The Kubernetes Course
Course Info
This course includes 1 attempt.
🚀 The #1 Best-Selling Kubernetes book –Fully Updated for 2025! 🚀
For nearly a decade, The Kubernetes Book has been the go-to resource for developers, DevOps engineers, and IT professionals looking to master Kubernetes. With thousands of reviews and a track record as the most popular Kubernetes book, this Amazon bestseller is the ultimate guide to Kubernetes mastery.
What’s New in the 2025 Edition?
âś… All content & examples updated for the latest versions of Kubernetes
âś… Native sidecar containers with hands-on examples
✅ Wasm integration—build & deploy WebAssembly apps on Kubernetes
âś… Real-world node failure scenarios to enhance troubleshooting skills
âś… Simplified cluster setup for both cloud-based & local environments
Why Learn Kubernetes?
Kubernetes is the foundation of modern cloud computing, and demand for Kubernetes expertise is at an all-time high. Whether you’re running production workloads in the cloud or experimenting locally, this book equips you with the skills needed to succeed.
What You’ll Learn:
✔️ Set up Kubernetes clusters (for free!)
✔️ Understand Kubernetes architecture, scheduling, and networking
✔️ Master Pods, Deployments, Services, StatefulSets, Ingress, and more
✔️ Deploy Wasm applications to Kubernetes
✔️ Gain real-world troubleshooting & security skills
✔️ Demystify the Kubernetes API, service discovery, and load balancing
✔️ Learn Kubernetes jargon-free, with practical, hands-on examples
Who Is This Book For?
🔹 Developers & DevOps Engineers – Want to level up your containerization and cloud-native skills? This book has you covered.
🔹 IT Professionals – Need Kubernetes knowledge for managing cloud infrastructure? This book delivers exactly what you need.
Why This Book?
📖 Most comprehensive Kubernetes guide—trusted by thousands of professionals
🛠️ Packed with examples—not just theory, but practical hands-on learning
🚀 Covers the latest Kubernetes features—so you stay ahead of the curve
Master Kubernetes faster and more efficiently than ever before. Get your copy today and take your cloud-native skills to the next level!
Course Material
- 1: Preface
- 1.1: The sample app and GitHub repo
- Exercise 1
- 1.2: Windows users
- 1.3: Terminology and responsible language
- 1.4: Feedback
- Quiz 11 attempt allowed
- 2: Kubernetes primer
- 2.1: Important Kubernetes background
- 2.1.1: Orchestration
- 2.1.2: Containerization
- 2.1.3: Cloud native
- 2.1.4: Microservices
- 2.1.5: Where did Kubernetes come from
- 2.1.6: Kubernetes and Docker
- 2.1.7: What about Docker Swarm
- 2.1.8: Kubernetes and Borg: Resistance is futile!
- 2.1.9: Kubernetes–what’s in the name
- Exercise 2
- 2.2: Kubernetes: the operating system of the cloud
- 2.2.1: Application scheduling
- Exercise 3
- 2.3: Chapter summary
- Quiz 21 attempt allowed
- 3: Kubernetes principles of operation
- 3.1: Kubernetes from 40K feet
- 3.1.1: Kubernetes: Cluster
- 3.1.2: Kubernetes: Orchestrator
- Exercise 4
- 3.2: Control plane and worker nodes
- 3.2.1: The control plane
- 3.2.1.1: The API server
- 3.2.1.2: The cluster store
- 3.2.1.3: Controllers and the controller manager
- 3.2.1.4: The scheduler
