explaingit

kelseyhightower/kubernetes-the-hard-way

Analysis updated 2026-06-20

48,191Audience · ops devopsComplexity · 4/5LicenseSetup · hard

TLDR

A hands-on tutorial for setting up a Kubernetes cluster entirely by hand, no automation, no scripts, so you deeply understand every component before relying on the tools that hide the details.

Mindmap

mindmap
  root((K8s Hard Way))
    What it does
      Manual cluster setup
      Learn by building
      No automation tools
    Components covered
      TLS certificates
      etcd cluster
      Control plane
      Worker nodes
    Labs covered
      Jumpbox setup
      Certificate authority
      Network routes
      kubectl config
    Audience
      DevOps engineers
      Certification students
    Purpose
      Deep understanding
      Not production use
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Study Kubernetes internals deeply before sitting a CKA or CKS certification exam by manually setting up every cluster component from scratch.

USE CASE 2

Build the diagnostic knowledge needed to troubleshoot complex cluster issues by understanding exactly what each control plane component does.

USE CASE 3

Learn how TLS certificates, etcd, and network routing fit together in a Kubernetes cluster by configuring each one yourself.

USE CASE 4

Prepare to contribute to Kubernetes development by gaining a component-level understanding of the architecture.

How does it compare?

kelseyhightower/kubernetes-the-hard-wayreactivex/rxjavax64dbg/x64dbg
Stars48,19148,25948,291
LanguageJavaC++
Setup difficultyhardmoderatemoderate
Complexity4/53/54/5
Audienceops devopsdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1day+

Requires four ARM64 or AMD64 virtual or physical machines and several hours of careful manual configuration to complete all labs.

Free to read and use for personal learning, but cannot be used commercially under the Creative Commons non-commercial license.

In plain English

Kubernetes The Hard Way is a step-by-step tutorial for learning how to set up a Kubernetes cluster from scratch, manually, without automation tools or scripts. Kubernetes is a system for running containerized applications (packaged software that runs consistently across environments) at scale, managing how they are deployed, connected, and restarted if they crash. Most people install Kubernetes using automated tools that hide the details, but this tutorial intentionally skips all of that to expose every underlying component and configuration step. The premise is that building something the hard way is the best way to understand it. By provisioning machines, generating TLS certificates (which are the digital certificates that secure encrypted communication), configuring authentication, setting up the distributed key-value store called etcd (which Kubernetes uses to record its state), and manually connecting worker nodes to the control plane, you gain deep insight into what each piece does and why it exists. The tutorial walks through thirteen labs covering everything from setting up a jumpbox (a dedicated management server), creating a certificate authority, configuring kubectl (the command-line tool for managing Kubernetes), and provisioning network routes so pods (the smallest deployable units in Kubernetes) can talk to each other across nodes. You would use this tutorial when you want to deeply understand Kubernetes internals, for example, before taking a certification exam, troubleshooting complex cluster issues, or contributing to Kubernetes development. It is explicitly not meant to produce a production-ready cluster, it is purely a learning exercise. The lab requires four ARM64 or AMD64 virtual or physical machines. It is a documentation-only repository with no primary programming language, licensed under Creative Commons for non-commercial use.

Copy-paste prompts

Prompt 1
I'm following Kubernetes The Hard Way. Explain what etcd does in a Kubernetes cluster and why it needs TLS certificates to communicate with the API server.
Prompt 2
Walk me through the role of each Kubernetes control plane component I'm setting up manually: kube-apiserver, kube-scheduler, and kube-controller-manager.
Prompt 3
I'm generating TLS certificates for my Kubernetes cluster as part of Kubernetes The Hard Way. Explain what a certificate authority is and what it signs in this context.
Prompt 4
After finishing Kubernetes The Hard Way, what should I study next to deeply understand Kubernetes networking, specifically how pods on different nodes communicate across the network routes I configured?

Frequently asked questions

What is kubernetes-the-hard-way?

A hands-on tutorial for setting up a Kubernetes cluster entirely by hand, no automation, no scripts, so you deeply understand every component before relying on the tools that hide the details.

What license does kubernetes-the-hard-way use?

Free to read and use for personal learning, but cannot be used commercially under the Creative Commons non-commercial license.

How hard is kubernetes-the-hard-way to set up?

Setup difficulty is rated hard, with roughly 1day+ to a first successful run.

Who is kubernetes-the-hard-way for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub kelseyhightower on gitmyhub

Verify against the repo before relying on details.