问题
In a default openshift install, there is an unused project titled kube-system. It seems like openshift-infra is for things like metrics, default is for the router and registry, and openshift is for global templates.
What is the kube-system project used for though? I can't find any docs on it.
回答1:
kube-system is the namespace for objects created by the Kubernetes system.
Typically, this would contain pods like kube-dns, kube-proxy, kubernetes-dashboard and stuff like fluentd, heapster, ingresses and so on.
回答2:
kube-system contains service accounts which are used to run the kubernetes controllers. These service accounts are granted significant permissions (create pods anywhere, for instance). Since openshift builds on top of kube, we inherit the structure.
You should avoid putting anything "personal" in that namespace since kube considers it to be "owned" by kube and the permissions for the SAs inside are quite high.
来源:https://stackoverflow.com/questions/43987244/what-is-the-kube-system-namespace-for