Kubernates Flashcards
What is Kubernetes?
https://cloud.google.com/learn/what-is-kubernetes
https://kubernetes.io/docs/concepts/overview/
Question 1
https://www.interviewbit.com/kubernetes-interview-questions/
What is a Kuberantes container?
https://avinetworks.com/glossary/kubernetes-container/#:~:text=Kubernetes%20containers%20resemble%20virtual%20machines,to%20their%20relaxed%20isolation%20properties
What are K8s?
Kubernetes (sometimes shortened to K8s with the 8 standing for the number of letters between the “K” and the “s”) is an open source system to deploy, scale, and manage containerized applications anywhere.
What is orchestration when it comes to software and DevOps?
Orchestration refers to the integration of multiple services that allows them to automate processes or synchronize information in a timely fashion. Say, for example, you have six or seven microservices for an application to run. If you place them in separate containers, this would inevitably create obstacles for communication. Orchestration would help in such a situation by enabling all services in individual containers to work seamlessly to accomplish a single
Container orchestration is a process that involves managing and coordinating the deployment, scaling, and operation of multiple containers that run on a single server or across multiple servers. It automates container provisioning, networking, resource allocation, load balancing, availability, and lifecycle management tasks. Container orchestration tools, such as Kubernetes, Docker Swarm, and Apache Mesos, help ensure that containers work together seamlessly and efficiently to deliver the desired applications or services.
How are Kubernetes and Docker related?
https://aws.amazon.com/compare/the-difference-between-kubernetes-and-docker/
Question 3
https://www.turing.com/interview-questions/kubernetes
This is one of the most frequently asked Kubernetes interview questions, where the interviewer might as well ask you to share your experience working with any of them. Docker is an open-source platform used to handle software development. Its main benefit is that it packages the settings and dependencies that the software/application needs to run into a container, which allows for portability and several other advantages. Kubernetes allows for the manual linking and orchestration of several containers, running on multiple hosts that have been created using Docker.
What are the main differences between the Docker Swarm and Kubernetes?
https://www.freecodecamp.org/news/kubernetes-vs-docker-swarm-what-is-the-difference/
Intermediate Question 15
https://www.turing.com/interview-questions/kubernetes
What is the difference between deploying applications on hosts and containers?
Deploying Applications consist of an architecture that has an operating system. The operating system will have a kernel that holds various libraries installed on the operating system needed for an application.
Whereas container host refers to the system that runs the containerized processes. This kind is isolated from the other applications; therefore, the applications must have the necessary libraries. The binaries are separated from the rest of the system and cannot infringe any other application.
What are the features of Kubernetes?
https://kubernetes.io/
What are the main components of Kubernetes architecture?
https://kubernetes.io/docs/concepts/overview/components/
Question 15
https://www.turing.com/interview-questions/kubernetes
Explain the working of the master node in Kubernetes?
The master node dignifies the node that controls and manages the set of worker nodes. This kind resembles a cluster in Kubernetes. The nodes are responsible for the cluster management and the API used to configure and manage the resources within the collection. The master nodes of Kubernetes can run with Kubernetes itself, the asset of dedicated pods.
What is the role of Kube-apiserver?
https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/#:~:text=The%20Kubernetes%20API%20server%20validates,which%20all%20other%20components%20interact.
Intermediate Question 39
https://www.turing.com/interview-questions/kubernetes
What is a node in Kubernetes?
A node is the smallest fundamental unit of computing hardware. It represents a single machine in a cluster, which could be a physical machine in a data center or a virtual machine from a cloud provider. Each machine can substitute any other machine in a Kubernetes cluster. The master in Kubernetes controls the nodes that have containers.
What does the node status contain?
https://kubernetes.io/docs/reference/node/node-status/
Intermediate Question 19
https://www.turing.com/interview-questions/kubernetes
What process runs on Kubernetes Master Node?
https://medium.com/featurepreneur/kubernetes-architecture-processes-run-on-master-node-c5869b89b931
The Kube-api server process runs on the master node and serves to scale the deployment of more instances.
The process that runs on the Kubernetes master node is the Kube-apiserver. This process is the access point for all the REST commands that control the cluster. It is the only Kubernetes control panel component with a user-accessible API and the sole master component you will interact with. It acts as a gateway to the cluster and supports life cycle orchestration.
