Skip to content

Instantly share code, notes, and snippets.

@apinter

apinter/k8s_learning_path.md

Last active March 20, 2025 22:29
Show Gist options
  • Save apinter/f83ae95f8be378ece38e66bc37084bf4 to your computer and use it in GitHub Desktop.
Save apinter/f83ae95f8be378ece38e66bc37084bf4 to your computer and use it in GitHub Desktop.
Download ZIP
k8s is king
Raw
k8s_learning_path.md

Get familiar with the base concepts

Doesn't need a running cluster! Install podman and kubectl.

  • kubectl
    • Don't write it down as a simple tool to interact with clusters. kubectl can create all sorts of resources like secrets, pods, deployments etc. Great for learning.
    • kubectl run (kubectl run -i --tty --rm debug --image=registry.opensuse.org/opensuse/tumbleweed --restart=Never -- bash)
    • kubectl exec (kubectl exec -it -n default debug -- bash)
    • kubectl create (kubectl create deployment test --image registry.adathor.com/opensuse/tumbleweed --replicas 3 --dry-run=client -o yaml)
    • kubectl logs
    • kubectl get
    • kubectl apply
    • kubectl describe
    • etc etc etc
  • etcd
  • pods -labels and annotations
    • securityContext
    • env
      • in pod config
      • reference from ConfigMap (CM)
      • reference from Secrets
    • resources
      • cpu and ram
      • limits and requests
    • imagePullSecret if using a private registry/repo
  • ConfigMaps
  • Secrets
  • Services

Going deeper

Still doesn't need a cluster

  • deployments
    • replicas
  • PersistentVolumeClaims
  • Mounts kinda ties back to pods
  • Volumes

Get a cluster

Local stuff for dev/learning:

  • KIND

  • Minikube

  • Pick a managed kubernetes service

    • GKE
    • LKE
    • EKS
    • AKS

  • StatefullSets and why should we avoid these (ideally)

  • Ingress - Install ingress-nginx or traefik,

  • LoadBalancer

  • Custom resource definition

  • Kubernetes operators

Tooling - Can jump into getting to know these at any point

Cluster side:

  • ArgoCD- continous delivery (GitOps)
  • ArgoCD image updater - use the sha, not the tags for deploying images
  • cert-manager - sweet, sweet tls
  • istio - networking, a certain type of journey all by its own. Super handy, get a course on Udemy for it.
  • kyverno - policy management

Cli:

  • kustomize
    • manifest management/templating, super great if you don't want to fork and downstream maintain helm packages
  • helm
    • manifest templating, a pain to write for complex deplyoments, not ideal if you need to do something that requires change to the helm package
  • k9s a tui cluster manager, super handy. No need for abstractions like Rancher or Lens.
  • kuebctl
  • kubectx if managing multiple clusters
  • cosign - make your images verifyable by signing them, reject them if the signature doesn't match.

Ideal for the underlying infrastructure management. Not exactly a strict k8s requirement, should have these from the get go even for regular VMs/metal/VPS management:

  • Ansible
  • Terraform

Basics training video

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment