Kodekloud CKA class

Question 1

What two Kubernetes services run on worker nodes, and what do they do? consider updating as we learn.

Answer 1

kubelet: listens to instructions from the kube-api and manages the nodes containers.
Kube-Proxy: A network proxy that runs on each node that maintains network rules on each nde.

Question 2

What is the CRI?

Answer 2

Container Runtime Interface : Container runtimes such as Docker, CRD, RKT. Docker continued to work with dockershim. while the other CRIs followed the standardized spec. Containerd seems to be where everything is going. in 1.24 the dockershim was removed.

Question 3

What is containerd?

Answer 3

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness, and portability. It is designed to manage the complete container lifecycle of its host system, including image transfer and storage, container execution and supervision, and low-level storage and network attachments. Containerd is part of the Cloud Native Computing Foundation and serves as the core container runtime for Kubernetes.

Question 4

what is the containerd ‘ctr’ command?

Answer 4

ctr is a command-line interface tool provided by containerd for interacting directly with the containerd daemon, primarily used for debugging and testing. The top three uses include managing container lifecycles (create, start, stop, and delete containers), pulling and pushing images, and directly interacting with the containerd API for low-level operations.

Question 5

how do i pull and run an image with the containerd ctr command?

Answer 5

ctr images pull docker.io/library/redis:alpine
ctr run docker.io/library/redis:alpine redis

Question 6

nerdctl is the better alternative to ctr for containerd. why is nerdctl better?

Answer 6

Nerdctl supports a wide range of Docker CLI commands, making it easier for users to transition from Docker to containerd without changing their workflows. It includes high-level features such as building images, composing multi-container applications, and managing volumes and networks, which are not directly available or as accessible in ctr.

Question 7

nerdctl replaces the docker command in containerd. How do i create a container with nerdctl? how do expose ports with nerdctl.

Answer 7

Docker and nerdctl are pretty much identical. so nerdctl would be.

nerdctl run –name redis redis:alpine
nerdctl run –name webserver -p 80:80 -d nginx

Question 8

what is crictl?

Answer 8

crictl is kubernetes command that allows to to control your container runtimes. used to inspect and debug contain runtimes.

Question 9

crictl, which is a kubernetes command, is used to interact with the CRI. what crictl command will view the logs? How would pods be listed?

Answer 9

crictl logs LOGID
crictl pods

Question 10

What is ETCD in Kubernetes?

Answer 10

etcd is a distributed key-value store that serves as the backbone for storing and managing the critical data of a Kubernetes cluster, ensuring consistency and reliability across the cluster state. It plays a pivotal role in Kubernetes for configuration data, state management, and coordination of distributed system operations, acting as the single source of truth for the cluster.

Question 11

ETCD: what is a key value store?

Answer 11

ETCD is a database that stores data as a key:value. Each individual gets a file and there will be a key and a value. In kubernetes the KEY is the file name and the value is the data. it stores the file info in JSON.

Question 12

what port does ETCD operate on?

Answer 12

TCP/2379

Question 13

What is etcdctl and how do we retrieve a key value with it?

Answer 13

etcdctl is how we interact with etcd. ./etcdctl get key1 - command will return the value of the key1. in the key-value database.

Question 14

what does this do: etcdctl get <key> [--prefix]</key>

Answer 14

Description: Retrieves the value of the specified key. If –prefix is used, it fetches all keys with the specified prefix.

Question 15

Command: etcdctl put mykey “this is my key”

Answer 15

Description: Sets the value for a specified key. This command is used to create or update the value of a key in etcd.

Question 16

Command: etcdctl del <key> [--prefix]</key>

Answer 16

Description: Deletes a specified key or, when used with –prefix, deletes keys with the specified prefix. It’s crucial for managing and cleaning up data in etcd.

Question 17

how: Save a snapshot of the etcd database to a specified filename. This is vital for backing up etcd data.

Answer 17

etcdctl snapshot save myEtcd-backup-file.db

Question 18

what is the command to: List all members in the etcd cluster. This command is essential for monitoring and managing the etcd cluster membership.

Answer 18

etcdctl member list

Question 19

What is the etcdctl command to get all of the keys in the etcd db?

Answer 19

ETCDCTL_API=3 etcdctl get “” –prefix –keys-only

removing the –keys-only will also return values.

Question 20

what does this command do: export ETCDCTL_API=3

Answer 20

sets the environment variable to tell etcdctl to use API version 3.

Question 21

What is the process of the Kube-API when sending a request to create a new pod?
Memory hint: A.V.R.U.S.K.

Answer 21

1. Authenticate User: Verify the identity of the user or service making the request, ensuring they are authorized to perform the action.
2. Validate Request: Check the request for correctness and ensure it contains all necessary information for creating a pod.
3. Retrieve Data: Fetch necessary data from etcd that might be required for processing the request, such as existing configuration or state.
4. Update etcd: Persist the new pod’s specification in etcd to update the cluster’s desired state, ensuring consistency across the system.
5. Scheduler: The scheduler detects the new pod creation request from the updated state in etcd and selects an appropriate node for the pod to run on, based on resource requirements, constraints, and policies.
6. Kubelet: The kubelet on the chosen node is informed about the new pod and takes responsibility for creating and starting the pod’s containers according to the specified configuration.

Question 22

Question: What is the Kube Controller Manager?

Answer 22

Answer: The Kube Controller Manager is a component of Kubernetes that runs various controller processes. . All of the controllers are bundled under this.

Question 23

Question: What does the ReplicaSet Controller do?

Answer 23

Answer: Ensures the specified number of replicas for a pod are running at any given time, providing redundancy and scalability.

Question 24

What is the purpose of the Deployment Controller?

Answer 24

The deployment controller manages the deployment of ReplicaSets and enables declarative updates of Pods, along with features like rollbacks and scaling.

Question 25

Question: What does the StatefulSet Controller manage?

Answer 25

Answer: Provides unique identities to Pods, manages the deployment and scaling of a set of Pods, and ensures the proper handling of persistent storage.

Question 26

Question: What is the DaemonSet Controller’s role?

Answer 26

Answer: Ensures that all (or some) Nodes run a copy of a specified Pod, useful for deploying system-wide daemons on every Node.

Question 27

Question: What does the Job Controller do?

Answer 27

Answer: Manages Jobs that run Pods to completion (i.e., until a specified number of them successfully terminate).

Question 28

Question: What is the function of the CronJob Controller?

Answer 28

Answer: Manages time-based Jobs, similar to cron in Unix-like systems, scheduling tasks to run at specific times.

Question 29

Question: What responsibilities does the Node Controller have?

Answer 29

Answer: Notices and responds to node failures, including evicting pods from the failed nodes to maintain cluster health.

Question 30

Question: What does the Service Controller manage?

Answer 30

Answer: Handles network rules on the cloud provider or local machine to expose services outside the cluster.

Question 31

Question: What is the role of the Endpoints Controller?

Answer 31

Answer: Populates the Endpoints object, effectively joining Services and Pods for network communication.

Question 32

Question: What does the Namespace Controller do?

Answer 32

Answer: Manages the lifecycle of namespaces, ensuring resources are properly cleaned up when a namespace is deleted.

Question 33

Question: What is the purpose of the PersistentVolume Controller?

Answer 33

Answer: Manages the lifecycle, provisioning, and binding of PersistentVolumes and PersistentVolumeClaims for storage management.

Question 34

Question: What does the Horizontal Pod Autoscaler (HPA) Controller manage?

Answer 34

Answer: Automatically scales the number of Pods in a replication controller, deployment, replica set, or stateful set based on observed CPU utilization or custom metrics.

Question 35

what path and file contains the kube controller manager config/YAML file?

Answer 35

/etc/kubernetes/manifests/kube-controller-manager.yaml. This is where you configure your controllers.

Question 36

Question: What does the command ps -aux | grep kube-controller-manager do?

Answer 36

Answer: This command searches for and displays information about the kube-controller-manager process running on a Linux system. ps -aux lists all running processes with detailed information, and grep kube-controller-manager filters this list to show only the processes related to the Kubernetes Controller Manager. It’s useful for checking if the kube-controller-manager is running and to see its process details like PID, CPU, and memory usage.

Question 37

Question: What does the Kube Scheduler do and how does it work?

Answer 37

Answer: The Kube Scheduler is responsible for assigning newly created pods to nodes within the Kubernetes cluster. It works by evaluating the requirements of each pod, such as resource requirements, affinity/anti-affinity specifications, taints and tolerations, and other constraints. The scheduler then finds a suitable node that satisfies these conditions and schedules the pod to run on that node. This process ensures that pods are placed on nodes in a way that respects their scheduling requirements while also balancing the overall load across the cluster. It does not create the pod, the kubelet does that.

Question 38

Where are the kube-scheduler options?

Answer 38

/etc/kubernetes/manifests/kube-scheduler.yaml

Question 39

How do i view the kube-scheduler options, other than looking at the manifest?

Answer 39

ps - aux | grep kube-scheduler

Question 40

Question: What does the Kubelet do?

Answer 40

Answer: The Kubelet is an agent that runs on each node in a Kubernetes cluster. Its primary role is to ensure that containers are running in a Pod as described in the PodSpecs. It takes a set of PodSpecs provided by the kube-apiserver and ensures that the containers described in those PodSpecs are running and healthy. The Kubelet manages the lifecycle of containers, monitors their state, and reports back to the Kubernetes control plane, contributing to the overall health and performance of the cluster.

Question 41

how do i view the kubelet process and running options?

Answer 41

ps -aux | grep kubelet

Question 42

Question: What is kube-proxy?

Answer 42

Answer: kube-proxy is a network proxy and load balancer that runs on each node in a Kubernetes cluster. Its main role is to maintain network rules that allow network communication to Pods from network sessions inside or outside of the cluster. kube-proxy manages the Kubernetes service abstraction by translating virtual IP addresses to Pod IP addresses, enabling service discovery and routing. It supports several modes of operation, including userspace, iptables, and IPVS, each providing different levels of performance and flexibility.

Question 43

what is the kubectl command to launch an nginx pod named mynginx?

Answer 43

kubectl run mynginx –image nginx

Question 44

What are the 4 top level fields for a pod yaml file, and what are the required definitions of those fields.

Answer 44

apiVersion: v1
kind: Pod
metadata:
spec:

Question 45

What are the apiVersions for: Pod, Service, ReplicaSet, Deployment

Answer 45

KIND: VERSION:
Pod. v1
Service v1
ReplicaSet apps/v1
Deployment appls/v1

Question 46

what is the command to list all pods and which node they are running on?

Answer 46

kubectl get pods -o wide

Question 47

kubectl command to make an nginx pod named nginx and have the output display on the screen of the yaml file

Answer 47

kubectl run nginx –image=nginx –dry-run -o yaml

Question 48

Explain the difference between the replication controller and a replicaset controller?

Answer 48

Replication controller is the older technology that is replaced by the replicaset to control replicaset configs. The replicaiton controller directly controlled pods. the replicaset controller, controls pods thru replicSets.

Question 49

what is the apiVersion and kind for the older ReplicationController?

Answer 49

apiVersion: v1, kind: ReplicationController

Question 50

what is the apiVersion and kind of a ReplicaSet?

Answer 50

apiVersion: apps/v1 , kind: ReplicaSet

Question 51

in a ReplicaSet manifest why do we have to define a selector?

Answer 51

This is because the ReplicaSet can control pods that are not created by the ReplicaSet. Replication Controller does not requires a selector, but ReplicaSet does.

Question 52

What is the RepliaSet manifest syntax for the selector?

Answer 52

selection:
matchLabels:
type: front-end ( a label)

Question 53

Confirm memorization of a basic replicaset in following slide.

Answer 53

apiVersion: apps/v1
kind: Replicaset
metadata:
name: myapp-replicaset
labels:
app: myapp
type: front-end
spec:
template:
metadata:
name: myapp-pod
labels:
app: myapp
type: front-end
spec:
contains:
- name: nginx-container
image: nginx
replicas: 3
selector:
matchLabels:
type: front-end

Question 54

what happens if you create a ReplicaSet and define a selector as “front-end” with 3 replicas. But you already have 3 pods running labeled front-end.

Answer 54

The ReplicaSet will not create any new pods. it contriols the exsiting pods with the matching labels.

Question 55

If i change the number of replicas in my ReplicaSet manifest, how do i apply the new manifest to change the number of active replicas? Kubectl command.

Answer 55

kubectl replace -f replicaset-definition.yml

Question 56

What is the command to scale a replicaset, which will not change the manifest file.

Answer 56

kubectl scale –replicas=6 replicaset my-replicaset.

Question 57

True or False? A manifest for a deployment looks exactly the same as a manifest for a replicaset, except the kind changes between Deployment and ReplicaSet

Answer 57

True! NOTE: creating a deployment, also creates a replicaset!

Question 58

how do i pipe this to a dry run yaml file on my screen? kubectl run nginx –image=nginx

Answer 58

kubectl run nginx –image=nginx –dry-run=client -o yaml

Question 59

What is a Kubernetes NodePort service?

Answer 59

A NodePort is a configuration option in Kubernetes Services that makes a specific pod accessible on a static port on the node’s IP address. When you set a service’s type to NodePort, Kubernetes allocates a port from a configured range (default: 30000-32767), and any traffic sent to this port on any node’s IP is forwarded to the service. This allows for external access to services without needing an external load balancer. NodePort is often used for development environments or small-scale applications.

Question 60

What is a Kubernetes ClusterIP service?

Answer 60

A ClusterIP is a type of Kubernetes service that provides a single, stable IP address for accessing a set of pods within the cluster. This IP is only reachable within the cluster, making it suitable for internal communications between services. It acts as the default service type, facilitating internal request routing to the appropriate pod instances.

Question 61

What is a Kubernetes LoadBalancer service?

Answer 61

A Kubernetes LoadBalancer service is a type of service that provides external network access to one or more services within a Kubernetes cluster. It automatically assigns a public IP address and routes external traffic to the service, often by integrating with cloud providers’ load balancers. This service type effectively distributes incoming network traffic across multiple pods to ensure even load distribution and high availability of the service.

Question 62

What does a NodePort manifest look like?

Answer 62

apiVersion: v1
kind: Service
metadata:
name: myapp-service
spec:
type: NodePort
ports:
- targetPort: 80 (target port on pod)
port: 80
nodePort: 30008 (port on the node, directing to target)
selector: (links service to a pod)
app: myapp
type: front-end

Question 63

In a NodePort what for ports, what is the only mandatory field and what are the ramifications?

Answer 63

port is the only required port. If only port is provided, the target port will use the same port as the port. It no NodePort is provided one will be created in the NodePort range of 30,000 - 32,767

Question 64

If you are using a NodePort service with a selector for multiple pods, what is the behavior?

Answer 64

When the NodePort is created, the selector will find the pods with the labels and distribute the load randomly. Kubernetes creates the NodePort across all of the nodes in the cluster with the same NodePort.

Question 65

What does a Cluster IP service manifest look like? Hint this looks just like a NodePort service except no NodePort is provided.

Answer 65

apiVersion: v1
kind: Service
metadata:
name: back-end
spec:
type: ClusterIP
ports:
- targePort: 80
port: 80
selector:
app: myapp
type: back-end

Question 66

What is the format to address a service across a namespace?

Answer 66

<ServiceName>.<Namespace>.svc.cluster.local
-

</Namespace></ServiceName>

Question 67

kubectl command to list pods in the namespace called MyNamespace

Answer 67

kubectl get pods –namespace=MyNamespace

Question 68

kubectl command to create a pod from a manifest for the namespace called MyNamespace

Answer 68

kubectl create -f pod.yaml –namespace=MyNamespace

Question 69

in a manifest how to define the namespace an object is to be created in?

Answer 69

under metadata would define—> namespace: dev

Question 70

How do i create a namespace?

Answer 70

Create a namespace manifest:
apiVersion: v1
kind: Namespace
metadata
name: Dev

kubectl create -f namespace-defintion.yaml
OR:
kubectl create namesapce dev

Question 71

kubectl command to change namespaces

Answer 71

kubectl config set-context –namespace=dev

Question 72

how to view pods in all name spaces?

Answer 72

kubectle get pods –all-namespaces

Question 73

What does this do: kubectl get pods -A

Answer 73

same things as kubectl get pods –all-namespaces

Question 74

How do you create an NGINX Pod using kubectl?

Answer 74

kubectl run nginx –image=nginx

Question 75

Command to generate a Pod manifest in YAML without creating the Pod.

Answer 75

kubectl run nginx –image=nginx –dry-run=client -o yaml

Question 76

How to create a deployment for NGINX using kubectl?

Answer 76

kubectl create deployment –image=nginx nginx

Question 77

Command to generate a Deployment manifest in YAML without creating the Deployment.

Answer 77

kubectl create deployment –image=nginx nginx –dry-run=client -o yaml

Question 78

Kubectl How to generate a Deployment with 4 replicas?

Answer 78

kubectl create deployment nginx –image=nginx –replicas=4

Question 79

Command to scale a deployment to 4 replicas.

Answer 79

kubectl scale deployment nginx –replicas=4

Question 80

kubectl Command to create a ClusterIP Service named redis-service to expose Pod redis on port 6379.

Answer 80

kubectl expose pod redis –port=6379 –name redis-service –dry-run=client -o yaml

Question 81

kubectl Command to create a NodePort Service named nginx to expose Pod nginx on node port 30080.

Answer 81

kubectl expose pod nginx –type=NodePort –port=80 –name=nginx-service –dry-run=client -o yaml OR kubectl create service nodeport nginx –tcp=80:80 –node-port=30080 –dry-run=client -o yaml

Question 82

Create a service redis-service to expose the redis application within the cluster on port 6379.

Use imperative commands.

Answer 82

Run the command: kubectl expose pod redis –port=6379 –name redis-service

Question 83

with kubectl: Create a new pod called custom-nginx using the nginx image and expose it on container port 8080.

Answer 83

Run the command: kubectl run custom-nginx –image=nginx –port=8080

Question 84

Create a pod called httpd using the image httpd:alpine in the default namespace. Next, create a service of type ClusterIP by the same name (httpd). The target port for the service should be 80.
THIS IS A TRICK QUESION
Try to do this with as few steps as possible.

Answer 84

kubectl run httpd –image=httpd:alpine –port=80 –expose

Question 85

Using the kubectl expose command will only work for which service type, and not for any other service type

Answer 85

clusterip
for example: kubectl run httpd –image=httpd:alpine –port=80 –expose

Question 86

The is a basic pod manifest, what change is made to manually schedule this pod to node01:
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- image: nginx
name: nginx

Answer 86

apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
nodeName: node01 <—–
containers:
- image: nginx
name: nginx

Question 87

what command can you use to “tail” a kubectl get pods command? this way if the pod status changes, we get updated.

Answer 87

kubectl get pods –watch

Question 88

After modifying a POD yaml file, what single command can you run to destroy and recreate the pod?

Answer 88

kubectl replace –force -f myPod.yaml

Question 89

How can I list all pods that have a label of app=frontend

Answer 89

kubectl get pods –selector app=frontend

Question 90

how can i lost all pods with the labels app=frontend bu=finance?

Answer 90

kubectl get pods –selector app=frontend,bu=finance

Question 91

how do i list all pods, but remove the header so it is not counted when we also have it count how many rows came back?

Answer 91

kubectl get pods –no-headers | wc -l

Question 92

kubectl cmd to taint node1 with env=prod

Answer 92

kubectl taint nodes node1 env=prod:taint-effect

Question 93

When tainting nodes there are three taint effects.
kubectl taint nodes -node-name key=value:taint-effect
NoSchedule, PreferNoSchedule, NoExecute
Define these

Answer 93

NoSchedule= do not schedule on node
PreferNoSchedule= try to avoid this pod
NoExecute=new pods will not be scheduled, existing pods will be evicted without toleration

Question 94

What does a pod file look like if a toleration is set to match the node taint of app=blue:NoSchedule. what happens if the pod matches the taint? Matching he pod toleration and the node taint will allow it to schedule.

Answer 94

apiVersion:
kind: pod
metadata:
name: myapp-pod
spec:
containers:
- name: nginx-controller
image: nginx
tolerations:
- key: “app”
operator: “Equal”
value:”blue”
effect:”NoSchedule”

Question 95

What is the difference between node affinity and taints/tolerations?

Answer 95

Node Affinity is a property of pods that attracts them to a set of nodes (either as a preference or a hard requirement). It allows you to specify rules for pod placement based on node labels, ensuring pods are scheduled on nodes that meet specific criteria (e.g., to ensure a pod runs on a node in a particular geographic location).

Taints and Tolerations work together to repel pods from certain nodes. A taint is applied to a node, and any pod that does not tolerate that taint is repelled by the node. Tolerations are applied to pods and allow them (or require them) to schedule onto nodes with matching taints. This mechanism ensures that pods are not scheduled onto inappropriate nodes.

Question 96

kubectl command to remove the taint from node controlplane for key/value:effect of node-role.lubernetes.io/control-plane:NoSchedule

Answer 96

kubectl taint nodes controlplane node-role.kubernetes.io/control-plane:NoSchedule- NOTE the - at the end removes the taint

Question 97

What is a Node Selector?

Answer 97

A Node Selector is a Kubernetes feature that schedules pods on nodes with specific labels. For example, using nodeSelector: {disktype: ssd} in a pod spec ensures the pod runs on nodes labeled with disktype=ssd. This mechanism helps in placing pods on suitable nodes based on predefined criteria.

Question 98

What does a basic nodeSelector pod manifest file look like, and what do you do to the node to accept it? example size: large

Answer 98

the node must have a label of size:large for this pod manifest to mesh.

apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
nodeSelector:
size: large
containers:
- name: nginx
image: nginx

Question 99

provide a node affinity pod manifest to place a pod on a node where a label key is size and the values are large or small

Answer 99

apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: nginx
image:nginx
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: size
operator: In (NotIn for reverse)
values:
- Large
- Medium

Question 100

For Node Affinity types we have:
requiredDuringSchedulingIgnoreDuringExexcution. What does this mean and what is the other type?

Answer 100

requiredDuringSchedulingIgnoredDuringExecution: This affinity type mandates that the scheduler must place a pod on a node that matches the specified criteria at scheduling time. Once the pod is placed, subsequent changes to node labels do not affect the pod.

preferredDuringSchedulingIgnoredDuringExecution: This type suggests preferences for node selection. The scheduler attempts to place a pod on nodes that match the specified criteria, but it will still schedule the pod even if no matching nodes are found, prioritizing the preferences as much as possible.

Question 101

Confirm understanding of the 4 node affinity types in the following table –>

Answer 101

Question 102

Apply a label color=blue to node node01 with kubectl

Answer 102

kubectl label node node01 color=blue

Question 103

When setting node affinity values in a pod manifest, what is the key value used to check if a label exists on the node, but not check it’s value

Answer 103

spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnordDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: myLabel
operator: Exists

Question 104

Create a basic pod manifest that includes a resource request for 1 cpus and 1 gigs of ram. Also set a limited to 2 cpus and 2 gigs ram.

Answer 104

apiVersion: v1
kind: Pod
metadata:
name: myApp
label: myApp
spec:
containers:
- name: myApp
image: myImage
resources:
requests:
memory: “1Gi”<- Mi for Megs
cpu: 1
limits:
memory: “2Gi”
cpu: 2

Question 105

If you set a pod resource limits to 2 cpus, but do not set a request, what does Kubernetes set the request to?

Answer 105

If there is a limit, but no request, then the request is set to the same as the limit

Question 106

Why is setting resource limits of pods sometimes a bad idea?

Answer 106

you don’t want to limit CPU usage, if the node has CPU free. So setting a request, with no limits may be the best scenario

Question 107

What is a Daemonset that is installed by default in a kubernetes cluster?

Answer 107

Kube-proxy is a daemonset.

Question 108

Command to list all daemonsets in all namespaces

Answer 108

kubectl get daemonset –all-namespaces OR
kubectl get daemonset -A

Question 109

Command to create a deployment named blue with nginx image and 3 replicas

Answer 109

kubectl create deployment blue –image=nginx –replicas=3

Question 110

What is the difference between a resource request and a resource limit? what happens if memory limit hits?

Answer 110

A request is the minimum amount of resources that kubernetes will guarantee for a container. the limit is the maximum amount of resources a container is allowed to use. If it tries to use more memory than the limit, a pod will OOM kill.

Question 111

what is a LimitRange?

Answer 111

This is set at the namespace level kind: LimitRange. In this file you can set defaults for pods in the namespace. Can not be overridden by invidual pod or namespace. it will no affect exiting pods.

Question 112

What is a ResourceQuota?

Answer 112

Provide a maximum resource usage for the entire namespace, the sum of all pods:
apiVersion: v1
kind: ResourceQuota
metadata:
name: my-resource-quota
spec:
hard:
requests.cpu: 4
requests.memory: 4Gi
limits. cpu: 10
limits.memory: 10Gi

Question 114

What is the difference between a ResourceQuota and a LimitRange?

Answer 114

The LimitRange defines the resource limits per pod inside of a namespace. the ResourceQuota provide a limit for the total resources used by all pods in the namespace.