Understand how nodes form a cluster with master and worker roles, and how api server, etcd, kubelet, controllers, scheduler, and kubectl orchestrate containers across runtimes.

Compare Docker and containerd, explain CRI interface, OCI standards, and why Kubernetes moved from dockershim to containerd; explore nerd CTL as docker-like CLI and CRI control for debugging.

We clarify Docker deprecation in Kubernetes, noting containerd as the CRI-compatible runtime and that Kubernetes no longer requires Docker, while Docker remains popular for development.

Deploy pods to run containers and scale by creating new pods on nodes. Pods have a 1-to-1 relationship with containers and share network and storage, with Kubernetes handling deployments.

Learn how to create a Kubernetes pod using a YAML configuration file by defining apiVersion, kind, metadata, and spec, including a single container with the nginx image and labels.

Create a pod from a yaml file using a text editor, defining api version, kind, metadata, and spec with a containers list using nginx. Deploy with cube-control create pod-definition.yaml.

Navigate the Kubernetes practice test portal and live lab to run commands, edit files with VI, and complete scenario-based questions to prepare for the CKAD.

Access real hands-on labs for the CKAD course directly in your browser via kodekloud; create a separate kodekloud account, then locate lab courses and mark each lab complete.

Explore creating and managing pods with kubectl, inspecting pod details, handling image pull errors, and deploying Redis via YAML to achieve running pods on the control plane.

Discover how replication controller and replica set maintain high availability and load balance by managing pod replicas with templates, selectors, and labels, using kubectl create, get, and scale.

Explore the ReplicaSets lab solution, diagnose BusyBox image pull failures and api version issues, fix selector mismatches, and observe how ReplicaSets maintain the desired pod count and scale.

Explore how deployments manage multiple production web server instances with rolling updates, rollbacks, and pause-and-resume changes, while deployment definitions create replica sets and pods for controlled upgrades.

Explore deployments using kubectl; observe a replica set and four pods, zero ready due to missing busybox image, then fix kind capitalization and create httpd front end with three replicas.

Explore Kubernetes namespaces, including the default namespace, kube system, and kube public, and learn to isolate resources with quotas; reference cross-namespace services via the DNS format service.namespace.svc.cluster.local.

Explore kubectl namespace management in Kubernetes, including listing namespaces, inspecting pods in research and finance, creating namespace-scoped pods, and resolving DB service DNS in marketing and dev.

Learn how Kubernetes services connect front-end and back-end pods and enable cross-component communication. Expose apps with node port, cluster IP, or load balancer, and distribute requests across pods and nodes.

Explore cluster IP services that group backend pods and expose an interface for front end to backend communication. Create service with ports, selectors, and kubectl, noting cluster IP as default.

Explain how to inspect the default ClusterIP service, its target port 6443, and endpoints, then create a NodePort service from a definition to expose the web app UI at 30080.

Explore kubectl explain and kubectl api resources to inspect resource fields from the terminal, and use dot notation and the recursive flag to produce a complete YAML-ready field list.

Practice this imperative commands lab to create pods and services with kubectl, apply labels, expose deployments, and manage namespaces in a Kubernetes cluster.

Focus on the provided labs and videos to build Kubernetes CKAD skills efficiently. Avoid premature local setups and access resources later for a local setup.

Define, build, and modify Docker images by writing a Dockerfile, selecting a base image, copying code, and configuring the entry point, then build, leverage layers, and push.

Master how commands, arguments, and the entrypoint define the container process in Docker, compare cmd and entrypoint, and learn to build images with predictable startup behavior.

Explore how Kubernetes pods use commands and arguments to control container startup, mapping command and args to Docker entrypoint and cmd, and overriding them in pod definitions.

Master commands and arguments in Kubernetes pods, including command arrays and entrypoints, editing YAML files, and passing app arguments with kubectl run.

Learn how to set environment variables in Kubernetes using the env array in a Pod definition, with name and value, and explore valueFrom via ConfigMaps or Secrets.

Explore configuring data with ConfigMaps in Kubernetes, create them imperatively or declaratively, and inject key value pairs into pods as environment variables using envFrom.

