Getting Started with Kubernetes on DigitalOcean: A Beginner's Guide
Kubernetes can seem overwhelming for beginners, but DigitalOcean’s managed Kubernetes service (DOKS) provides an excellent entry point into the world of container orchestration. With its simplified setup, competitive pricing, and excellent documentation, DigitalOcean makes it easy to get started with Kubernetes without the complexity of managing your own cluster infrastructure.
DigitalOcean Kubernetes (DOKS) eliminates the operational overhead of managing cluster infrastructure while providing a production-ready Kubernetes environment.
Key Advantages:
- Zero Infrastructure Management: DigitalOcean handles control plane updates, security patches, and infrastructure scaling
- Simple Setup: Create a cluster in minutes through the web interface or CLI
- Cost-Effective: Transparent pricing with no hidden fees or complex billing
- Global Presence: Multiple data centers for low-latency deployments
- Excellent Documentation: Comprehensive guides and tutorials for all skill levels
Pricing Transparency:
- Control Plane: Free (managed by DigitalOcean)
- Worker Nodes: Pay only for the compute resources you use
- Load Balancers: $12/month per load balancer
- Block Storage: $0.10/GB/month
- No Data Transfer Fees: Between DOKS and other DigitalOcean services
DOKS is particularly well-suited for:
- Learning Kubernetes: Focus on concepts without infrastructure complexity
- Development Environments: Quick setup and teardown for testing
- Small to Medium Applications: Production workloads with reasonable scale
- Proof of Concepts: Rapid prototyping and experimentation
Learn more about DigitalOcean Kubernetes
Before creating your cluster, ensure you have:
- A DigitalOcean account (sign up with our referral link for $200 in credits)
- Basic understanding of containers and Docker
- Familiarity with command-line tools
Via Web Interface:
- Log into your DigitalOcean account
- Navigate to Kubernetes in the left sidebar
- Click “Create Cluster”
- Choose your cluster configuration:
- Region: Select the closest to your users
- Kubernetes Version: Latest stable version (recommended)
- Node Pool: Start with 2-3 nodes for learning
- Node Size: 2GB RAM, 1 vCPU for development workloads
Via doctl CLI:
# Install doctl (DigitalOcean CLI)
# macOS
brew install doctl
# Linux
snap install doctl
# Authenticate with your DigitalOcean account
doctl auth init
# Create a cluster
doctl kubernetes cluster create my-first-cluster \
--region nyc1 \
--size s-2vcpu-4gb \
--count 2 \
--version 1.28
Download kubeconfig:
# Get your cluster's kubeconfig
doctl kubernetes cluster kubeconfig save my-first-cluster
# Verify connection
kubectl cluster-info
kubectl get nodes
Expected Output:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
pool-abc123-def456-1 Ready <none> 5m v1.28.0
pool-abc123-def456-2 Ready <none> 5m v1.28.0
Learn more about cluster setup
Create a namespace for your application:
kubectl create namespace my-app
kubectl config set-context --current --namespace=my-app
Deploy a sample application:
# app-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-world
namespace: my-app
spec:
replicas: 3
selector:
matchLabels:
app: hello-world
template:
metadata:
labels:
app: hello-world
spec:
containers:
- name: hello-world
image: nginx:latest
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
Apply the deployment:
kubectl apply -f app-deployment.yaml
kubectl get pods
Create a service:
# app-service.yaml
apiVersion: v1
kind: Service
metadata:
name: hello-world-service
namespace: my-app
spec:
selector:
app: hello-world
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
Create a load balancer:
# app-ingress.yaml
apiVersion: v1
kind: Service
metadata:
name: hello-world-lb
namespace: my-app
spec:
selector:
app: hello-world
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
Apply the services:
kubectl apply -f app-service.yaml
kubectl apply -f app-ingress.yaml
# Check the load balancer IP
kubectl get service hello-world-lb
Learn more about deploying applications
Pods are the smallest deployable units in Kubernetes. A Pod can contain one or more containers that share the same network namespace and storage.