What is a pod in Kubernetes?
https://kubernetes.io/docs/concepts/workloads/pods/
Intermediate Question 21
https://www.turing.com/interview-questions/kubernetes
In this Kubernetes interview question, try giving a thorough answer instead of a one-liner. Pods are high-level structures that wrap one or more containers. This is because containers are not run directly in Kubernetes. Containers in the same pod share a local network and the same resources, allowing them to easily communicate with other containers in the same pod as if they were on the same machine while at the same time maintaining a degree of isolation.
What is the job of the kube-scheduler?
https://kubernetes.io/docs/reference/command-line-tools-reference/kube-scheduler/#:~:text=The%20Kubernetes%20scheduler%20is%20a,Pod%20to%20a%20suitable%20Node.
What is a cluster of containers in Kubernetes?
A cluster of containers is a set of machine elements that are nodes. Clusters initiate specific routes so that the containers running on the nodes can communicate with each other. In Kubernetes, the container engine (not the server of the Kubernetes API) provides hosting for the API server.
What is the Google Container Engine?
The Google Container Engine is an open-source management platform tailor-made for Docker containers and clusters to provide support for the clusters that run in Google public cloud services.
Container Engine also makes application management easier. Your cluster is equipped with common capabilities, such as logging and container health checking, to give you insight into how your application is running. And, as your application’s needs change, resizing your cluster with more CPU or memory is easy.
https://www.techtarget.com/searchitoperations/definition/Google-Container-Engine-GKE#:~:text=Google%20Kubernetes%20Engine%20(GKE)%20is,orchestration%20platform%20developed%20by%20Google.
What are Daemon sets?
https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/#:~:text=A%20DaemonSet%20defines%20Pods%20that,Pods%20are%20added%20to%20them.
The DaemonSets are pod sets that run on a host only one time on a host. And so, they are used attributes of host layers such as -network or network monitoring. DaemonSet enables you to run the Kubernetes pod on the cluster nodes that fulfill certain criteria or requirements. It ensures that some or all nodes run a copy of a pod. DaemonSets are used to deploy background services, run cluster storage, log collection, and deploy a node monitoring daemon on every node
What is ‘Heapster’ in Kubernetes?
https://logz.io/blog/kubernetes-monitoring/#:~:text=Heapster%20is%20a%20bridge%20between,node%20via%20the%20Kubernetes%20API.
https://kubernetes.io/blog/2015/05/resource-usage-monitoring-kubernetes/
A Heapster is a cluster-wide aggregator of data that runs on each node. It is a Kubernetes project that provides a robust monitoring solution for Kubernetes clusters. Heapster is flexible and modular, making it easy to use and customize for different needs. However, Heapster has been deprecated since Kubernetes version 1.11. Its functionality has been replaced by the Kubernetes Metrics Server, which provides a more efficient and scalable way to collect and expose resource utilization data from Kubernetes nodes and pods.
What is Minikube?
https://kubernetes.io/docs/tutorials/kubernetes-basics/create-cluster/cluster-intro/#:~:text=Minikube%20is%20a%20lightweight%20Kubernetes,%2C%20macOS%2C%20and%20Windows%20systems.
Minikube is a lightweight implementation of Kubernetes, which creates a VM on your local machine. It is a tool that sets the Kubernetes environment on your laptop or PC, and it addresses a different type of use case than most other distributions, such as Rancher, EKS, and OpenShift. It creates a lightweight, self-contained environment with all the necessary components for running Kubernetes, such as the API server, etcd, and kubelet. This allows developers to experiment with Kubernetes without the need for a full-scale production environment.
What is a Namespace in Kubernetes?
Namespaces are used for dividing cluster resources between multiple users. They are meant for environments where there are many users spread across projects or teams and provide a scope of resources.
https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#:~:text=Namespaces%20are%20a%20way%20to,resources%20within%20the%20same%20namespace.
Name the initial namespaces from which Kubernetes starts?
Default
Kube – system
Kube – public
Intermediate Question 25
https://www.turing.com/interview-questions/kubernetes
What is the Kubernetes controller manager?
https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/#:~:text=The%20Kubernetes%20controller%20manager%20is,the%20state%20of%20the%20system.
What are the types of controller managers?
https://blog.knoldus.com/introduction-to-kube-controller-manager/
What is etcd?
https://etcd.io/
Kubernetes uses etcd as a distributed key-value store for all of its data, including metadata and configuration data, and allows nodes in Kubernetes clusters to read and write data. Although etcd was purposely built for CoreOS, it also works on a variety of operating systems (e.g., Linux, BSB, and OS X) because it is open-source. Etcd represents the state of a cluster at a specific moment in time and is a canonical hub for state management and cluster coordination of a Kubernetes cluster.
