Kubernetes

What It Is

Kubernetes, commonly shortened to K8s, is an open source container orchestration platform originally developed at Google and donated to the Cloud Native Computing Foundation in 2014. It automates the deployment, scaling, and operational management of containerised applications across clusters of machines. Where Docker answers the question of how to package an application, Kubernetes answers the harder question of how to run thousands of those packages reliably, across dozens or hundreds of servers, with self healing, load balancing, and zero downtime deployments built in.

Why It Matters

Before container orchestration existed, running applications at scale meant writing brittle shell scripts, managing server inventories by hand, or leaning on expensive commercial schedulers that locked you into a vendor. Kubernetes changed the economics and the model. It treats your entire cluster as a single computing surface. You declare what you want, a number of replicas, a resource budget, a health check interval, and Kubernetes continuously works to make reality match that declaration. If a node fails, pods are rescheduled. If a deployment is unhealthy, rollouts pause and wait. If traffic spikes, the Horizontal Pod Autoscaler adds capacity.

The wider impact goes beyond convenience. Kubernetes became the substrate on which modern cloud native architecture is built. Managed offerings from every major cloud provider (GKE, EKS, AKS) mean that a team can move an entire production workload between clouds without rewriting anything except a few endpoint URLs. That portability shifted negotiating power away from cloud lock-in and toward teams who understand the platform.

For SREs in particular, Kubernetes introduced an entirely new reliability discipline. Concepts like liveness and readiness probes, PodDisruptionBudgets, and topology spread constraints encode operational intent directly into the deployment spec. Reliability is no longer something you layer on after the fact; it is something you express alongside the application code, reviewed in the same pull request, tracked in the same version history.

In Practice

• Deployments and rolling updates: a Deployment resource manages replica sets and performs rolling updates automatically. You change an image tag, apply the manifest, and Kubernetes replaces pods one by one while traffic continues to flow. Set maxUnavailable: 0 to guarantee zero downtime updates.
• Services and Ingress: Service resources give pods a stable network identity regardless of which nodes they land on. An Ingress resource in front of your cluster exposes multiple services under a single external IP with path-based or host-based routing, TLS termination, and rate limiting handled at the edge.
• ConfigMaps and Secrets: configuration and credentials are kept separate from container images. ConfigMap holds plain values; Secret holds base64-encoded sensitive data. Both are mounted as environment variables or files into pods at runtime, which is exactly the pattern covered in our Anecdotes episode on Angular SSR environment variables.
• Namespaces and RBAC: multi team clusters use namespaces to partition workloads and RBAC policies to control who can read, write, or delete resources. A developer can have full access to the staging namespace and read-only access to production.
• Horizontal Pod Autoscaler: scales your deployment based on CPU utilisation, memory pressure, or custom metrics exposed through the metrics API. Combined with cluster autoscaler (which adds and removes nodes), the entire stack can scale end to end without manual intervention.

Key Insight

Kubernetes is not a deployment tool. It is a control loop. Every resource you define, a Deployment, a Service, an Ingress, is a desired state that a controller watches and enforces continuously. Understanding this reconciliation model changes how you debug: rather than asking “what did the deploy script do”, you ask “what does the current state differ from the desired state, and why is the controller not closing the gap”. Once that mental model clicks, the platform becomes dramatically more predictable.