Kubernetes Deep Dive: Minikube to AKS/EKS #

This guide is the central Kubernetes hands-on path for DevOps Bible. If you are new to the topic, read Kubernetes Basics and Kubernetes Networking first, then return here to connect local practice with cloud deployment.

This guide shows a practical progression:

1. Run Kubernetes locally with Minikube
2. Learn core Kubernetes objects and workflows
3. Move the same app to managed cloud Kubernetes (AKS or EKS)
4. Add production controls (security, observability, reliability)

Why start with Minikube? #

Minikube gives you a low-cost, fast-feedback Kubernetes environment on your laptop.

You can safely learn:

• Pods, Deployments, Services, and Ingress
• rollout/rollback workflows
• config and secrets handling
• troubleshooting with kubectl

For a beginner-friendly explanation of these resources, start with Kubernetes Basics.

Then reuse these skills in AKS/EKS with minimal conceptual changes.

Phase 1: Local Kubernetes with Minikube #

Prerequisites #

• Docker installed
• kubectl installed
• Minikube installed

Start cluster #

minikube start --cpus=4 --memory=8192 --kubernetes-version=stable
kubectl get nodes

Deploy a sample app #

kubectl create deployment demo-app --image=nginx:stable
kubectl expose deployment demo-app --port=80 --type=ClusterIP
kubectl get pods,svc

Enable ingress and access locally #

minikube addons enable ingress
kubectl get pods -n ingress-nginx

Use an Ingress manifest to route local traffic and test end-to-end behavior.

Local learning checklist #

• Understand namespace boundaries
• Use probes (livenessProbe, readinessProbe)
• Set CPU/memory requests and limits
• Perform a rolling update and rollback
• Inspect logs/events when failures occur

Phase 2: Make workloads cloud-ready #

Before moving to AKS/EKS, standardize packaging and configuration.

Container best practices #

• use minimal base images
• run as non-root user
• externalize config via ConfigMaps/Secrets
• tag images by immutable version (e.g., git SHA)

Manifest strategy #

Choose one, or deliberately combine both. See Helm vs Kustomize for the trade-offs.

• Helm charts for packaged apps
• Kustomize overlays for environment differences

CI baseline #

Pipeline should at least include:

• image build + vulnerability scan
• unit/integration tests
• manifest lint/validation
• signed artifact/image publish

Phase 3: Transition to AKS or EKS #

AKS path (Azure) #

Typical flow:

1. Create Azure resource group and AKS cluster
2. Configure Azure Container Registry (ACR)
3. Connect cluster credentials (az aks get-credentials)
4. Deploy manifests/Helm chart
5. Add managed ingress + TLS + monitoring

EKS path (AWS) #

Typical flow:

1. Create EKS cluster and node groups/Fargate profiles
2. Configure IAM roles for service accounts (IRSA)
3. Push images to ECR
4. Connect cluster credentials (aws eks update-kubeconfig)
5. Deploy manifests/Helm chart
6. Add ALB/NLB ingress, TLS, metrics, and logs

What stays the same vs. what changes #

Same:

• Kubernetes API objects (Deployment, Service, Ingress, etc.)
• kubectl workflows
• rollout, health checks, autoscaling patterns

Changes:

• cloud IAM and identity model
• load balancer and ingress implementation
• storage classes and CSI drivers
• networking (CNI), node lifecycle, and cost model

Production hardening after migration #

Security #

Use Kubernetes Security as the deeper hardening checklist.

• enforce least privilege (workload identity / IRSA)
• use external secret manager integration
• apply policy-as-code (Kyverno/OPA)
• enable image signing/verification

Reliability #

• define SLOs for critical user journeys
• add PodDisruptionBudgets and anti-affinity
• configure HPA/VPA where appropriate
• test failover and rollback procedures

Observability #

• metrics: Prometheus/Grafana or cloud-managed equivalents
• logs: centralized with correlation IDs
• traces: OpenTelemetry
• alerts: symptom-based with runbook links

Suggested migration plan (90 days) #

Days 1-30 #

• build and run app on Minikube
• productionize Dockerfile and Kubernetes manifests
• implement CI validation checks

Days 31-60 #

• provision AKS/EKS with IaC
• deploy to non-production cloud cluster
• baseline monitoring, ingress, and TLS

Days 61-90 #

• implement progressive delivery (canary/blue-green)
• run game days and incident drills
• finalize go-live checklist and handoff docs

Related reading #

• Containerization & Orchestration
• Kubernetes Basics
• Kubernetes Networking
• Helm vs Kustomize
• Kubernetes Security
• EKS vs AKS vs GKE
• AWS for DevOps
• Microsoft Azure for DevOps
• Google Cloud Platform for DevOps
• GitOps
• Operational Resilience