- 3.2.1.5: The cloud controller manager
- 3.2.1.6: Control Plane summary
- 3.2.2: Worker nodes
- 3.2.2.1: Kubelet
- 3.2.2.2: Runtime
- 3.2.2.3: Kube-proxy
- Exercise 5
- 3.3: Packaging apps for Kubernetes
- Exercise 6
- 3.4: The declarative model and desired state
- Exercise 7
- 3.5: Pods
- 3.5.1: Pods and containers
- 3.5.2: Pod anatomy
- 3.5.3: Pod scheduling
- 3.5.4: Pods as the unit of scaling
- 3.5.5: Pod lifecycle
- 3.5.6: Pod immutability
- Exercise 8
- 3.6: Deployments
- Exercise 9
- 3.7: Service objects and stable networking
- Exercise 10
- 3.8: Chapter summary
- Exercise 11
- Quiz 31 attempt allowed
- 4: Getting Kubernetes
- 4.1: Install everything with Docker Desktop
- 4.1.1: Create a Docker account
- 4.1.2: Install Docker Desktop
- 4.1.3: Deploy Docker Desktop’s built-in multi-node Kubernetes cluster
- Exercise 12
- 4.2: Linode Kubernetes Engine (LKE)
- 4.3: Build a Kubernetes cluster in the Linode Cloud
- 4.3.1: Sign up for a Linode account
- 4.3.2: Create your LKE cluster
- Exercise 13
- 4.4: Configure kubectl
- 4.4.1: If you don’t have a kubeconfig file
- 4.4.2: If you already have a kubeconfig file
- Exercise 14
- 4.5: Test your LKE cluster
- Exercise 15
- 4.6: More about kubectl and your kubeconfig file
- Exercise 16
- 4.7: Chapter summary
- Exercise 17
- Quiz 41 attempt allowed
- 5: Working with Pods
- 5.1: Pod theory
- 5.1.0.1: Pods are an abstraction layer
- 5.1.0.2: Pods augment workloads
- 5.1.0.3: Pods enable resource sharing
- 5.1.0.4: Pods and scheduling
- 5.1.1: Deploying Pods
- 5.1.2: Pod lifecycle
- 5.1.2.1: Restart Policies
- 5.1.3: Static Pods vs controllers
- 5.1.4: The pod network
- Exercise 18
- 5.2: Multi-container Pods
- 5.2.1: Multi-container Pods: Init containers
- 5.2.2: Multi-container Pods: Sidecars
- 5.2.3: Pod theory summary
- Exercise 19
- 5.3: Hands-on with Pods
- 5.3.1: Pod manifest files
- 5.3.2: Manifest files: Empathy as Code
- 5.3.3: Deploying Pods from a manifest file
- 5.3.4: Introspecting Pods
- 5.3.4.1: kubectl get
- 5.3.4.2: kubectl describe
- 5.3.4.3: kubectl logs
- 5.3.5: kubectl exec
- 5.3.6: Pod hostnames
- 5.3.7: Check Pod immutability
- 5.3.8: Resource requests and resource limits
- 5.3.9: Multi-container Pod example–init container
- 5.3.10: Multi-container Pod example–sidecar container
- Exercise 20
- 5.4: Clean up
- Exercise 21
- 5.5: Chapter Summary
- Exercise 22
- Quiz 51 attempt allowed
- 6: Virtual clusters with Namespaces
- 6.1: Intro to Namespaces
- Exercise 23
- 6.2: Namespace use cases
- Exercise 24
- 6.3: Default Namespaces
- Exercise 25
- 6.4: Creating and managing Namespaces
- 6.4.1: Configure kubectl for a specific Namespace
- Exercise 26
- 6.5: Deploying objects to Namespaces
- Exercise 27
- 6.6: Clean up
- Exercise 28
- 6.7: Chapter Summary
- Exercise 29
- Quiz 61 attempt allowed
- 7: Kubernetes Deployments
- 7.1: Deployment theory
- 7.1.1: Deployments and Pods
- 7.1.2: Deployments and ReplicaSets
- 7.1.3: A quick word on scaling
- 7.1.4: It’s all about the state
- 7.1.4.1: Declarative vs Imperative
- 7.1.4.2: Controllers and reconciliation
- 7.1.5: Rolling updates with Deployments
- 7.1.6: Rollbacks
- Exercise 30
- 7.2: Create a Deployment
- 7.2.1: Inspecting Deployments
