TechPlained
DevOps

What Is Kubernetes? A Simple Guide for Beginners

A beginner-friendly explanation of Kubernetes concepts and architecture covering Pods, Deployments, Services, Namespaces, kubectl basics, and managed K8s pricing on EKS, GKE, and AKS.

A
Abhishek Patel13 min read

Infrastructure engineer with 10+ years building production systems on AWS, GCP,…

TweetLinkedIn Email
What Is Kubernetes? A Simple Guide for Beginners
What Is Kubernetes? A Simple Guide for Beginners

Kubernetes Is a Container Orchestrator -- Here's What That Actually Means

You've built a containerized app. It runs great on your laptop with docker run. Now you need to run 50 copies of it across 10 servers, keep them healthy, roll out updates without downtime, and scale up when traffic spikes. That's the problem Kubernetes solves.

Kubernetes (often abbreviated K8s) is an open-source container orchestration platform originally designed by Google and released in 2014. Google ran its internal systems on a predecessor called Borg for over a decade before open-sourcing the ideas as Kubernetes. Today, K8s is maintained by the Cloud Native Computing Foundation (CNCF) and is the industry standard for running containers in production. As of Kubernetes v1.32 (released December 2024), it's deployed by over 80% of organizations using containers in production, according to the CNCF 2024 survey.

Definition: Kubernetes is a portable, extensible platform for managing containerized workloads and services. It automates deployment, scaling, and operations of application containers across clusters of hosts, providing a container-centric infrastructure that eliminates many manual processes involved in deploying and scaling containerized applications.

I've been running K8s clusters in production since 2016 -- from self-managed bare-metal setups to managed services on all three major clouds. This guide covers the core concepts you actually need to understand before touching your first cluster. I'll skip the hype and focus on what matters.

Kubernetes Architecture: The 10,000-Foot View

A Kubernetes cluster has two types of machines: the control plane (formerly called "master") and worker nodes. Think of the control plane as the brain and the worker nodes as the hands.

Control Plane Components

  • kube-apiserver -- the front door. Every interaction with the cluster (from kubectl, the dashboard, or other services) goes through this REST API. It validates and processes requests, then stores the desired state in etcd.
  • etcd -- a distributed key-value store that holds all cluster state. This is the single source of truth. If etcd dies and you don't have backups, your cluster configuration is gone. Back it up.
  • kube-scheduler -- decides which worker node should run a new Pod based on resource requirements, affinity rules, taints, and tolerations. It doesn't run the Pod -- it just picks the node.
  • kube-controller-manager -- runs a collection of control loops that watch the cluster state and make changes to move from the current state toward the desired state. For example, if a Deployment specifies 3 replicas and only 2 are running, the ReplicaSet controller creates a third.

Worker Node Components

  • kubelet -- an agent on every worker node that receives Pod specs from the API server and ensures the containers described in those specs are running and healthy.
  • kube-proxy -- manages network rules on each node so that Pods can communicate with each other and with external traffic. It implements the Service abstraction.
  • Container runtime -- the software that actually runs containers. Kubernetes v1.24 (May 2022) removed built-in Docker support in favor of the CRI (Container Runtime Interface). Most clusters now use containerd or CRI-O.

Pro tip: You don't need to memorize every control plane component to start using Kubernetes. If you're using a managed service like EKS, GKE, or AKS, the cloud provider handles the control plane entirely. Your job is understanding Pods, Deployments, and Services -- the objects you interact with daily.

Core Concepts: The Objects You'll Use Every Day

Pods

A Pod is the smallest deployable unit in Kubernetes. It's not a container -- it's a wrapper around one or more containers that share the same network namespace and storage volumes. In practice, 95% of your Pods will contain a single container. Multi-container Pods are for sidecar patterns: a logging agent, a service mesh proxy, or an init container that runs setup before the main app starts.

Pods are ephemeral. They get an IP address when created, and that IP goes away when the Pod dies. Never rely on a Pod's IP address directly -- that's what Services are for. Pods can be killed and rescheduled at any time due to node failures, scaling events, or updates. Design your apps to handle this.

