Menu
I created a namespace called qc for qc environment.
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.namespace.name | quote }}
kubectl create -f namespace.yaml
But I can delete this namespace anytime by running kubectl delete namespace qc.
How can I disable to delete user created namespaces?
Thank you
358
To force delete a Kubernetes namespace, remove the finalizer from the namespace's configuration. The finalizer is a Kubernetes resource whose purpose is to prohibit the force removal of an object.
There's an optional field finalizers , which allows observables to purge resources whenever the namespace is deleted. Keep in mind that if you specify a nonexistent finalizer, the namespace will be created but will get stuck in the Terminating state if the user tries to delete it.
Deleting a namespace sometimes leaves orphaned deployment and pods which can't be deleted #36891. area/api. area/apiserver area/HA lifecycle/rotten.
You do not want disable deletion of Namespaces for your kubernetes-admin user, although it could be possible. If there are other people or services interacting with your cluster, you need to define Users and/or Service Accounts for them and bind Cluster Roles to them, whitelisting their permissions. Have a look at Users in Kubernetes and Using RBAC Authorization in the official Kubernetes Documentation.
70
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
