Background

I've recently been working a lot more with Kubernetes across various platforms including AWS EKS, Azure AKS, and GCP GKE. My focus has mostly been on detecting threats in Kubernetes environments so, in an effort to learn more, I decided to work on Kubernetes the hard way which is a guide optimized for learning Kubernetes.

The process involves taking the long route to ensure you understand each task and component required to bootstrap a Kubernetes cluster. For me, understanding all the components of a Kubernetes cluster means being able to identify and detect threats in these components individually & holistically.

Link: https://github.com/kelseyhightower/kubernetes-the-hard-way

Video Walkthrough:

What is covered?

• The lab starts with the prerequisites of setting up Google Cloud Platform (GCP) & the Google Cloud SDK.
• Installing client tools and command-line utilities.
• Provisioning compute and networking resources including VPC, Firewall Rule, Compute Instances, Worker Nodes, etc.
• Provisioning a Certificate Authority and Generating TLS Certificates.
• Generating Kubernetes Configuration Files for Authentication.
• Generating Data Encryption Config and Key.
• Bootstrapping an etcd Cluster.
• Bootstrapping a Kubernetes Control Plane.
• Bootstrapping Kubernetes Worker Nodes.
• Configuring kubectl for Remote Access.
• Provisioning Pod Network Routes.
• Deploying the DNS Cluster Add-on.
• Running a Smoke Test.
• Cleaning up.