Table: kubernetes_namespace - Query Kubernetes Namespaces using SQL
Kubernetes Namespaces are an abstraction used by Kubernetes to support multiple virtual clusters on the same physical cluster. These namespaces provide a scope for names, and they are intended to be used in environments with many users spread across multiple teams, or projects. Namespaces are a way to divide cluster resources between multiple uses.
Table Usage Guide
The kubernetes_namespace table provides insights into Namespaces within Kubernetes. As a DevOps engineer, explore namespace-specific details through this table, including metadata, status, and associated resources. Utilize it to uncover information about namespaces, such as their status, the resources allocated to them, and their overall usage within the Kubernetes cluster.
Examples
Basic Info
Explore the status and metadata of different segments within your Kubernetes environment. This allows you to gain insights into the current operational phase and additional details of each namespace, aiding in effective resource management and monitoring.
select name, phase as status, annotations, labelsfrom kubernetes_namespace;select name, phase as status, annotations, labelsfrom kubernetes_namespace;List manifest resources
Uncover the details of each manifest resource within your Kubernetes namespace, including its status and associated annotations and labels. This is particularly useful for tracking resource utilization and identifying any potential issues or anomalies that may impact system performance.
select name, phase as status, annotations, labels, pathfrom kubernetes_namespacewhere path is not null;select name, phase as status, annotations, labels, pathfrom kubernetes_namespacewhere path is not null;Query examples
- cluster_count
- cluster_input
- cluster_namespace_count
- cluster_namespaces_count
- cluster_namespaces_table
- clusters_for_namespace
- cronjob_default_namespace
- cronjob_overview
- cronjobs_for_namespace
- daemonset_default_namespace
- daemonset_overview
- daemonsets_for_namespace
- deployment_default_namespace
- deployment_overview
- deployments_for_namespace
- job_default_namespace
- job_overview
- jobs_for_namespace
- namespace_1_year_count
- namespace_24_hours_count
- namespace_30_90_days_count
- namespace_30_days_count
- namespace_90_365_days_count
- namespace_age_table
- namespace_annotations
- namespace_by_context
- namespace_count
- namespace_daemonset_count
- namespace_daemonset_table
- namespace_deployment_count
- namespace_deployment_table
- namespace_input
- namespace_labels
- namespace_overview
- namespace_pod_count
- namespace_pod_table
- namespace_replicaset_count
- namespace_replicaset_table
- namespace_service_count
- namespace_service_table
- namespace_table
- namespaces_for_cluster
- pod_by_phase
- pod_default_namespace
- pod_overview
- replicaset_default_namespace
- replicaset_overview
- replicasets_for_namespace
- role_bindings_for_namespace
- role_default_namespace
- roles_for_namespace
- service_account_default_namespace
- service_by_type
- service_default_namespace
- service_overview
- services_for_namespace
- statefulset_default_namespace
- statefulset_overview
- statefulsets_for_namespace
Control examples
- Namespaces should be restricted on CPU usage with resourceQuota CPU limit
- Namespaces should be restricted on memory usage with resourceQuota memory limit
- Namespaces should have a default network policy to deny all egress traffic
- Namespaces should have a default network policy to deny all ingress traffic
- Namespaces should have default CPU limit in limitRange policy
- Namespaces should have default CPU request in limitRange policy
- Namespaces should have default memory limit in limitRange policy
- Namespaces should have default memory request in limitRange policy
- Namespaces should have resourceQuota CPU request
- Namespaces should have resourceQuota memory request
Schema for kubernetes_namespace
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| annotations | jsonb | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. | |
| conditions | jsonb | The latest available observations of namespace's current state. | |
| context_name | text | Kubectl config context name. | |
| creation_timestamp | timestamp with time zone | CreationTimestamp is a timestamp representing the server time when this object was created. | |
| deletion_grace_period_seconds | bigint | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. | |
| deletion_timestamp | timestamp with time zone | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. | |
| end_line | bigint | The path to the manifest file. | |
| finalizers | jsonb | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. | |
| generate_name | text | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. | |
| generation | bigint | A sequence number representing a specific generation of the desired state. | |
| labels | jsonb | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. | |
| name | text | Name of the object. Name must be unique within a namespace. | |
| owner_references | jsonb | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. | |
| path | text | The path to the manifest file. | |
| phase | text | The current lifecycle phase of the namespace. | |
| resource_version | text | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. | |
| source_type | text | The source of the resource. Possible values are: deployed and manifest. If the resource is fetched from the spec file the value will be manifest. | |
| sp_connection_name | text | Steampipe connection name. | |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| spec_finalizers | jsonb | Finalizers is an opaque list of values that must be empty to permanently remove object from storage. | |
| start_line | bigint | The path to the manifest file. | |
| tags | jsonb | A map of tags for the resource. This includes both labels and annotations. | |
| title | text | Title of the resource. | |
| uid | text | UID is the unique in time and space value for this object. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- kubernetesYou can pass the configuration to the command with the --config argument:
steampipe_export_kubernetes --config '<your_config>' kubernetes_namespace