Learn to configure pod environments with ConfigMaps in Kubernetes, inspect pods, create and reference config maps, and update a pod to reflect color changes.

Explore how Kubernetes secrets securely store sensitive data, contrast with configmaps, create secrets (imperative and declarative), encode with base64, and inject them into pods as environment variables or files.

Learn to create and use Kubernetes secrets to configure a web app with a MySQL database, pass secrets as environment variables, and troubleshoot secret-related deployment failures.

Demonstrates encrypting secret data at rest in a Kubernetes cluster by configuring an encryption provider for etcd, creating secrets, and verifying encryption status via the API server and etcd.

Explore docker security concepts, including namespaces, root privileges, and linux capabilities, and learn how cap add, cap drop, and the privileged flag control container access.

Explore security contexts in Kubernetes by configuring the security context under the pod spec, using run as user and Linux capabilities at the pod or container level, and understanding overrides.

Describe how security contexts set and override run as user in Kubernetes pods, document container vs pod level settings, and add SYS_TIME and NET_ADMIN capabilities in ubuntu-sleeper and multi-pod configurations.

Learn how resource requests and limits guide the scheduler in a three-node cluster, and how throttling, out-of-memory, limit ranges, and quotas shape usage.

Identify a 1 cpu request for the rabbit pod, delete it, diagnose the elephant pod as oomkilled from memory limits, then increase its memory limit and redeploy.

Learn how Kubernetes service accounts enable machine authentication to the API by mounting tokens into pods, including default accounts, token secrets, and the TokenRequestAPI with time-bound tokens since 1.22.

Discover how to manage service accounts in the default namespace and create dashboard-sa with RBAC. Mount credentials from var/run/secrets and use a token to authenticate to the Kubernetes API.

Explore taints and tolerations to control pod scheduling on nodes, using blue taint examples, tolerations, and effects like no schedule and no execute.

Practice taints and tolerations in a two-node cluster: taint node 01 with spray=morteen:no-schedule, deploy a bee pod with a toleration, then run mosquito after removing the control plane taint.

Learn how to control pod placement in Kubernetes using node selectors, labeling nodes with size=large, and how the scheduler matches pods to nodes.

Explore node affinity in Kubernetes, using required and preferred scheduling rules, with in, not in, and exists operators, to control pod placement and execution behavior.

Learn node affinity: label node zero one, deploy blue nginx with three replicas, and constrain pods to node zero one and the control plane with a label exists rule.

Apply taints and tolerations to keep other pods off your nodes, and combine them with node affinity to ensure your pods land on the correct colored nodes.

Explore multi-container pods in Kubernetes, enabling decoupled microservices to run together, with two containers sharing lifecycle, network space and storage, and communicating as localhost within a single pod.

Explore multi-container pod design patterns, including co-located, init, and sidecar containers, with an Elasticsearch and Kibana example using Filebeat as a log shipper.

Walks through identifying init containers in Kubernetes pods using kubectl describe, clarifies init order with purple’s two init containers, and fixes a Busybox sleep typo in orange and red pods.

Explore how readiness probes tie container readiness to actual application state, preventing traffic from reaching not-yet-ready pods and ensuring smooth multi-pod service routing in Kubernetes.

Discover how Kubernetes uses liveness probes to restart unhealthy containers, using SCTP get option for APIs, TCP socket for ports, or exec for commands, with initial delay and period seconds.

Learn to configure readiness and liveness probes for a multi pod web app in Kubernetes, validate with curl tests, and ensure load balancing and auto recovery.

Explore Kubernetes logging from docker logs for an Event Simulator to pod logs via kube control logs -f, and learn to specify container names for multi-container pods.

Learn to view application logs with kubectl, inspect specific containers in multi-container pods, and identify issues such as account lockouts and items out of stock from log warnings.

Monitor a Kubernetes cluster by collecting node and pod metrics, including health status, CPU, memory, network, and disk utilization, via the metrics server.