Deployments manage the lifecycle of Pods, providing features like:
- Rolling updates and rollbacks
- Scaling up and down
- Self-healing (replacing failed Pods)
Example Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-app
spec:
replicas: 3
selector:
matchLabels:
app: web-app
template:
metadata:
labels:
app: web-app
spec:
containers:
- name: web-app
image: my-app:latest
ports:
- containerPort: 8080
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
Services provide stable network endpoints for your Pods, enabling:
- Load balancing across multiple Pods
- Service discovery within the cluster
- External access to your applications
Service Types:
- ClusterIP: Internal access only (default)
- NodePort: External access via node IP and port
- LoadBalancer: External access via cloud load balancer
Example Service:
apiVersion: v1
kind: Service
metadata:
name: web-app-service
spec:
selector:
app: web-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
type: LoadBalancer
ConfigMaps store non-sensitive configuration data:
apiVersion: v1
kind: ConfigMap
metadata:
name: app-config
data:
database_url: "postgresql://db.example.com:5432/mydb"
log_level: "INFO"
feature_flags: |
enable_cache=true
debug_mode=false
Secrets store sensitive data like passwords and API keys:
apiVersion: v1
kind: Secret
metadata:
name: app-secrets
type: Opaque
data:
db_password: cGFzc3dvcmQxMjM= # base64 encoded
api_key: YXBpLWtleS1oZXJl
Learn more about Kubernetes concepts
DigitalOcean provides:
- Cluster Metrics: CPU, memory, and disk usage
- Node Health: Status and performance monitoring
- Application Metrics: Pod-level resource consumption
- Logs: Centralized logging for troubleshooting
Access monitoring data:
# View cluster metrics
kubectl top nodes
kubectl top pods
# Check resource usage
kubectl describe nodes
kubectl describe pods
Install monitoring stack:
# Add Prometheus Helm repository
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
# Install Prometheus and Grafana
helm install monitoring prometheus-community/kube-prometheus-stack \
--namespace monitoring \
--create-namespace
Access Grafana:
# Port forward to access Grafana
kubectl port-forward -n monitoring svc/monitoring-grafana 3000:80
# Default credentials: admin / prom-operator
Implement network segmentation:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default-deny
namespace: my-app
spec:
podSelector: {}
policyTypes:
- Ingress
- Egress
Allow specific traffic:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-frontend-to-api
namespace: my-app
spec:
podSelector:
matchLabels:
app: api-server
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
app: frontend
ports:
- protocol: TCP
port: 8080
Apply restricted security context:
apiVersion: v1
kind: Pod
metadata:
name: secure-pod
labels:
pod-security.kubernetes.io/enforce: restricted
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1000
containers:
- name: app
image: my-app:latest
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
Create service accounts with minimal permissions:
apiVersion: v1
kind: ServiceAccount
metadata:
name: app-service-account
namespace: my-app
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: app-role
namespace: my-app
rules:
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: app-role-binding
namespace: my-app
subjects:
- kind: ServiceAccount
name: app-service-account
namespace: my-app
roleRef:
kind: Role
name: app-role
apiGroup: rbac.authorization.k8s.io
Learn more about Kubernetes security
Monitor resource usage:
# Check current resource usage
kubectl top pods
kubectl top nodes
# Analyze resource requests vs. actual usage
kubectl describe pods
Optimize resource requests:
resources:
requests:
memory: "256Mi" # Based on actual usage
cpu: "250m" # Based on actual usage
limits:
memory: "512Mi" # 2x requests for safety
cpu: "500m" # 2x requests for safety
Implement Horizontal Pod Autoscaler:
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: web-app-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: web-app
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
Cluster Autoscaler: DigitalOcean automatically scales your cluster based on demand, but you can optimize by:
- Setting appropriate minimum and maximum node counts
- Using node pools with different instance types
- Implementing proper resource requests and limits
