DevSecOps - Kubernetes DevOps & Security

DevOps Pipeline

Kubernetes Basics

Kubernetes is an open-source container orchestration platform that automates deployment, scaling, and management of containerized applications. In this lesson, you'll learn the core Kubernetes objects—Pods, ReplicaSets, and Deployments—and see how they work together in a cluster.

Why Use Kubernetes?

Key advantages of Kubernetes:

  • Self-Healing: Automatically restarts or replaces failed containers.
  • Automated Rollouts & Rollbacks: Gradually roll out changes and roll back if there’s an issue.
  • Efficient Scheduling: Optimizes placement of containers based on resource requirements.
  • Built-In Load Balancing: Distributes traffic across containers to ensure reliability.
  • Service Discovery & DNS Management: Simplifies communication between microservices.

Core Resource Types

Resource TypePurposeExample Command
PodSmallest deployable unit, encapsulates one or more containerskubectl run nginx-pod --image=nginx --restart=Never
ReplicaSetMaintains a stable set of pod replicaskubectl apply -f replicaset.yaml
DeploymentDeclarative updates for pods and ReplicaSetskubectl apply -f deployment.yaml

Pod

A Pod is the basic building block in Kubernetes. It represents one or more containers that share storage, network, and a specification for how to run the containers.

apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: frontend
spec:
  containers:
  - name: nginx
    image: nginx:latest
    ports:
    - containerPort: 80

Apply this manifest:

kubectl apply -f pod.yaml

Note

Pods are ephemeral. When a Pod dies, it won't be recreated unless managed by a higher-level controller (e.g., ReplicaSet).

ReplicaSet

A ReplicaSet ensures a specified number of pod replicas are running at all times. It will create or delete Pods to match the desired replica count.

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: frontend-rs
  labels:
    app: frontend
spec:
  replicas: 2
  selector:
    matchLabels:
      app: frontend
  template:
    metadata:
      labels:
        app: frontend
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

Deploy the ReplicaSet:

kubectl apply -f replicaset.yaml

Use the following command to verify:

kubectl get rs

Deployment

A Deployment provides declarative updates for Pods and ReplicaSets. You can easily roll out new versions, pause, or roll back to a previous state without downtime.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend-deploy
  labels:
    app: frontend
spec:
  replicas: 2
  selector:
    matchLabels:
      app: frontend
  template:
    metadata:
      labels:
        app: frontend
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

Apply and inspect resources:

kubectl apply -f deployment.yaml
kubectl get pod,deploy,rs

Sample output:

NAME                                     READY   STATUS    RESTARTS   AGE
pod/frontend-deploy-6bcf78fb7-mdd5j     1/1     Running   0          43s
pod/frontend-deploy-6bcf78fb7-xsdm6     1/1     Running   0          43s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/frontend-deploy   2/2     2            2           43s

NAME                                       READY   AGE
replicaset.apps/frontend-deploy-6bcf78fb7  2/2     43s

Warning

Always specify selector.matchLabels correctly in your Deployment to avoid orphaned ReplicaSets.

Next Steps

In upcoming lessons, we'll integrate these Kubernetes resources into a CI/CD pipeline using Jenkins and explore advanced topics such as Services, ConfigMaps, and Secrets.

Watch Video

Watch video content

Previous
Demo Docker Build and Push