Kubernetes For Sysadmins Workshop

Length: 2.5 hours (including concluding Q&A)

Prerequisites: Familiarity with the Linux command line and basic networking; user creation of a Kubernetes cluster in their own cloud account or VM(s) for lab use prior to the session. Note: clusters for use with this session should have workers which are accessible via SSH or other direct command-line access, e.g. Amazon EKS with EC2 workers.

• Preferred: Familiarity with Terraform/OpenTofu and the AWS CLI; ownership of an AWS account; creation of an EKS cluster for lab use prior to the session (Terraform config for creating a basic EKS cluster will be provided). Other clouds/VMs and Kubernetes distributions may be used but configuration specifics may differ from examples presented.

This lab will dive into how the high-level concepts of Kubernetes components and workloads are reflected on the nodes those components and workloads run on. Topics covered include:

• Container images and filesystems
• Container processes: namespaces and cgroups; execution environment inside a container
• Container networking: bridges and virtual interfaces
• Basic Kubernetes components and how they run on control plane nodes
• Kubernetes workload abstractions: mechanics of pods
• Kubernetes traffic routing and service discovery: iptables and cluster DNS
• TLS in Kubernetes clusters
• (if time permits) Service mesh basics: sidecar proxies, per-node proxies and eBPF