What are the different services within Kubernetes?
https://cloud.google.com/kubernetes-engine/docs/concepts/service#:~:text=Types%20of%20Kubernetes%20Services,-There%20are%20five&text=LoadBalancer%3A%20Clients%20send%20requests%20to,need%20a%20stable%20IP%20address.
Question 23
https://www.turing.com/interview-questions/kubernetes
What is ClusterIP?
https://sysdig.com/blog/kubernetes-services-clusterip-nodeport-loadbalancer/
Intermediate Question 26
https://www.turing.com/interview-questions/kubernetes
The ClusterIP is the default Kubernetes service that provides a service inside a cluster (with no external access) that other apps inside your cluster can access.
What is NodePort?
https://cloud.ibm.com/docs/containers?topic=containers-nodeport#:~:text=About%20NodePorts&text=The%20NodePort%20service%20serves%20as,incoming%20requests%20for%20the%20service.
Intermediate Question 27
https://www.turing.com/interview-questions/kubernetes
The NodePort service is the most fundamental way to get external traffic directly to your service. It opens a specific port on all Nodes and forwards any traffic sent to this port to the service.
What is the LoadBalancer in Kubernetes?
https://avinetworks.com/glossary/kubernetes-load-balancer/#:~:text=The%20load%20balancer%20tracks%20the,Kubernetes%20pods%20for%20the%20service.
Basic question 6
https://www.interviewbit.com/kubernetes-interview-questions/
What is the Ingress network, and how does it work?
https://kubernetes.io/docs/concepts/services-networking/ingress/#:~:text=Make%20your%20HTTP%20(or%20HTTPS,define%20via%20the%20Kubernetes%20API.
Questions 25 and 26
https://www.turing.com/interview-questions/kubernetes
An ingress is an object that allows users to access your Kubernetes services from outside the Kubernetes cluster. Users can configure the access by creating rules that define which inbound connections reach which services.
How does it work- This is an API object that provides the routing rules to manage the external users’ access to the services in the Kubernetes cluster through HTTPS/ HTTP. With this, users can easily set up the rules for routing traffic without creating a bunch of load balancers or exposing each service to the nodes.
What do you understand by Cloud controller manager?
https://kubernetes.io/docs/concepts/architecture/cloud-controller/#:~:text=The%20cloud%20controller%20manager%20runs,controllers%20in%20a%20single%20process.
What is Container resource monitoring?
https://aws.amazon.com/cloudwatch/container-monitoring/#:~:text=Container%20monitoring%20is%20the%20activity,ensure%20they%20are%20operating%20smoothly.
Question 29
https://www.turing.com/interview-questions/kubernetes
What is the difference between a replica set and a replication controller?
https://www.geeksforgeeks.org/kuberneters-difference-between-replicaset-and-replication-controller/
What is a headless service?
https://cloud.google.com/kubernetes-engine/docs/concepts/service#:~:text=A%20headless%20Service%20is%20a,of%20going%20through%20a%20proxy.
Intermediate Question 10
https://www.turing.com/interview-questions/kubernetes
What are federated clusters?
https://subscription.packtpub.com/book/cloud-and-networking/9781786461001/11/ch11lvl1sec71/understanding-cluster-federation#:~:text=Cluster%20federation%20is%20conceptually%20simple,unified%20view%20of%20the%20system.
Question 35
https://www.simplilearn.com/tutorials/kubernetes-tutorial/kubernetes-interview-questions
Intermediate Question 12
https://www.turing.com/interview-questions/kubernetes
What is Kubelet?or Which node in Kubernetes keeps track of resource utilization?
https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
Question 19
https://www.turing.com/interview-questions/kubernetes
What is Kubectl?
https://kubernetes.io/docs/tasks/tools/#:~:text=kubectl,see%20the%20kubectl%20reference%20documentation.
Questions 12 and 13
https://www.turing.com/interview-questions/kubernetes
Give examples of recommended security measures for Kubernetes.
https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/
Basic question 7
https://www.interviewbit.com/kubernetes-interview-questions/
What is Kube-proxy?
https://medium.com/@seifeddinerajhi/kube-proxy-and-cni-the-hidden-components-of-kubernetes-networking-eb30000bf87a#:~:text=Kube%2DProxy%20serves%20as%20a,network%20rules%20within%20the%20node.
How can you get a static IP for a Kubernetes load balancer?