# A basic Pod spec (you'll rarely write these directly)
apiVersion: v1
kind: Pod
metadata:
  name: my-app
  labels:
    app: my-app
spec:
  containers:
  - name: my-app
    image: my-app:1.2.0
    ports:
    - containerPort: 8080
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
      limits:
        cpu: 500m
        memory: 256Mi

Deployments

You almost never create Pods directly. Instead, you create a Deployment, which manages a ReplicaSet, which manages Pods. A Deployment declares the desired state: "I want 3 replicas of my-app:1.2.0, each with these resource limits." Kubernetes then makes it happen and keeps it that way.

Deployments handle rolling updates out of the box. When you change the container image from my-app:1.2.0 to my-app:1.3.0, K8s gradually replaces old Pods with new ones, ensuring zero downtime. The default strategy creates new Pods before killing old ones (maxSurge: 25%, maxUnavailable: 25%). You can also rollback instantly with kubectl rollout undo.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app
        image: my-app:1.3.0
        ports:
        - containerPort: 8080
        resources:
          requests:
            cpu: 100m
            memory: 128Mi
          limits:
            cpu: 500m
            memory: 256Mi

Services

Pods come and go. Services provide a stable network endpoint. A Service is an abstraction that defines a logical set of Pods (selected by labels) and a policy for accessing them. There are three main types:

  • ClusterIP (default) -- exposes the Service on an internal IP within the cluster. Other Pods can reach it, but nothing outside the cluster can. This is what you use for internal microservice communication.
  • NodePort -- exposes the Service on each node's IP at a static port (30000-32767). Useful for development, but you wouldn't use this in production.
  • LoadBalancer -- provisions an external load balancer (on cloud providers). This is the standard way to expose a Service to the internet on EKS, GKE, or AKS. It creates a cloud load balancer that routes traffic to your Pods.
apiVersion: v1
kind: Service
metadata:
  name: my-app-service
spec:
  type: LoadBalancer
  selector:
    app: my-app
  ports:
  - port: 80
    targetPort: 8080

Namespaces

Namespaces are virtual clusters within a physical cluster. They let you divide cluster resources between multiple teams or environments. A typical setup uses namespaces like default, production, staging, and monitoring. Resource quotas and network policies can be applied per namespace, giving you isolation without separate clusters.

Every cluster starts with three namespaces: default, kube-system (for K8s internal components), and kube-public. Don't deploy your apps into kube-system. Use default for experimentation and create dedicated namespaces for real workloads.

kubectl: The Command-Line Tool You'll Live In

kubectl (pronounced "kube-control" or "kube-cuttle" -- nobody agrees) is the primary CLI for interacting with Kubernetes. Here are the commands you'll use 80% of the time:

# See what's running
kubectl get pods
kubectl get pods -n staging          # specific namespace
kubectl get pods -A                  # all namespaces
kubectl get deployments
kubectl get services

# Create or update resources from YAML
kubectl apply -f deployment.yaml
kubectl apply -f ./k8s/             # apply all YAML in a directory

# Debug a failing Pod
kubectl describe pod my-app-7d4f9b6c5-x2j4k
kubectl logs my-app-7d4f9b6c5-x2j4k
kubectl logs my-app-7d4f9b6c5-x2j4k --previous   # logs from crashed container
kubectl exec -it my-app-7d4f9b6c5-x2j4k -- /bin/sh

# Scale a deployment
kubectl scale deployment my-app --replicas=5

# Rolling update and rollback
kubectl set image deployment/my-app my-app=my-app:1.4.0
kubectl rollout status deployment/my-app
kubectl rollout undo deployment/my-app

# Delete resources
kubectl delete -f deployment.yaml
kubectl delete pod my-app-7d4f9b6c5-x2j4k

Warning: kubectl delete pod kills a Pod, but if it's managed by a Deployment, a new one spawns immediately. To actually stop an application, delete or scale down the Deployment. Running kubectl delete pod repeatedly is a common beginner mistake -- it's like killing a process that a systemd service immediately restarts.

