Antony Kervazo-Canut

Kubernetes
for
Teenagers
SUITABLE FOR ADULTS
 Antony Kervazo-Canut

Installation kubectl
- minikube
 Antony Kervazo-Canut

Configuration
kubectl
 Antony Kervazo-Canut

Pod
Pods are the smallest deployable units created and managed by
Kubernetes. A Pod is a group of one or more containers.

Pods can be created using YAML configuration files, providing more

control and flexibility.

mypod.yaml
 Antony Kervazo-Canut

Managing Pods
 Antony Kervazo-Canut

Deployment
A Deployment manages a set of replicas of your application, ensuring
its deployment and scaling.

Deployments are often defined and configured via YAML files.

 Antony Kervazo-Canut

Managing
Deployments
 Antony Kervazo-Canut

Service
A Service in Kubernetes is an abstraction that defines a logical set of
Pods and a policy by which to access them.

Services can be configured in more detail via YAML files, especially to

define different types of Services such as ClusterIP, NodePort, or
LoadBalancer.
 Antony Kervazo-Canut

Managing Services
 Antony Kervazo-Canut

Volume
In Kubernetes, a volume is a unit of storage attached to a Pod,
existing as long as the Pod exists. A Persistent Volume
(PersistentVolume, PV), on the other hand, is a storage resource in
the cluster that remains independent of the lifespan of individual
Pods. PersistentVolumeClaims (PVCs) are storage requests by users
that can be bound to PVs to provide persistent storage.
 Antony Kervazo-Canut

Managing Volumes
 Antony Kervazo-Canut

Ingress
In Kubernetes, networks enable communication between different
components, such as Pods, Services, and outside of the cluster.

Ingress is a Kubernetes object that manages external access to

services in a cluster, typically HTTP.
 Antony Kervazo-Canut

Managing Ingress
 Antony Kervazo-Canut

Namespace
Kubernetes namespaces offer a way to divide cluster resources
among multiple users and projects. They are useful for creating
isolated environments within the same cluster.
 Antony Kervazo-Canut

Managing
Namespaces
 Antony Kervazo-Canut

Authentication
Security in Kubernetes heavily relies on the use of tokens for the
authentication of users and processes. Tokens can be API tokens,
service account tokens, or other forms of identifiers.

Kubernetes uses RBAC (Role-Based Access Control) to manage the

permissions of users and service accounts.
 Antony Kervazo-Canut

Managing
Accounts
 Antony Kervazo-Canut

Network Policies
Network Policies in Kubernetes allow controlling how Pods can
communicate with each other and with other network endpoints.

Network policies are defined using YAML files that specify the rules
for incoming (ingress) and outgoing (egress) traffic.
 Antony Kervazo-Canut

Managing Network
Policies
 Antony Kervazo-Canut

ConfigMap
ConfigMaps allow storing configuration data external to Pods, aiding
in the management and deployment of applications.

ConfigMaps can be used in Pods as environment variables, command-

line arguments, or as configuration files in a volume.
 Antony Kervazo-Canut

ConfigMap
 Antony Kervazo-Canut

Managing
ConfigMaps
 Antony Kervazo-Canut

Secret
Kubernetes secrets are used to store and manage sensitive
information, such as passwords, OAuth tokens, and SSH keys. They
allow for the separation of sensitive details from configuration files
or container images.
 Antony Kervazo-Canut

Secret
 Antony Kervazo-Canut

Managing Secrets
 Antony Kervazo-Canut

Managing Logs
Monitoring is crucial for maintaining the health and performance of
your Kubernetes cluster. It involves monitoring resources,
performance, and the health of Pods, nodes, and other components.

Kubernetes can be integrated with various monitoring tools such as

Prometheus, Grafana, etc.