## Why Kubernetes?

When your application grows beyond a handful of containers, you need orchestration. Kubernetes handles scheduling, scaling, self-healing, and service discovery — the operational complexity that would otherwise consume your team.

## Cluster Setup

For production, avoid managed solutions until you understand the fundamentals. Start with `kubeadm` on three nodes:

```bash
kubeadm init --pod-network-cidr=10.244.0.0/16
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
```

## The Core Abstractions

- **Pod** — The smallest deployable unit. Usually one container, sometimes sidecars.
- **Deployment** — Manages replica sets and rolling updates.
- **Service** — Stable networking endpoint for a set of pods.
- **Ingress** — HTTP routing from the outside world into your cluster.

## Production Checklist

1. Resource limits on every container
2. Liveness and readiness probes
3. Pod disruption budgets for high availability
4. Network policies to restrict pod-to-pod traffic
5. Secrets management with external-secrets or sealed-secrets

## Monitoring Stack

Deploy Prometheus + Grafana for metrics, and Loki for logs. The kube-prometheus-stack Helm chart gets you 80% of the way there in one command.

## CI/CD Integration

Use ArgoCD for GitOps-style deployments. Push a manifest change to your repo, ArgoCD syncs it to the cluster. No more `kubectl apply` from laptops.