This 4 part SERIES is for you if today is the first time you heard about Kubernetes or have hear others talk about it but are not sure what it is.

This Guide is a Multi-part series written for Cloud Security Podcast, a weekly video podcast where I interview Cloud Security experts on how they keep their Public Cloud environment secure whether it’s running on Cloud Native services, containers, Kubernetes or Serverless.

Part 1 — Introduction to Kubernetes for Beginners

Prior Experience

Prior Knowledge that would be helpful before going through this guide:

If you prefer listening to the audio, Click on the image below to hear the audio version of this post:

Cloud Security Podcast Episode — What is Kubernetes? Do you need it?

What is Kubernetes?

Kubernetes is an open-source platform for managing and orchestrating containerized workload and services in a repeatable, reliable, scalable and distributed fashion utilising over 15yrs of Google’s knowledge of distributed system.

Kubernetes comes with set of services that orchestrate and helps reliably maintain an Application state based on what the user declared. Keyword to note here is STATE & RELIABLY MAINTAINS.

To put simply as a USER you will define a STATE for your application (how much memory, how many replications, Should it have a Public IP etc) and Kubernetes will use that definitions to create and manage the workload for the Application that the user Declared, until you as a User change the state.

In a true distributed fashion the services within a Kubernetes Cluster will work to maintain the Application state in the most efficient way possible based on the User declaration.

Kubernetes is a platform created with the USER in mind.

Why Kubernetes is the next Checkpoint in Compute Capability for Cloud and On-Premise?

  • Use of Declarative over imperative definition for state of Application
    - Killing a container to make any changes or deploy a new package is not a thing. Changing the declaration sends the instruction for the Cluster to update itself with the least disruption.
    - The system is driving towards maintaining a state which mean auto-recovery, self healing, immutable or reportable without added complexity of possibly loosing state and be in limboland which is what used to happen in the traditional world of Server/Client
  • Breaking the Master/Slave model from event triggered to level triggered
    Instead of server managing the state every x mins/secs for the deployed application, the client monitors the defined state
    - Instead of the Master trying to maintain a state to make changes based on an event, the nodes in a Kubernetes cluster are driving to maintain the User defined declared state. Now we don’t have a single point of failure.
    - If Server goes down, the client(cluster) retains it’s last known state.
  • Workload portability
    - 1 Transparent API for all services in Kubernetes
    Similar to Windows/Linux/MacOS operating system (OS), Kubernetes is the OS for distributed systems. It has API that connects Users and internal systems for users to define a state. All interactions happen through this API so a user can also create functions and further abstraction over the Kubernetes API to extend it’s capabilities for more complex use cases across any platform.

Types of Kubernetes

Kubernetes can be deployed as Managed or UnManaged.

Example of Managed Kubernetes are Kubernetes services offered by AWS EKS, Azure AKS , Google Cloud GKE.

Example of an UnManaged Kubernetes would be a self hosted Kubernetes deployment.

What Kubernetes is not?

It is a not a PaaS, it is not a CI/CD pipeline, it does not build applications, provide application level services like — middleware, data processing framework, database, etc.

In Part 2 of this series we cover— Kubernetes Components to understand where Security Building Blocks should be placed.

If you found the information valuable, consider following the Cloud Security Podcast on your favourite podcast and video platform to be notified when we create more content like this.

Security expert with a goal to make security an enabler instead of a blocker in the exciting world of cloud and machine learning.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store