What is Kubernetes?
Kubernetes (often abbreviated as K8s) is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. Originally designed by Google and now maintained by the Cloud Native Computing Foundation (CNCF), Kubernetes has become the de facto standard for running containers in production.
Why Kubernetes?
- Service Discovery & Load Balancing: Kubernetes can expose a container using a DNS name or IP address and load-balance traffic
- Storage Orchestration: Automatically mount local storage, cloud storage, or network storage
- Automated Rollouts & Rollbacks: Describe the desired state and Kubernetes changes the actual state at a controlled rate
- Self-Healing: Restarts failed containers, replaces and reschedules containers when nodes die
- Secret & Configuration Management: Deploy and update secrets and config without rebuilding container images
- Horizontal Scaling: Scale applications up or down based on CPU utilization or custom metrics
Kubernetes Architecture
A Kubernetes cluster consists of a control plane (master) and one or more worker nodes. The control plane manages the cluster state and makes scheduling decisions, while worker nodes run the actual application containers.
Control Plane Components
- kube-apiserver: The API server is the front end for the Kubernetes control plane. All communication (kubectl, dashboards, other components) goes through it.
- etcd: A consistent and highly-available key-value store used as Kubernetes' backing store for all cluster data.
- kube-scheduler: Watches for newly created Pods with no assigned node and selects a node for them to run on based on resource requirements, affinity rules, and constraints.
- kube-controller-manager: Runs controller processes — Node controller, ReplicaSet controller, Endpoints controller, and Service Account controller.
- cloud-controller-manager: Links your cluster to your cloud provider's API to manage cloud-specific resources (load balancers, storage volumes, routes).
Worker Node Components
- kubelet: An agent running on each node that ensures containers are running in a Pod. It takes PodSpecs and ensures the described containers are running and healthy.
- kube-proxy: A network proxy running on each node that maintains network rules allowing network communication to Pods from inside or outside the cluster.
- Container Runtime: The software responsible for running containers — containerd, CRI-O, or any CRI-compatible runtime.
Core Kubernetes Objects
| Object | Purpose | Key Concept |
|---|---|---|
| Pod | Smallest deployable unit | One or more containers sharing network/storage |
| ReplicaSet | Ensures desired number of pod replicas | Maintains pod count even if nodes fail |
| Deployment | Declarative updates for Pods | Rolling updates and rollbacks |
| Service | Stable network endpoint for Pods | ClusterIP, NodePort, LoadBalancer |
| ConfigMap | Non-confidential configuration data | Environment variables, config files |
| Secret | Sensitive data (passwords, tokens) | Base64 encoded, mounted as volumes or env vars |
| Namespace | Virtual cluster within a cluster | Resource isolation and organization |
Setting Up a Local Kubernetes Cluster
# Option 1: minikube (recommended for learning)
# Install minikube
brew install minikube # macOS
# or
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
# Start a cluster
minikube start --driver=docker --memory=4096 --cpus=2
# Verify cluster is running
minikube status
kubectl cluster-info
# Option 2: kind (Kubernetes in Docker)
brew install kind
kind create cluster --name my-cluster
# Option 3: Docker Desktop (enable Kubernetes in settings)
# Settings > Kubernetes > Enable Kubernetes > Apply & Restart
# Install kubectl (if not already installed)
brew install kubectl # macOS
# or
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
# Verify kubectl is connected
kubectl get nodes
kubectl get namespacesYour First Kubernetes Deployment
# my-first-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.25
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "250m"
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer# Apply the manifest
kubectl apply -f my-first-deployment.yaml
# Check deployment status
kubectl get deployments
kubectl get pods
kubectl get services
# Watch pods come up in real time
kubectl get pods -w
# View detailed info about the deployment
kubectl describe deployment nginx-deployment
# Access the service (minikube)
minikube service nginx-serviceDeclarative vs Imperative Management
Kubernetes supports both declarative (YAML manifests with kubectl apply) and
imperative (direct commands like kubectl create) management. Production
environments should always use declarative management — define the desired state in version-controlled
YAML files, and let Kubernetes reconcile the actual state to match.
Key Takeaways
- Kubernetes automates deployment, scaling, and management of containerized applications
- The architecture consists of a control plane (API server, scheduler, etcd) and worker nodes (kubelet, kube-proxy)
- Core objects include Pods, Deployments, Services, ConfigMaps, Secrets, and Namespaces
- Use minikube or kind for local development, managed services (GKE, EKS, AKS) for production
- Always prefer declarative management with version-controlled YAML manifests