Stay organized with collections
Save and categorize content based on your preferences.
A project is a key multi-tenancy concept in Google Distributed Cloud (GDC) air-gapped. It is the
tenancy unit that every service needs to integrate. It provides logical grouping
of service instances.
Projects enable segmentation of resources within an organization and provide a
lifecycle and policy boundary for managing resources. Resources inside a project
can never outlive the project itself or move between projects, ensuring that
control is guaranteed for the life of the resource.
A project is considered a proper Kubernetes namespace that spans across multiple
Kubernetes clusters in an organization. Kubernetes treats each cluster as a separate
entity, and each cluster has an independent project namespace. However, for all
clusters in a GDC organization, GDC
considers all namespaces of a given name the same namespace. This is
referred to as namespace sameness. The single namespace has a consistent owner
across the set of clusters. Service providers create project-scoped services by
creating control plane and data plane components in the namespace.
The namespace for the project, called the Project Admin Namespace, hosts the
following:
Project-scoped service APIs, or Kubernetes custom resource definitions.
Project-level policy configurations, such as roles and role bindings.
You can configure a project to span across only a subset of Kubernetes clusters in an
organization. Users can deploy containerized workloads on these clusters within
the project namespace. The namespace sameness concept applies to the project
namespace on these clusters. Namespace-scoped policies, such as role-based
access (RBAC) policies, apply to all those namespaces.
For more information on the resource hierarchy of GDC
and best practices for organizing your resource hierarchy, see the
Resource hierarchy and access control
guide.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eProjects in Google Distributed Cloud (GDC) air-gapped are the fundamental multi-tenancy unit for service integration, providing logical grouping of service instances.\u003c/p\u003e\n"],["\u003cp\u003eProjects enable resource segmentation within an organization, offering a distinct lifecycle and policy boundary for resource management.\u003c/p\u003e\n"],["\u003cp\u003eA project represents a Kubernetes namespace that spans multiple Kubernetes clusters within an organization, with GDC treating identically named namespaces across all clusters as one entity, known as namespace sameness.\u003c/p\u003e\n"],["\u003cp\u003eThe Project Admin Namespace, the namespace for a project, contains project-scoped service APIs and project-level policy configurations like roles and role bindings.\u003c/p\u003e\n"],["\u003cp\u003eProjects can be configured to span a subset of Kubernetes clusters, where namespace sameness and namespace-scoped policies are enforced.\u003c/p\u003e\n"]]],[],null,[]]