Kubernetes Data Protection In the Age of Namespace-as-a-Service
Historically, major IT infrastructure advances have often been about sharing resources to improve efficiency and reduce costs. Multiprocessing and multi-user operating systems, virtual memory, shared storage and virtual machines were all developed with this goal. In the past 10-20 years, much work has also gone toward delivering resources as-a-service to improve agility and efficiency. It should, therefore, come as no surprise to anyone that IT shops increasingly want to share their shiny new Kubernetes clusters among disparate groups of users and to do so using an easy-to-consume service model. The trend has been to do this by offering namespace-as-a-service (NaaS).
Namespaces in Kubernetes provide a mechanism for isolating groups of resources within a cluster, providing a way to logically divide cluster resources between multiple users or groups. When offering Kubernetes NaaS, you essentially create a multi-tenant environment from a single cluster where different teams or users, by requesting namespaces, can deploy their applications with some degree of isolation from each other.