Managed Kubernetes Pricing Comparison (2026)

Running your own control plane is complex and not worth the operational overhead for most teams. The three major managed Kubernetes services handle the control plane, etcd backups, and upgrades for you. Here's what they actually cost:

ServiceControl Plane CostPer-Node Cost (4 vCPU, 16 GB)Free TierNotable Extras
AWS EKS$0.10/hr ($73/mo)~$0.166/hr ($120/mo for m6i.xlarge)NoneFargate (serverless): $0.04048/vCPU-hr
Google GKE$0.10/hr ($73/mo); Autopilot: $0~$0.150/hr ($109/mo for e2-standard-4)1 Autopilot/Standard cluster freeAutopilot: pay only for Pod resources
Azure AKSFree (Standard tier: $0.10/hr)~$0.154/hr ($112/mo for D4s v5)Free control plane (Free tier)Virtual nodes with Azure Container Instances

For a typical small production cluster (3 worker nodes, 4 vCPU / 16 GB each), monthly costs break down roughly as:

  • EKS: $73 (control plane) + $360 (3 nodes) = $433/month
  • GKE Standard: $73 (control plane) + $327 (3 nodes) = $400/month
  • GKE Autopilot: $0 (control plane) + pay-per-Pod resources -- often $200-350/month for equivalent workloads
  • AKS Free tier: $0 (control plane) + $336 (3 nodes) = $336/month

Pro tip: GKE Autopilot is the cheapest way to get started with managed Kubernetes. You don't manage nodes at all -- Google provisions exactly the resources your Pods request. For workloads under 10 vCPUs, Autopilot is typically 20-40% cheaper than running dedicated nodes because you're not paying for idle capacity. AKS with the free control plane tier is the best option if you already have Azure commitments.

Getting Started: Your First Kubernetes Deployment in 7 Steps

  1. Install kubectl -- download the binary for your OS from the official Kubernetes releases page, or use a package manager: brew install kubectl on macOS, apt-get install -y kubectl on Debian/Ubuntu. Verify with kubectl version --client.
  2. Set up a local cluster -- for learning, use minikube or kind (Kubernetes in Docker). Both run a full K8s cluster on your laptop. Run minikube start or kind create cluster and you'll have a working cluster in under 2 minutes.
  3. Deploy your first app -- create a Deployment YAML file (like the example above) or use an imperative command: kubectl create deployment nginx --image=nginx:1.27 --replicas=2. Verify with kubectl get pods.
  4. Expose it with a Service -- run kubectl expose deployment nginx --port=80 --type=NodePort. On minikube, run minikube service nginx to open it in your browser.
  5. Inspect and debug -- run kubectl describe pod <pod-name> to see events and status. Check logs with kubectl logs <pod-name>. These two commands will solve 90% of your debugging needs early on.
  6. Scale and update -- scale to 5 replicas with kubectl scale deployment nginx --replicas=5. Update the image with kubectl set image deployment/nginx nginx=nginx:1.27.1. Watch the rollout with kubectl rollout status deployment/nginx.
  7. Clean up -- delete everything with kubectl delete deployment nginx and kubectl delete service nginx. On minikube, minikube delete removes the entire cluster.

When You Don't Need Kubernetes

K8s solves real problems, but it introduces significant complexity. You don't need Kubernetes if:

  • You're running fewer than 5-10 containers. Docker Compose or a simple process manager is sufficient.
  • Your team is under 5 engineers. The operational overhead of K8s (networking, RBAC, storage, upgrades) will consume more engineering time than it saves.
  • You don't need zero-downtime deployments, auto-scaling, or multi-node orchestration. A single server with Docker and a reverse proxy handles more traffic than most startups need.
  • Your budget is under $500/month. Managed K8s has a baseline cost that doesn't make sense for small workloads. Consider a PaaS like Railway, Render, or Fly.io instead.

Warning: "Everyone uses Kubernetes" is not a valid reason to adopt it. I've seen teams spend 6 months migrating to K8s when their workload fit comfortably on two EC2 instances behind an ALB. Evaluate the operational cost honestly. K8s pays off when you have dozens of services, multiple teams, and genuine scaling requirements.

Frequently Asked Questions

What is the difference between Kubernetes and Docker?

Docker builds and runs containers. Kubernetes orchestrates them. Docker packages your application into a container image and runs it as a container on a single machine. Kubernetes takes those containers and runs them across many machines, handling scheduling, scaling, networking, and self-healing. You use Docker (or another container runtime) to build images, and Kubernetes to run them in production. They're complementary, not competing tools.

Is Kubernetes free to use?

