Skip to main content

Kubernetes

Master container orchestration with Kubernetes — the industry standard for deploying, scaling, and managing containerized applications.

Documentation

GuideDescription
FundamentalsArchitecture, pods, services, deployments, and core concepts
Workloads & SchedulingDeployments, StatefulSets, DaemonSets, Jobs, auto-scaling, and health checks
Networking & ServicesService types, Ingress, DNS, Network Policies, and service mesh
Storage & PersistenceVolumes, PV/PVC, StorageClasses, CSI, and backup strategies
Security & HardeningRBAC, pod security, image scanning, secrets, and NSA/CISA hardening guide
Exam Prep (CKA/CKAD/CKS)Certification domains, practice questions, study tips, and labs
kubectl Cheat Sheet200+ commands for pods, deployments, services, debugging, and cluster management
Production & OperationsCI/CD, Helm, monitoring, logging, disaster recovery, and cloud providers
Interview Questions60+ questions from beginner to advanced with detailed answers

Core Architecture

┌─────────────────────────────────────────────────────┐
│                   Control Plane                      │
│  ┌───────────┐  ┌──────┐  ┌───────────┐  ┌───────┐ │
│  │API Server │  │ etcd │  │ Scheduler │  │Ctrl Mgr│ │
│  └───────────┘  └──────┘  └───────────┘  └───────┘ │
└──────────────────────┬──────────────────────────────┘

       ┌───────────────┼───────────────┐
       ▼               ▼               ▼
┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│  Worker 1   │ │  Worker 2   │ │  Worker 3   │
│  kubelet    │ │  kubelet    │ │  kubelet    │
│  kube-proxy │ │  kube-proxy │ │  kube-proxy │
│  [pods]     │ │  [pods]     │ │  [pods]     │
└─────────────┘ └─────────────┘ └─────────────┘

Essential Concepts

ConceptDescription
PodSmallest deployable unit, one or more containers
ServiceStable network endpoint for pods
DeploymentManages ReplicaSets and rolling updates
StatefulSetFor stateful applications with stable identity
DaemonSetRuns a pod on every node
IngressHTTP/HTTPS routing to services
ConfigMapConfiguration data as key-value pairs
SecretSensitive data (passwords, tokens)
PV/PVCPersistent storage for pods
NamespaceVirtual cluster for resource isolation

Learning Path

  1. Start with fundamentals — understand architecture, pods, services
  2. Master workloads — deployments, scaling, scheduling, health checks
  3. Learn networking — services, ingress, DNS, network policies
  4. Understand storage — volumes, PV/PVC, StatefulSets with data
  5. Harden security — RBAC, pod security, image scanning
  6. Prepare for certifications — CKA, CKAD, CKS exam prep
  7. Go to production — CI/CD, monitoring, Helm, disaster recovery

Certification Path

CertificationLevelFocus
KCNABeginnerKubernetes and Cloud Native concepts
CKAIntermediateCluster administration and operations
CKADIntermediateApplication development on Kubernetes
CKSAdvancedSecurity specialist (requires CKA)

Quick Start

# Install minikube and start a local cluster
minikube start

# Deploy an app
kubectl create deployment hello --image=nginx
kubectl expose deployment hello --port=80 --type=NodePort

# View resources
kubectl get pods,svc,deploy

# Scale up
kubectl scale deployment hello --replicas=3

# Clean up
kubectl delete deployment hello
kubectl delete svc hello

External Resources

ResourceDescription
Kubernetes Official DocsOfficial documentation
Kubernetes the Hard WayLearn K8s from scratch by Kelsey Hightower
Play with K8sFree K8s playground
KillercodaInteractive K8s scenarios
CNCF LandscapeCloud native ecosystem overview
Kubernetes Troubleshooting GuideVisual troubleshooting flowchart

Security Tools

ToolDescription
KubescapeSecurity testing per NSA/CISA hardening guidance
FalcoKubernetes threat detection engine
OPA GatekeeperPolicy-as-code for Kubernetes
TrivyContainer image vulnerability scanner

Useful Tools

ToolDescription
HelmKubernetes package manager
TelepresenceFast local development for K8s microservices
LensKubernetes IDE
k9sTerminal UI for Kubernetes
DatreePrevent K8s misconfigurations in development