Use appropriate storage classes:
- SSD Block Storage: For high-performance workloads
- Standard Block Storage: For cost-sensitive applications
- Object Storage: For large, infrequently accessed data
Implement storage policies:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: app-storage
spec:
accessModes:
- ReadWriteOnce
storageClassName: do-block-storage
resources:
requests:
storage: 10Gi
Learn more about cost optimization
Kubernetes Fundamentals
- Complete the official Kubernetes tutorials
- Practice with kubectl commands
- Deploy simple applications
DigitalOcean Specific
- Explore DOKS features and limitations
- Learn about DigitalOcean’s networking and storage
- Practice with load balancers and block storage
Basic Operations
- Monitor application health
- Scale applications up and down
- Perform rolling updates
Advanced Concepts
- StatefulSets and persistent storage
- ConfigMaps and Secrets management
- Network policies and security
Observability
- Set up monitoring with Prometheus/Grafana
- Implement centralized logging
- Create dashboards and alerts
CI/CD Integration
- Integrate with GitHub Actions or GitLab CI
- Implement GitOps workflows
- Automate deployments
Multi-cluster Management
- Federation and multi-cluster deployments
- Disaster recovery strategies
- Cross-cluster service mesh
Performance Optimization
- Resource optimization and tuning
- Performance monitoring and analysis
- Capacity planning
Security Hardening
- Advanced RBAC configurations
- Pod security policies
- Compliance and auditing
Deploy a complete web application with:
- Frontend (React/Vue.js)
- Backend API (Node.js/Python)
- Database (PostgreSQL/MySQL)
- Redis for caching
- Load balancer and ingress
Build a microservices application with:
- Service discovery and communication
- API gateway
- Distributed tracing
- Centralized logging
- Monitoring and alerting
Create a data processing pipeline with:
- Message queues (RabbitMQ/Kafka)
- Stream processing
- Data storage and analytics
- Visualization dashboards
Deploy ML workloads with:
- Jupyter notebooks
- Model training and serving
- GPU acceleration
- Model versioning and deployment
# Check node resources
kubectl describe nodes
kubectl top nodes
# Check Pod events
kubectl describe pod <pod-name>
# Check resource requests
kubectl get pods -o wide
# Check service endpoints
kubectl get endpoints <service-name>
# Check Pod labels
kubectl get pods --show-labels
# Test service connectivity
kubectl run test-pod --image=busybox --rm -it --restart=Never -- nslookup <service-name>
# Check resource usage
kubectl top pods
kubectl top nodes
# Analyze resource requests vs. limits
kubectl describe pods
# Check for resource leaks
kubectl logs <pod-name>
# Check network policies
kubectl get networkpolicies
# Test Pod-to-Pod connectivity
kubectl run test-pod --image=busybox --rm -it --restart=Never -- wget -O- <service-name>:<port>
# Check DNS resolution
kubectl run test-pod --image=busybox --rm -it --restart=Never -- nslookup kubernetes.default
DigitalOcean Kubernetes provides an excellent platform for learning and deploying Kubernetes applications. With its managed service approach, competitive pricing, and comprehensive documentation, DOKS eliminates much of the complexity associated with running Kubernetes while providing a production-ready environment.
Key takeaways for beginners:
- Start Simple: Begin with basic deployments and gradually add complexity
- Use Managed Services: Let DigitalOcean handle infrastructure management
- Practice Regularly: Deploy and experiment with different applications
- Monitor Everything: Set up observability from the beginning
- Follow Security Best Practices: Implement security measures early
- Optimize Costs: Monitor resource usage and implement autoscaling
Remember that Kubernetes is a journey, not a destination. Start with the basics, build confidence with simple applications, and gradually explore more advanced features. DigitalOcean’s platform makes this learning process much more accessible and cost-effective.
For continued learning, explore the DigitalOcean Kubernetes documentation, official Kubernetes tutorials, and the vibrant Kubernetes community.
Ready to get started? Sign up for DigitalOcean and receive $200 in credits to begin your Kubernetes journey today!