Kubernetes itself is open-source and free. You can download it and run it on bare metal or VMs at no software cost. However, you'll pay for the infrastructure (servers, networking, storage) and the engineering time to operate it. Managed services like EKS ($73/month for the control plane), GKE ($73/month or free with Autopilot), and AKS (free tier available) charge for the management layer on top of your compute costs.

How long does it take to learn Kubernetes?

You can deploy a basic application to a local K8s cluster in an afternoon. Understanding Pods, Deployments, and Services well enough for production use takes 2-4 weeks of focused learning. Mastering networking (Ingress, NetworkPolicies, service mesh), storage (PersistentVolumes, StorageClasses), security (RBAC, Pod Security Standards), and observability takes 6-12 months of hands-on production experience. Start with the basics and layer on complexity as you need it.

What is a Kubernetes namespace used for?

Namespaces provide logical isolation within a single cluster. Common use cases include separating environments (dev, staging, production), isolating team workloads, and applying resource quotas. For example, you can limit the staging namespace to 8 CPUs and 32 GB of memory so it can't starve production workloads. Namespaces also scope RBAC -- you can grant a developer full access to the staging namespace but read-only access to production.

Can I run Kubernetes on a single server?

Yes. Tools like minikube, kind, k3s, and MicroK8s run a full Kubernetes cluster on a single machine. k3s (by Rancher/SUSE) is particularly popular for single-node production deployments -- it's a lightweight, certified Kubernetes distribution that uses 512 MB of RAM and ships as a single 70 MB binary. It's production-ready and commonly used for edge computing, IoT, and small-scale deployments.

What is the difference between EKS, GKE, and AKS?

All three are managed Kubernetes services from AWS, Google Cloud, and Azure respectively. GKE is generally considered the most polished -- Google invented Kubernetes, and GKE Autopilot offers a truly serverless K8s experience. EKS integrates deeply with the AWS ecosystem (IAM, VPC, ALB) but has the steepest learning curve and the highest base cost. AKS offers a free control plane tier and integrates well with Azure AD for identity management. Choose based on your existing cloud provider -- the differences between the three are smaller than the migration cost of switching clouds.

Do I need Kubernetes for a startup?

Probably not, at least not initially. Most startups are better served by a PaaS (Heroku, Railway, Render, Fly.io) or simple container hosting (AWS ECS, Google Cloud Run) until they hit clear scaling or multi-service complexity that justifies K8s. I'd recommend considering Kubernetes when you have 10+ microservices, need fine-grained autoscaling, or have a dedicated platform/DevOps engineer. Adopting K8s too early is one of the most common infrastructure over-engineering mistakes I see.

Start Simple, Scale Up

Kubernetes is powerful, but power comes with complexity. Start with a local cluster using minikube or kind. Deploy a single application. Understand Pods, Deployments, and Services thoroughly before diving into Ingress controllers, Helm charts, or service meshes. When you're ready for production, use a managed service -- GKE Autopilot for the easiest onramp, AKS for the cheapest, or EKS if you're already deep in AWS. The fundamentals you learn on a local cluster translate directly to any managed provider. Master the basics, and the advanced topics will click much faster.

A

Written by

Abhishek Patel

Infrastructure engineer with 10+ years building production systems on AWS, GCP, and bare metal. Writes practical guides on cloud architecture, containers, networking, and Linux for developers who want to understand how things actually work under the hood.

Related Articles

DevOps

Best DevOps Tools for Small Teams (2026)

A practical guide to DevOps tooling for 2-10 person teams covering CI/CD, infrastructure as code, monitoring, error tracking, secrets management, feature flags, and incident management with real pricing.

12 min read

DevOps

Best Free DevOps Tools for Startups (2026)

A curated list of free DevOps tools for startups and developers covering CI/CD, monitoring, IaC, containers, secrets management, and logging with real free tier limits and upgrade pricing.

11 min read

DevOps

Best CI/CD Tools Compared: GitHub Actions vs GitLab CI vs Jenkins

A practitioner comparison of GitHub Actions, GitLab CI/CD, and Jenkins with real pricing data, performance benchmarks, YAML pipeline examples, and a decision framework for choosing the right tool.

12 min read

Enjoyed this article?

Get more like this in your inbox. No spam, unsubscribe anytime.

Comments

Loading comments...

Leave a comment

Stay in the loop

New articles delivered to your inbox. No spam.