- 7.2.2: Accessing the app
- Exercise 31
- 7.3: Manually scale the app
- Exercise 32
- 7.4: Perform a rolling update
- 7.4.1: Pausing and resuming rollouts
- Exercise 33
- 7.5: Perform a rollback
- 7.5.1: Rollouts and labels
- Exercise 34
- 7.6: Clean up
- Exercise 35
- 7.7: Chapter summary
- Quiz 71 attempt allowed
- 8: Kubernetes Services
- 8.1: Service Theory
- 8.1.1: Labels and loose coupling
- 8.1.2: Behind the scenes with EndpointSlices
- 8.1.3: Service types
- 8.1.3.1: ClusterIP Services - Accessing apps from inside the cluster
- 8.1.3.2: NodePort Services - Accessing apps from outside the cluster
- 8.1.3.3: LoadBalancer Services - Accessing apps via load balancers
- 8.1.4: Summary of Service theory
- Exercise 36
- 8.2: Hands-on with Services
- 8.2.1: Working with Services imperatively
- 8.2.2: The declarative way
- 8.2.2.1: A Service manifest file
- 8.2.2.2: Inspecting Services
- 8.2.2.3: EndpointSlice objects
- Exercise 37
- 8.3: Clean up
- Exercise 38
- 8.4: Chapter Summary
- Exercise 39
- Quiz 81 attempt allowed
- 9: Ingress
- 9.1: Setting the Scene for Ingress
- Exercise 40
- 9.2: Ingress architecture
- Exercise 41
- 9.3: Hands-on with Ingress
- 9.3.1: Install the NGINX Ingress controller
- 9.3.2: Ingress classes
- 9.3.3: Configure host-based and path-based routing
- 9.3.3.1: Deploy the sample environment
- 9.3.3.2: Create the Ingress object
- 9.3.3.3: Inspecting Ingress objects
- 9.3.3.4: Configure DNS name resolution
- 9.3.3.5: Test the Ingress
- Exercise 42
- 9.4: Clean up
- Exercise 43
- 9.5: Chapter summary
- Exercise 44
- Quiz 91 attempt allowed
- 10: Wasm on Kubernetes
- 10.1: Wasm Primer
- 10.1.1: Wasm security
- 10.1.2: Wasm portability
- 10.1.3: Wasm performance
- 10.1.4: Quick recap
- Exercise 45
- 10.2: Understanding Wasm on Kubernetes
- Exercise 46
- 10.3: Hands-on with Wasm on Kubernetes
- 10.3.1: Install and test the pre-requisites
- 10.3.2: Write and compile the Wasm app
- 10.3.3: Build an OCI image and push it to an OCI registry
- 10.3.4: Build and configure a new multi-node Kubernetes cluster for Wasm
- 10.3.5: Deploy and test the app
- 10.3.6: Clean up
- Exercise 47
- 10.4: Chapter Summary
- Exercise 48
- Quiz 101 attempt allowed
- 11: Service discovery deep dive
- 11.1: Setting the scene
- Exercise 49
- 11.2: The service registry
- Exercise 50
- 11.3: Service registration
- Exercise 51
- 11.4: Service discovery
- 11.4.1: ClusterIP routing
- 11.4.2: Summarising service discovery
- Exercise 52
- 11.5: Service discovery and Namespaces
- 11.5.1: Service discovery example
- Exercise 53
- 11.6: Troubleshooting service discovery
- Exercise 54
- 11.7: Clean up
- 11.8: Chapter summary
- Exercise 55
- Quiz 111 attempt allowed
- 12: Kubernetes storage
- 12.1: The big picture
- Exercise 56
- 12.2: Storage Providers
- Exercise 57
- 12.3: The Container Storage Interface (CSI)
- Exercise 58
- 12.4: The Kubernetes persistent volume subsystem
- Exercise 59
- 12.5: Dynamic provisioning with Storage Classes
- 12.5.1: A StorageClass YAML
- 12.5.2: Working with StorageClasses
- 12.5.3: Additional volume settings
- 12.5.3.1: Access mode
- 12.5.3.2: Reclaim policy
- Exercise 60
- 12.6: Hands-on
- 12.6.1: Use an existing StorageClass
