Kubernetes (K8) Research

R3zk0n · September 16, 2025

Containers   Research   K8   Virtual Machine
Contents

    Musings and Learnings with Kubernetes

    Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications across clusters. Unlike Docker, which runs containers on a single host, or Docker Swarm, which offers only basic multi-node scheduling and service discovery, Kubernetes provides a full-featured system for running and coordinating many services at scale.

    Containers

    Containers are lightweight, isolated environments that share the host’s kernel and are designed to run specific applications or services. They are usually ephemeral and serve a single purpose. Virtual machines, by contrast, emulate entire computers, running their own operating systems (and optionally GUIs) on top of a hypervisor, which makes them more resource-intensive. The reason to use Kubernetes and containers over virtual machines because is because they far more lightweight, faster to start, and easier to scale. Containers share the host’s kernel instead of running their own operating systems, which lets you run many more of them on the same hardware while keeping resource usage low.

    Isolation

    Containers provide a degree of isolation between applications, which can help reduce the attack surface and limit the impact if one container is compromised. However, because they share the same kernel, their isolation is weaker than that of virtual machines, which run fully separate operating systems.

    Concepts of Kubernates

    Kubernetes is structured as a collection of components, with the largest unit being the cluster. A cluster consists of two main parts:

    • The control plane, which manages and orchestrates all aspects of the Kubernetes environment, including scheduling, scaling, and maintaining the desired state of applications.
    • The nodes, which are the worker machines where pods (the smallest deployable units in Kubernetes) actually run.

    Below is an overview of the infrastructure of a K8 Cluster which would help reinforce the structure better

    K8 Cluster

    While having a diagram is great and helps reinforce the concepts i often perfer to learn things by doing and playing around so thats what we will be doing.

    CCC

    CC

    Attacking K8.

    So as a security research and penetration testing having some familarity of how these work and

    Resources

    • https://futuresight.club/posts/0x00_exfiltrate_git_credentials_argocd.html
    • TheGreyCorner
    • ChatGPT/Claude

    Twitter, Facebook