Deploy the metric server to monitor resource usage in a Kubernetes cluster, then use kubectl top to identify the pods and nodes with the highest cpu and memory.

Learn how labels and selectors group and filter Kubernetes objects, connect pods to a replica set, and use annotations for informational details like version and build.

Learn how to use labels and selectors in Kubernetes to filter pods by environment and business unit, count without headers, and fix replica set selectors to match template labels.

Learn how Kubernetes handles rolling updates and rollbacks with deployment revisions, replica sets, and status and history checks, and compare recreate versus rolling update strategies.

Explore rolling updates and rollbacks on a four-pod front-end deployment, updating container images from v1 to v2 and then to v3, observing blue to green transitions.

Use blue-green deployment by running the new version alongside the old, then switch the service selector from v1 to v2 after tests.

Discover canary updates in Kubernetes by routing a small percentage to a new version while the primary deployment serves the rest, enabling a rolling upgrade path with deployments and services.

Demonstrate deployment strategies by identifying a rolling update, routing traffic via the frontend-service to frontend-v2, and safely shifting all traffic from v1 to v2 while scaling and deleting deployments.

Explore how Kubernetes jobs run batch tasks to completion, override the default pod restart policy, and use completions, parallelism, and log outputs.

Learn how to use Kubernetes cronjobs to schedule tasks, such as generating reports and emailing results, with a cron-like schedule and a structured cronjob template that creates jobs and pods.

Deploy a throw-dice pod to generate a number, create a job with a back-off limit to obtain a six, and configure a cron job at 21:30 daily.

Create kubernetes network policies to enforce ingress from the api pod to the database on port 3306, using labels and selectors.

Develop a database pod network policy by blocking all traffic and granting ingress only from the API pod on port 3306, using pod, namespace, and IP block selectors.

Explore Kubernetes network policies by inspecting pods and services, and implement an internal policy that allows internal pod egress to payroll on 8080 and MySQL on 3306.

Configure ingress in Kubernetes to route traffic by URL path or domain to multiple services using an ingress controller (nginx), with SSL termination and a single external URL.

Explore ingress networking in Kubernetes by configuring an nginx ingress controller, defining namespace-scoped ingresses, adding new paths for food and pay services, and applying rewrite annotations to route traffic correctly.

Explore ingress networking by deploying an nginx ingress controller in a dedicated namespace, configuring a configmap and service account, and exposing the controller to route wear and video services.

Explore storage in containers and Kubernetes, starting with Docker storage basics, storage drivers, and volume driver plugins. The upcoming video will discuss storage drivers and volume drivers.

Explore Docker storage drivers and file systems, learn where docker stores data under var lib docker, how layers and copy-on-write work, and how volumes and mounts persist container data.

Explore how storage drivers and volume driver plugins manage persistent data in Docker containers, with local driver as default and volume options like Rex Ray for AWS EBS in Kubernetes.

Explore volumes in Kubernetes, how they persist data beyond pods by mounting host paths or external storage, and review options like NFS, AWS EBS, and Azure Disk.

Discover how persistent volumes create a cluster-wide storage pool managed by an administrator. Users carve storage via persistent volume claims and configure a persistent volume with access modes and capacity.

Create a persistent volume claim and bind it to a persistent volume using access modes, storage class, and selectors; understand binding, lifecycle, and dynamic provisioning with container storage interface drivers.

Configure a host path persistent volume and a claim, bind them to the pod, and mount logs at /pv/log and /var/log/webapp.

Explore how storage classes enable dynamic provisioning of storage in kubernetes. Use a provisioner like kubernetes.io/pd on Google Cloud to automatically create disks, PVs, and bind them to PVCs.

Understand why stateful sets in Kubernetes enable a master-slave database setup with MySQL replication. See how ordered pod creation and stable names like mysql-0 support reliable cloning and continuous replication.

Explore StatefulSets in Kubernetes, their use cases, and how they deploy pods in an ordered manner with stable names and a headless service. Learn scaling, termination, and parallel pod management.

Explore headless services in Kubernetes—stateful sets use host name and subdomain to create pod-specific DNS entries without load balancing, enabling direct access to the master MySQL pod.

