                                                                      NAMESPACE
secret/default-token-jd2k2                                                kube-public
serviceaccount/default                                                    kube-public
rolebinding.rbac.authorization.k8s.io/system:controller:bootstrap-signer  kube-public
role.rbac.authorization.k8s.io/system:controller:bootstrap-signer         kube-public

Related Questions in KUBERNETES

Related Questions in KUBEADM

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions