Part 1 of 2 — From bare VMs to a fully running 3-service application on a self-managed Kubernetes cluster. No managed services. No shortcuts. Just raw kubeadm. Series navigation: Part 1 (you are here): Cluster setup, foundational workloads, deploying a full-stack app with ConfigMaps, Secrets, StatefulSets, and CI pipelines Part 2: Networking deep dive — MetalLB, Nginx Ingress, clean hostnames, and NetworkPolicy enforcement Full source code: All application code, Kubernetes manifests, and CI pipelines are available at github.com/otie16/k8s-homelab-vm-project There are two kinds of Kubernetes engineers. The first kind provisions an EKS cluster, deploys a workload, and moves on. They know Kubernetes from the outside — the API, the manifests, the kubectl commands. The second kind wants to know what's happening underneath. How does the scheduler actually decide where to place a pod? What does kubeadm actually do when you run kubeadm init ? Why does Calico need kernel modules?…