- 12.6.2: Create and use a new StorageClass
- Exercise 61
- 12.7: Clean up
- Exercise 62
- 12.8: Chapter Summary
- Exercise 63
- Quiz 121 attempt allowed
- 13: ConfigMaps and Secrets
- 13.1: The big picture
- 13.1.1: What it looks like in a decoupled world
- Exercise 64
- 13.2: ConfigMap theory
- 13.2.1: How ConfigMaps work
- 13.2.2: ConfigMaps and Kubernetes-native apps
- Exercise 65
- 13.3: Hands-on with ConfigMaps
- 13.3.1: Creating ConfigMaps imperatively
- 13.3.2: Inspecting ConfigMaps
- 13.3.3: Creating ConfigMaps declaratively
- 13.3.4: Injecting ConfigMap data into Pods and containers
- 13.3.4.1: ConfigMaps and environment variables
- 13.3.4.2: ConfigMaps and container startup commands
- 13.3.4.3: ConfigMaps and volumes
- Exercise 66
- 13.4: Hands-on with Secrets
- 13.4.1: Are Kubernetes Secrets secure?
- 13.4.2: Creating Secrets
- 13.4.3: Using Secrets in Pods
- Exercise 67
- 13.5: Clean up
- Exercise 68
- 13.6: Chapter Summary
- Exercise 69
- Quiz 131 attempt allowed
- 14: StatefulSets
- 14.1: StatefulSet theory
- 14.1.1: StatefulSet Pod naming
- 14.1.2: Ordered creation and deletion
- 14.1.3: Deleting StatefulSets
- 14.1.4: StatefulSets and Volumes
- 14.1.5: Handling failures
- 14.1.6: Network ID and headless Services
- Exercise 70
- 14.2: Hands-on with StatefulSets
- 14.2.1: Deploy the StorageClass
- 14.2.2: Create a governing headless Service
- 14.2.3: Deploy the StatefulSet
- 14.2.4: Testing peer discovery
- 14.2.5: Scaling StatefulSets
- 14.2.6: Rollouts
- 14.2.7: Test a Pod failure
- 14.2.8: Test a node failure
- 14.2.9: Deleting StatefulSets
- Exercise 71
- 14.3: Clean up
- 14.4: Chapter Summary
- Exercise 72
- Quiz 141 attempt allowed
- 15: API security and RBAC
- 15.1: API security big picture
- Exercise 73
- 15.2: Authentication
- 15.2.1: Checking your current authentication setup
- Exercise 74
- 15.3: Authorization (RBAC)
- 15.3.1: RBAC big picture
- 15.3.2: Users and Permissions
- 15.3.2.1: Looking closer at rules
- 15.3.3: Cluster-level users and permissions
- 15.3.4: Real-world example
- 15.3.5: Summarizing authorization
- Exercise 75
- 15.4: Admission control
- Exercise 76
- 15.5: Chapter summary
- Exercise 77
- Quiz 151 attempt allowed
- 16: The Kubernetes API
- 16.1: Kubernetes API big picture
- 16.1.1: JSON serialization
- 16.1.2: API analogy
- Exercise 78
- 16.2: The API server
- 16.2.1: A word on REST and RESTful
- 16.2.2: Hands-on
- 16.2.3: A word on CRUD
- Exercise 79
- 16.3: The API
- 16.3.1: The core API group
- 16.3.2: Named API groups
- 16.3.3: Inspecting the API
- 16.3.4: Alpha beta and stable
- 16.3.5: Resource deprecation
- 16.3.6: Extending the API
- 16.3.7: Clean up
- Exercise 80
- 16.4: Chapter summary
- Exercise 81
- Quiz 161 attempt allowed
- 17: Threat modeling Kubernetes
- 17.1: Threat modeling
- Exercise 82
- 17.2: Spoofing
- 17.2.1: Securing communications with the API server
- 17.2.2: Securing Pod communications
- Exercise 83
- 17.3: Tampering
- 17.3.1: Tampering with Kubernetes components
- 17.3.2: Tampering with applications running on Kubernetes
- Exercise 84
- 17.4: Repudiation
- Exercise 85
- 17.5: Information Disclosure
- 17.5.1: Protecting cluster data
- 17.5.2: Protecting data in Pods
- Exercise 86
