Kubernetes 中的所有系统服务都部署到一个命名空间，通常称为 kube-system。那是从哪里来的？

正如好的文档中所指出的，Kubernetes 最初启动了三个命名空间：

• default - 没有其他命名空间的对象的默认命名空间。
• kube-system - Kubernetes 系统创建的对象的命名空间。
• kube-public - 命名空间是自动创建的，所有用户（包括未经过身份验证的用户）都可以读取。这个命名空间主要是为集群使用保留的，以防某些资源在整个集群中是公​​开可见和可读的。这个命名空间的公共方面只是一个约定，而不是一个要求。

您可以使用上下文处理将命名空间更改default为您喜欢的任何命名空间。kubectl config

如果我想将其更改为另一个命名空间怎么办？

That would be a convoluted and rather risky undertaking... For kubeadm created cluster you can find appropriate manifests in /etc/kubernetes/manifests but it is not just sufficient to change namespace there, there is an array of config maps, certificates and things to consider namespace-wise. And even if you manage to do so there is reason behind the deprication of api-server flag master-service-namespace since you can break GKE implicit references and similar issues can arise. It all boils down to that it is not really advisable to change kube-system namespace.

Edit:

Below is excerpt from kuberentes source where you can see how those namespaces are initially defined.

// NamespaceDefault means the object is in the default namespace which is applied when not specified by clients
NamespaceDefault string = "default"
// NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces
NamespaceAll string = ""
// NamespaceNone is the argument for a context when there is no namespace.
NamespaceNone string = ""
// NamespaceSystem is the system namespace where we place system components.
NamespaceSystem string = "kube-system"
// NamespacePublic is the namespace where we place public info (ConfigMaps)
NamespacePublic string = "kube-public"

You can find more references to kube-system through the codebase, here is another example:

// "kube-system" is the default scheduler lock object namespace
SchedulerDefaultLockObjectNamespace string = "kube-system"

And so on...