tags in the . .ico is the /favicon.ico fallback that<br>many crawlers, RSS readers, and older Safari hit directly.<br>The ?v= query bumps when the icon design changes — it signals Cloudflare<br>and Google to re-fetch instead of serving the old cached file. Increment<br>this whenever the icon changes; otherwise leave it alone. -->
` so the font<br>fetch starts in parallel with HTML parse<br>- No third-party privacy + GDPR considerations from gstatic.com
To refresh after a Google Fonts version bump, re-fetch the Latin<br>subset URLs (see https://fonts.googleapis.com/css2?... in a modern<br>UA) and replace the woff2 files. The @font-face blocks below stay<br>the same.<br>-->
Kubernetes Study Path — From kubectl to a Production Cluster
Skip to content Search tools and guides ⌘K
Day-0 → Month-6 · curriculum<br>Study path · Kubernetes<br>Kubernetes,<br>learned properly.<br>A single-page curriculum. Read what to read, run what to run, memorise what to memorise.<br>From kubectl get pods on day-zero, to writing your own operator at month six.<br>Tier I Day-zero never run a cluster Tier II Practitioner kubectl daily Tier III Operator owns production Tier IV Platform / SRE builds tools on top<br>Tap a tier — the page will scroll to the mental models and weight emphasis to the sections that matter for that audience. Tap again to reset.<br>controlnode 1node 2node 3declarative cluster
controlplaneapi · etcd · sched Deep dives<br>Kubernetes internals<br>Ten sub-pages — the API server, etcd, the controller pattern, kubelet, kube-proxy, the scheduler, CRI / CNI / CSI, admission webhooks, and the path a Pod takes from kubectl apply to a running container on a node. Each chapter is a guided walkthrough of the control plane code path, with the YAML on one side and the control loops on the other.
In this path<br>Why Kubernetes<br>The 12 mental models<br>Day-zero — first hour<br>Day-1 to Day-7<br>Week-1 to Month-3<br>Books that matter<br>Courses & labs<br>Certifications ladder<br>Documentation canon<br>Talks & videos<br>Newsletters<br>Hands-on environments<br>kubectl cheat sheet<br>Common mistakes<br>Semicolony assets<br>Roadmap<br>kubectl flashcards<br>Keep going<br>Print this page<br>it makes a study handout<br>Why Kubernetes exists.<br>Kubernetes is an orchestrator for containers — declarative, self-healing, control-loop-shaped. It exists because once you have more than 50 containers running across more than two machines, you start re-inventing the same five things: scheduling, health checks, rolling updates, service discovery, and config distribution. Kubernetes is what you'd build if you ran that fleet in production for a decade. Google did, called it Borg, then open-sourced a clean rewrite in 2014.<br>The mental model is simple and worth committing to memory: every Kubernetes concept is a declarative resource reconciled by a control loop. You write down what you want; the controller compares it to what is, and acts to close the gap. Pods, Deployments, Services, Ingress, ConfigMaps — every one of them follows the same pattern. The complexity is in the surface area, not the design.<br>When not to use Kubernetes. Single-binary apps. Fleets under ten containers. Workloads that fit in a managed PaaS (Heroku, Fly.io, Railway). Anything where the operational tax of a control plane (~$70/month minimum on managed K8s) outweighs the benefit. Kubernetes pays back at scale; it punishes small.
The twelve mental models you must build.<br>Twelve concepts cover ~95% of Kubernetes' user-facing surface. Get these into your bones in the first week — every other resource (CronJob, HorizontalPodAutoscaler, NetworkPolicy, ResourceQuota) reduces to a recombination of these.<br>01 Pod Day-zero The atom. One or more containers sharing network and storage. The thing the scheduler places.<br>02 Deployment Day-zero Declarative replicas + rolling-update logic. The thing 80% of workloads are.<br>03 Service Day-zero A stable virtual IP for an unstable set of pods. ClusterIP, NodePort, LoadBalancer, Headless.<br>04 ConfigMap / Secret Practitioner Per-environment configuration as a first-class object. Mountable as env or file.<br>05 Namespace Practitioner A multi-tenancy boundary. Quotas, RBAC, network policies all scope here.<br>06 Controller Operator A reconciliation loop — observe → diff → act. The core mental model of the entire system.<br>07 RBAC Operator Role-based access control. Subjects + verbs + resources. Read this carefully or you will deeply regret it.<br>08 StatefulSet Practitioner A Deployment with stable identities and ordered rollout. For databases and queues.<br>09 DaemonSet Operator Pod-per-node. Log shippers, CSI drivers, network plugins live here.<br>10 HPA / VPA Practitioner Horizontal vs vertical autoscaling. The HPA is what you actually use.<br>11 Ingress / Gateway Operator L7 entry point. Ingress is legacy-stable; Gateway API is the future.<br>12 Operator / CRD Platform A controller for your own resource type. The escape hatch for everything K8s does not natively model.
Day-zero — your first hour.<br>One hour, no cloud credit, no YAML. You'll have a working local cluster, a running pod, and...