The Kubernetes Visual Handbook
- Visual Learning Focus: This handbook uses 65+ interactive visualizers and simulations to build a strong mental model of Kubernetes concepts — from Pod lifecycle to network policies.
- Structured Curriculum: Content is organized into 5 progressive phases: Foundations → Core Concepts → Intermediate Operations → Advanced Topics → Expert Platform Engineering.
- Production-Ready Knowledge: The curriculum covers essential "Day 2" operations, real-world troubleshooting, security hardening, and platform engineering patterns used at scale.
- For All Levels: Whether you are deploying your first Pod or designing multi-cluster architectures, there is a learning path for you.
Welcome to The Kubernetes Visual Handbook — a comprehensive, open-source reference designed to help software engineers build a high-resolution mental model of Kubernetes through interactive visualization and simulation.
Why This Handbook?
Traditional Kubernetes documentation tells you what things are. This handbook shows you how they work — with interactive diagrams you can manipulate, simulations you can break, and production patterns you can study.
Every concept is paired with a visualizer that lets you experiment without risking a real cluster.
How to Use This Site
Each module follows the same learning pattern:
- Read the concept and understand the "why"
- Play with the interactive visualizer (change YAML, click nodes, simulate failures)
- Study the real-world patterns, common pitfalls, and best practices
- Practice with the hands-on exercises
Learning Paths
For Application Developers
Goal: Deploy and manage applications on Kubernetes confidently.
For DevOps / Platform Engineers
Goal: Build and operate production Kubernetes platforms.
- All of the above, plus: RBAC → Resource Management → Observability → GitOps → Security → Cluster Autoscaler
For Architects / SREs
Goal: Design resilient, multi-cluster, enterprise-grade Kubernetes architectures.
- All sections including: Service Mesh → Multi-Tenancy → Disaster Recovery → Federation → eBPF Networking → Cluster API
The Curriculum
Phase 1: Foundations (The "Why")
Before writing YAML, understand the architecture and the problem Kubernetes solves.
| Module | Topic | Visualizer |
|---|---|---|
| What is Kubernetes? | History, reconciliation loop, core benefits | Orchestration flow |
| Container Basics | VMs vs Containers, images, registries, runtimes | Container vs VM comparison |
| Alternatives | Docker Swarm vs Nomad vs ECS vs K8s | Orchestrator comparison |
| Setup | Kind, Minikube, K3d — local clusters | Tabbed install guide |
| Kubeadm | Bootstrapping from scratch | Bootstrap flow |
| Providers | EKS vs GKE vs AKS comparison | Provider comparison |
| Hello World | Your first Deployment and Service | Terminal simulator |
| Architecture | Control Plane vs Worker Nodes | Cluster architecture |
Phase 2: Core Concepts (The "What")
The building blocks you will use every day.
| Module | Topic | Visualizer |
|---|---|---|
| Pods | The atomic unit, lifecycle, multi-container patterns | Pod lifecycle simulator |
| ReplicaSets | Ensuring the desired Pod count | Reconciliation demo |
| Deployments | Rolling updates, rollbacks, deployment strategies | Deployment playground |
| StatefulSets | Databases, ordered deployment, persistent identity | Workload kind comparison |
| DaemonSets | Running agents on every node | DaemonSet visualizer |
| Services | Networking, service types, DNS | Service selector playground |
| ConfigMaps & Secrets | Configuration and sensitive data management | Config injection flow |
| Storage (PV/PVC) | Persistent volumes, storage classes, access modes | Storage binding visualizer |
| Helm | The Kubernetes package manager | Template + Values = Manifest |
| Kustomize | Configuration via overlays | Base + Overlay patching |
Phase 3: Intermediate Operations (The "How")
Moving from "it works" to "it's production-ready."
| Module | Topic | Visualizer |
|---|---|---|
| Service Discovery | CoreDNS, DNS resolution, FQDN patterns | DNS trace |
| Health Checks | Liveness, readiness, startup probes | Probe behavior simulator |
| Resource Management | Requests, limits, QoS, HPA | HPA scaling demo |
| RBAC | Roles, bindings, namespaces, service accounts | RBAC permission tree |
| Ingress | HTTP routing, TLS, controllers | Ingress routing visualizer |
| Scheduling: Taints | Taints, tolerations, node constraints | Taint simulator |
| Scheduling: Affinity | Node and pod affinity/anti-affinity | Affinity visualizer |
| Priority & Preemption | Pod priorities, preemption logic | Priority queue visualizer |
| Troubleshooting | Systematic debugging methodology | Decision tree |
| Observability | Metrics, logs, traces | Three pillars overview |
| OpenTelemetry | Unified telemetry standard | OTel Collector flow |
| Developer Experience | Telepresence, Skaffold, inner loop | Dev workflow visualizer |
Phase 4: Advanced Topics (The "Wow")
Production patterns for scale, security, and operational excellence.
| Module | Topic |
|---|---|
| Gateway API | The successor to Ingress |
| Progressive Delivery | Canary, blue-green, Argo Rollouts |
| Secrets Management | Vault, External Secrets, Sealed Secrets |
| Cost Optimization | FinOps, Kubecost, right-sizing |
| Pod Security | PSA, security contexts, standards |
| Policy as Code | Kyverno, OPA/Gatekeeper |
| Cluster Autoscaler | Node scaling, Karpenter |
| Logging Stack | FluentBit, Loki, ELK |
| Multi-Tenancy | Namespace isolation, quotas |
| Disaster Recovery | Velero, etcd backups, DR patterns |
| Crossplane | Infrastructure as Code via K8s API |
| Chaos Engineering | Resilience testing, Chaos Mesh |
| Service Mesh | Istio, Linkerd, mTLS |
| Advanced Jobs | Jobs, CronJobs, batch processing |
| GitOps | ArgoCD, Flux, declarative delivery |
| CRDs & Operators | Custom resources, operator pattern |
| Network Security | Network policies, defense in depth |
| Advanced Storage | CSI, snapshots, volume expansion |
Phase 5: Expert Tier (Platform Engineering)
Complex internals and high-scale optimization for platform engineers.
| Module | Topic |
|---|---|
| eBPF Networking | High-performance data plane with Cilium |
| CNI Deep Dive | Calico vs Cilium vs Flannel |
| Container Runtimes | CRI, containerd, CRI-O, Kata |
| VPA | Vertical Pod Autoscaling |
| Evictions | Node pressure and pod eviction |
| Node Management | Drain, cordon, maintenance |
| Custom Schedulers | Scheduling framework and plugins |
| Descheduler | Rebalancing skewed clusters |
| API Aggregation | Custom API extension servers |
| GPU & AI Workloads | LLMs and ML training on K8s |
| Cluster API | Declarative cluster lifecycle |
| Runtime Security | Falco, Tetragon, syscall detection |
| Federation | Multi-cluster global distribution |
| Windows Containers | Hybrid Linux + Windows clusters |
| Supply Chain Security | Image signing, SBOM, Sigstore |
| Admission Webhooks | Mutating and validating webhooks |
| Ephemeral Containers | kubectl debug and surgical debugging |
| Serverless K8s | Knative, KEDA, scale-to-zero |
| Topology Spread | Multi-AZ high availability |
Reference
- Glossary — 50+ Kubernetes terms defined with links to official documentation
Contributing
Found an error or want to improve a page? Every page has an "Edit this page" link at the bottom that takes you directly to the GitHub repository. Contributions are welcome.
About
This handbook is an open-source project maintained by the community. It is built with Docusaurus and hosted on GitHub Pages. The interactive visualizers are built with React and React Flow.