Skip to main content


OWASP Kubernetes Top 10 -

Deploy a Production Ready Kubernetes Cluster - -

Local Kubernetes Development - -

Validators / linters

What is Kubernetes?

Kubernetes comprises a set of independent, composable control processes that continuously drive the current state towards the provided desired state.



  • Scaling management
  • Secrets and configuration management
  • Service discovery
  • Load balancing
  • Container health checks and management

Concepts and components

  • Cluster: a set of worker machines (nodes).
  • Node: a worker machine.
    • Can be virtual or physical.
    • Each node has a container runtime (eg Docker, containerd, CRI-O).
  • Pod: a set of running containers.
    • Is the smallest object in Kubernetes.
    • A pod can have 1 or more containers (eg application, logging...).
    • Pods are replicated across multiple nodes, providing high availability.
    • Pods are disposable and replaceable (ephemeral, nonpermanent, not persistent), and can be created and terminated by the control plane.
    • All containers in a pod share an IP address, IPC, hostname, and other resources. (source)
  • Service: An abstract way to expose an application running on a set of Pods as a network service
  • Volume: A directory containing data, accessible to the containers in a Pod.
    • Since pods are ephemeral, volumes provide a persistent way to store data.


  • A cluster has many nodes
  • A node has many pods
  • A pod has many containers

Control plane

A cluster is managed by the control plane (called master in the past), which exposes an API that allows for example to interact with the scheduler.

The control plane is responsible for maintaining the desired state of the cluster, such as which applications are running and which container images they use. (source)


  • kube-apiserver: exposes the Kubernetes API.
  • etcd: key value store for all cluster data.
  • kube-scheduler: watches for newly created Pods with no assigned node, and selects a node for them to run on.
  • kube-controller-manager: runs controller processes.
  • cloud-controller-manager: embeds cloud-specific control logic. Lets you link your cluster into your cloud provider's API.

See for more details.



Allows you to interact with the cluster, eg to get the status of nodes, pods, and services.




kubectl version

kubectl cluster-info

kubectl get nodes

kubectl get pods

List all namespaces and pods: kubectl get all -A

Show cluster services: kubectl describe services

Verify the deployment: kubectl get deployments

Show all events: kubectl get events -w

Show component status (deprecated in 1.19): kubectl get componentstatuses

Check the rollout status: kubectl rollout status deployment/simple-flask-deployment

Get external IP address: kubectl get services <service-name> -o wide