- 17.6: Denial of Service
- 17.6.1: Protecting cluster resources against DoS attacks
- 17.6.2: Protecting the API Server against DoS attacks
- 17.6.3: Protecting the cluster store against DoS attacks
- 17.6.4: Protecting application components against DoS attacks
- Exercise 87
- 17.7: Elevation of privilege
- 17.7.1: Protecting the API server
- 17.7.2: Protecting Pods
- 17.7.2.1: Do not run processes as root
- 17.7.2.2: Capability dropping
- 17.7.2.3: Filter syscalls
- 17.7.2.4: Mandatory Access Controls
- 17.7.2.5: Prevent privilege escalation by containers
- 17.7.3: Standardizing Pod Security with PSS and PSA
- 17.7.4: Pod Security Standards (PSS)
- 17.7.5: Pod Security Admission (PSA)
- 17.7.6: PSA examples
- 17.7.6.1: Alternatives to Pod Security Admission
- 17.7.7: Towards a more secure Kubernetes
- Exercise 88
- 17.8: Chapter summary
- Quiz 171 attempt allowed
- 18: Real-world Kubernetes security
- 18.1: Security in the software delivery pipeline
- 18.1.1: Image Repositories
- 18.1.2: Use approved base images
- 18.1.3: Manage the need for non-standard base images
- 18.1.4: Control access to images
- 18.1.5: Moving images from non-production to production
- 18.1.6: Vulnerability scanning
- 18.1.7: Configuration as code
- 18.1.8: Sign container images
- 18.1.9: Image promotion workflow
- Exercise 89
- 18.2: Workload isolation
- 18.2.1: Cluster-level workload isolation
- 18.2.1.1: Namespaces and soft multi-tenancy
- 18.2.1.2: Namespaces and hard multi-tenancy
- 18.2.2: Node isolation
- 18.2.3: Runtime isolation
- 18.2.4: Network isolation
- 18.2.4.1: Kubernetes and overlay networking
- 18.2.4.2: Kubernetes and BGP
- 18.2.4.3: How this impacts firewalls
- 18.2.4.4: Packet capture
- Exercise 90
- 18.3: Identity and access management (IAM)
- 18.3.1: Managing Remote SSH access to cluster nodes
- 18.3.1.1: Multi-factor authentication (MFA)
- Exercise 91
- 18.4: Security monitoring and auditing
- 18.4.1: Baseline best practices
- 18.4.2: Container and Pod lifecycle events
- 18.4.3: Forensic checkpointing
- 18.4.4: Application logs
- 18.4.5: Actions performed by users
- 18.4.6: Managing log data
- 18.4.7: Alerting for security-relevant events
- 18.4.8: Migrating existing apps to Kubernetes
- Exercise 92
- 18.5: Real-world example
- Exercise 93
- 18.6: Chapter summary
- Quiz 181 attempt allowed
- 19: Terminology
- Exercise 94
- Quiz 191 attempt allowed
- 20: Outro and what next
- 20.1: Docker, containers, and AI
- 20.2: Get involved with the community
- 20.3: Connect with me
- 21: About the authors
- 21.1: Author: Nigel Poulton
- 21.2: Contributing author: Pushkar Joglekar
Instructors
Nigel is a self confessed technology addict who is hell-bent on creating the best Kubernetes and cloud learning resources on the planet. He's the author of over 16 video training courses at Pluralsight, as well as more at A Cloud Guru, Udemy and more... He's active on Twitter, creates weekly and monthly Kubernetes videos on YouTube, and his website is the best place for links to learn about Kubernetes. When he's not rocking it with Kubernetes, he likes cars and football.
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $14 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