Master storage in stateful sets by using persistent volumes and claims, apply volume claim templates for per-pod PVCs, and ensure stable storage by reattaching pods to their PVCs after failures.

Explore the security primitives in Kubernetes, from securing hosts and API server access to authentication, authorization, TLS, RBAC, ABAC, and network policies governing pod communication.

Authenticate users via the kube API server using static password and token files or certificates, with third‑party providers like LDAP or Kerberos.

Configure access to multiple Kubernetes clusters using kubeconfig, defining clusters, users, and contexts. Learn to use kube control with contexts, namespaces, and certificate data, including base64-encoded certificates.

Identify kube config issues, validate clusters, contexts, and users, and fix the dev user certificate to restore access to test cluster one.

Explore how Kubernetes API groups organize core and named resources, learn about verbs and API paths like v1, and compare direct API access with kube control proxy.

Explain how authorization restricts who can act in a Kubernetes cluster and implement it with node authorizer, attribute-based access control, role-based access control, webhook, and Open Policy Agent.

Create and apply Kubernetes roles and role bindings to grant pod and configmap access, scope them to namespaces, and test permissions using kubectl can-i and the as user option.

Study role-based access controls in Kubernetes, inspect authorization modes on the kube API server, and use RBAC with role bindings to manage pods, config maps, and deployments.

Explore cluster roles and cluster role bindings to authorize access to cluster-wide resources such as nodes and persistent volumes, and distinguish them from namespaced roles.

Inspect cluster roles and cluster role bindings, noting their cluster-wide scope. Create a storage admin cluster role and binding to grant Michelle access to nodes, persistent volumes, and storage classes.

Explore admission controllers that validate and mutate requests before pod creation. See built-in examples like namespace exists and namespace lifecycle.

Explore admission controllers in Kubernetes by identifying default and non-default plugins, enabling NamespaceAutoProvision, disabling DefaultStorageClass, and validating changes via the kube-apiserver manifest and API server restarts.

Explore mutating and validating admission controllers in kubernetes, including the default storage class and namespace existence checks. Configure external admission webhooks and webhook configuration objects for policy enforcement.

Master mutating and validating admission controllers and their call flow, mutating before validating, in a Kubernetes webhook lab. Deploy namespaces, TLS secrets, and a security context demo for pods.

Explore Kubernetes API versions from alpha to GA, distinguish preferred versus storage versions, and learn to enable specific versions via runtime config and etcd storage.

Explore api deprecations and version lifecycles from alpha to ga, and learn to migrate yaml manifests with cube convert as you update release notes.

Identify deployment, replica set, cron job, and custom resource definition short names with kubectl api-resources; verify patch versions and api groups, and enable v1alpha1 for RBAC in the control plane.

Explore custom resource definitions in Kubernetes by defining a flight ticket CRD with flights.com/v1, including scope, names, versions, and an openapi schema, plus a controller to act on it.

Develop and run a custom controller that watches flight ticket CRs in ETCD, calling the flight booking API to book, edit, or cancel tickets, using Go and shared informers.

Discover how the operator framework packages a crd and a custom controller into a single deployable operator, enabling Kubernetes app deployment, backups, and restoration via the operator lifecycle manager.

Helm is a Kubernetes package and release manager that treats app components as a single package, enabling install, upgrade, rollback, and uninstall with a single command and value.yaml.

Install Helm after configuring a functional Kubernetes cluster and kubectl with kubeconfig credentials. Explore Helm installation on Linux, using snap or apt-based methods, and follow the latest OS-specific instructions.

Identify the operating system as ubuntu, install helm from the official docs, validate the installation, check the env command and version, and enable verbose output with --debug.

Explore helm concepts by converting deployment files into templates and a values.yaml, forming a helm chart with chart.yaml metadata (name, version, description, keywords) for environment-specific WordPress deployments.

Learn helm concepts through a lab: search wordpress on artifact hub, add bitnami repo, inspect joomla, install drupal bravo, pull apache, and deploy mywebapp with replicas 2 and nodeport 30080.