Cloudjur

Application-Namespaces

3 min read

Application Namespaces

Relevant source files

This page provides a high-level overview of the application namespaces within the cluster. Each namespace is organized by functional domain, grouping related services to streamline networking, security policies, and storage management.

The cluster utilizes a GitOps approach where each namespace’s contents are managed via Kustomization files that point to individual application ks.yaml (Flux Kustomization) files.

Logical Organization of Namespaces

The following diagram illustrates the relationship between the major namespaces and the types of services they host.

Namespace Functional Map

[Flowchart Diagram]

Sources:

Media Services (8.1)

The media namespace is dedicated to content consumption and library management. It includes heavy-duty applications like Plex and Jellyfin which utilize Intel QuickSync hardware acceleration for transcoding. This namespace relies heavily on shared NFS mounts for high-capacity media storage.

Key Applications:

  • Streaming: Plex, Jellyfin.
  • Library Managers: Komga (manga), Kavita (books), Calibre-Web-Automated.
  • Utilities: Tautulli, Seerr, Maintainerr, Watchstate.

For details, see Media Services.

Sources:

Downloads and Automation (8.2)

The downloads namespace contains the “Arr Stack” and associated download clients. These services are configured with specific networking requirements, such as qBittorrent routing through a VPN sidecar.

Key Applications:

  • Downloaders: qBittorrent, SABnzbd.
  • Automation: Sonarr, Radarr, Lidarr, Bazarr, Prowlarr.
  • Niche Automation: AutoBangumi, ytdl-sub, MeTube.

For details, see Downloads and Automation (The Arr Stack).

Sources:

Home Automation (8.3)

The home-automation namespace bridges the cluster to physical IoT devices. It features advanced networking via Multus CNI to allow pods to communicate across isolated VLANs (IoT, No-Internet, etc.).

Key Applications:

  • Core: Home Assistant.
  • NVR: Frigate (integrated with Coral TPU and GPU).
  • Messaging: Mosquitto MQTT broker.

For details, see Home Automation.

Sources:

Default Namespace Utilities (8.4)

The default namespace serves as the landing zone for general-purpose web utilities and productivity tools. It hosts the cluster’s entry point, the Homepage dashboard.

Key Applications:

  • Dashboards: Homepage, Glance.
  • Productivity: n8n (automation), Paperless-ngx, FreshRSS.
  • Tools: IT-Tools, CyberChef, SearXNG, Atuin.

For details, see Default Namespace Utilities.

Sources:

AI and MCP Services (8.5)

The ai namespace manages large language models and the Model Context Protocol (MCP) ecosystem. It facilitates local LLM inference and provides the infrastructure for AI agents to interact with cluster services like Home Assistant or Grafana.

Key Applications:

  • Inference: Ollama.
  • Interface: Open-WebUI.
  • MCP Operator: ToolHive.

For details, see AI and MCP Services.

Developer and Platform Services (8.6)

This section covers namespaces supporting the development lifecycle and miscellaneous workloads.

  • dev: Hosts Forgejo for Git hosting and CI runners.
  • flux-system: Contains the GitOps controllers and management UIs like Headlamp.
  • games: Dedicated to game servers (e.g., Minecraft).
  • workadventure: Hosts communication services like Synapse (Matrix).

For details, see Developer and Platform Services.

Infrastructure and Support Namespaces

While not primarily “application” namespaces, these provide the backend services required by the apps above.

NamespacePrimary RoleKey Code Entities
storagePersistent Volumesdemocratic-csi, garage (S3)
databaseStateful DataCloudNativePG, dragonfly-operator
securityIAM & Policyauthentik, kyverno
observabilityMonitoringkube-prometheus-stack, loki, tempo

Namespace to Code Entity Mapping

[Flowchart Diagram]

Sources:

Graph View

Backlinks