Skip to main content
Admin Only: All namespace operations require administrative privileges.

Understanding Namespaces

Namespaces are used for grouping and dedicating resources to specific Orka users or service accounts. All users have access to the orka-default namespace. Based on specific rolebindings, a user or a service account might also be able to access the resources within additional namespaces. Key Concepts:
  • Resource Isolation: VMs, nodes, and resources in one namespace are separate from other namespaces
  • Access Control: Users and service accounts must be granted access to namespaces via rolebindings
  • Default Namespace: All users have access to orka-default by default
  • Custom Pods: Some namespaces can be configured to run custom Kubernetes resources instead of Orka VMs
All cluster namespaces must have the******orka-******prefix.

Creating Namespaces

orka3 namespace create Create a new namespace with the specified name. Namespace Name Requirements:
  • Begins with the orka- prefix
  • Does not exceed 63 characters (including the prefix)
  • Consists of lowercase alphanumeric characters or dashes (-)
  • Ends with an alphanumeric character
  • Must be unique to the cluster
If --enable-custom-pods is set, creates a new namespace dedicated to running custom K8s resources (formerly sandboxing). Orka VMs cannot be deployed in that namespace. After Creating a Namespace:
  1. Move one or more nodes to the namespace to provide computational resources:
     orka3 node namespace NODE --namespace NAMESPACE
  1. Provide explicit access to users or service accounts:
     orka3 rolebinding add-subject --namespace NAMESPACE --user EMAIL
     orka3 rolebinding add-subject --namespace NAMESPACE --serviceaccount SA_NAMESPACE:SERVICE_ACCOUNT
Syntax: 
orka3 namespace create NAMESPACE_NAME [flags]
Options: 
--enable-custom-pods   Configure namespace for custom pods (formerly sandboxing)
-h, --help             Display help for create
Examples: 
# Create a new namespace
orka3 namespace create orka-test

# Create a namespace for custom pods (cannot run Orka VMs)
orka3 namespace create orka-cp --enable-custom-pods

Listing Namespaces

orka3 namespace list List all namespaces for the Orka cluster. Use this command to check if one or more specific namespaces already exist. Syntax: 
orka3 namespace list [NAMESPACE_1 [NAMESPACE_2 ...]] [--output wide|json] [flags]
Options: 
-h, --help            Display help for list
-o, --output string   (Optional) Output format: table (default)|wide|json
Examples: 
# List existing namespaces for your Orka cluster
orka3 namespace list

# Check if a specific namespace exists
orka3 namespace list orka-test

# Check if several specific namespaces exist
orka3 namespace list orka-test orka-production

Deleting Namespaces

orka3 namespace delete Delete the specified namespace. All VMs (or custom pods) must be removed and nodes must be moved out of the namespace before running this operation. 🚧 CAUTION: This is a destructive operation and cannot be undone. To restore a deleted namespace, re-create it, move the respective Orka nodes, and re-add the respective users to the respective role bindings. Syntax: 
orka3 namespace delete NAMESPACE_NAME [NAMESPACE_2 ...] [flags]
Options: 
-h, --help               Display help for delete
-t, --timeout duration   (Optional) Time to wait before giving up (default 1h0m0s)
Examples: 
# Delete a namespace
orka3 namespace delete orka-test

# Delete multiple namespaces
orka3 namespace delete orka-test orka-production