Why Kubernetes?
Kubernetes (K8s) automates the deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. While Docker manages containers on a single machine, Kubernetes manages clusters of machines — making it the de facto orchestrator for modern cloud-native workloads.
Cluster Architecture
A Kubernetes cluster consists of two main parts: the control plane and the worker nodes.
The control plane is the brain. It handles scheduling, scaling, and maintaining the desired state of your workloads. Key components include:
- API Server — The front door for all REST commands; the CLI (
kubectl) talks to it. - etcd — A consistent and highly-available key-value store for all cluster data.
- Scheduler — Assigns newly created pods to appropriate nodes.
- Controller Manager — Runs controller processes that regulate the cluster state.
Worker nodes are the machines (virtual or physical) that run the actual application pods. Each node runs:
- Kubelet — An agent that ensures containers are running in a Pod as expected.
- Container Runtime — The software responsible for running containers (e.g., containerd, CRI-O).
- Kube-proxy — Maintains network rules for pod communication.
Pods: The Smallest Deployable Unit
You never deploy a container directly in Kubernetes — you deploy a Pod. A Pod is one or more containers that always co-locate and co-schedule.
apiVersion: v1
kind: Pod
metadata:
name: web-pod
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:1.27
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
In practice, you rarely create Pods directly. Instead, you use higher-level abstractions like Deployments.
Deployments and Services
A Deployment manages replicated Pods and handles rolling updates:
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-deployment
spec:
replicas: 3
selector:
matchLabels:
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
template:
metadata:
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:1.27
ports:
- containerPort: 80
A Service provides a stable network endpoint for your Pods:
apiVersion: v1
kind: Service
metadata:
name: web-service
spec:
selector:
app: web
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
Namespaces and Resource Management
Namespaces isolate resources within a cluster. Create environments like staging and production to prevent naming conflicts and enforce resource quotas:
apiVersion: v1
kind: Namespace
metadata:
name: production
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: prod-quota
namespace: production
spec:
hard:
pods: "20"
requests.cpu: "4"
requests.memory: "8Gi"
limits.cpu: "8"
limits.memory: "16Gi"
Conclusion
Kubernetes has a steep learning curve, but its abstractions — Pods, Deployments, Services, and Namespaces — form a coherent model for managing complex applications at scale. Start small with a local cluster using kind or minikube, deploy a simple app, and gradually explore more advanced concepts like Ingress, ConfigMaps, and Helm charts.