A static IP for the Kubernetes load balancer can be achieved by changing DNS records since the Kubernetes Master can assign a new static IP address.
https://stackoverflow.com/questions/32266053/how-to-specify-static-ip-address-for-kubernetes-load-balancer
https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#:~:text=Balancer%20with%20Ingress.-,Use%20a%20Service,per%20unused%20IP%20address%20pricing.
Intermediate Question 32
https://www.turing.com/interview-questions/kubernetes
How to do maintenance activity on the K8 node?
Basic question 1
https://www.interviewbit.com/kubernetes-interview-questions/
How do we control the resource usage of POD?
Basic question 2
https://www.interviewbit.com/kubernetes-interview-questions/
What are the various K8’s services running on nodes and describe the role of each service?
Basic question 3
https://www.interviewbit.com/kubernetes-interview-questions/
What is PDB (Pod Disruption Budget)?
Basic question 4
https://www.interviewbit.com/kubernetes-interview-questions/
What’s the init container and when it can be used?
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/#:~:text=This%20page%20provides%20an%20overview,(which%20describes%20app%20containers).
Question 30
https://www.turing.com/interview-questions/kubernetes
How to monitor the Kubernetes cluster?
Basic question 8
https://www.interviewbit.com/kubernetes-interview-questions/
How to get the central logs from POD?
Basic question 9
https://www.interviewbit.com/kubernetes-interview-questions/
How to turn the service defined below in the spec into an external one?
Intermediate Question 1
https://www.interviewbit.com/kubernetes-interview-questions/
Complete the following configurationspec file to make it Ingress
Intermediate Question 2
https://www.interviewbit.com/kubernetes-interview-questions/
How should TLS be configured with Ingress?
Intermediate Question 3
https://www.interviewbit.com/kubernetes-interview-questions/
Why should namespaces be used? How does using the default namespace cause problems?
Intermediate Question 4
https://www.interviewbit.com/kubernetes-interview-questions/
What service and namespace are referred to in the following file?
Intermediate Question 5
https://www.interviewbit.com/kubernetes-interview-questions/
What is an Operator?
https://kubernetes.io/docs/concepts/extend-kubernetes/operator/#:~:text=Operators%20are%20software%20extensions%20to,principles%2C%20notably%20the%20control%20loop.
What is the purpose of operators?
https://kubernetes.io/docs/concepts/extend-kubernetes/operator/#:~:text=Operators%20are%20software%20extensions%20to,principles%2C%20notably%20the%20control%20loop.
Intermediate Question 7
https://www.interviewbit.com/kubernetes-interview-questions/
Intermediate Question 37
https://www.turing.com/interview-questions/kubernetes
What is Ingress Default Backend?
https://kubernetes.github.io/ingress-nginx/user-guide/default-backend/#:~:text=The%20default%20backend%20is%20a,%2Fhealthz%20that%20returns%20200
Intermediate Question 4
https://www.interviewbit.com/kubernetes-interview-questions/
How to run Kubernetes locally?
https://opensource.com/article/20/11/run-kubernetes-locally
https://www.linkedin.com/pulse/install-kubernetes-cluster-your-local-machine-andrea-de-rinaldis?utm_source=share&utm_medium=member_ios&utm_campaign=share_via
What the following in the Deployment configuration file mean?
Experienced Question 4
https://www.interviewbit.com/kubernetes-interview-questions/
How to troubleshoot if the POD is not getting scheduled?
https://stackoverflow.com/questions/36377784/pod-in-kubernetes-always-in-pending-state
https://kubernetes.io/docs/tasks/debug/debug-application/debug-pods/
In K8’s scheduler is responsible to spawn pods into nodes. There are many factors that can lead to unstartable POD. The most common one is running out of resources, use the commands like kubectl describe <POD> -n <Namespace> to see the reason why POD is not started. Also, keep an eye on kubectl to get events to see all events coming from the cluster.</Namespace></POD>
How to run a POD on a particular node?
https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
What are the different ways to provide external network connectivity to K8?
Experienced Question 7
https://www.interviewbit.com/kubernetes-interview-questions/
How can we forward the port ‘8080 (container) -> 8080 (service) -> 8080 (ingress) -> 80 (browser)and how it can be done?
Experienced Question 8
https://www.interviewbit.com/kubernetes-interview-questions/
Which programming language is Kubernetes written in?
Go
What are the main benefits that Deployments offer that Replication Controllers do not?
Strong update and rollback model
commands allow you to validate a cluster created with Kubernetes operations?
Kubeadm validate cluster
kubeadm command creates a new cluster?
Kubeadm init
Why do we need container orchestration?
Container orchestration is critical to working with containers, allowing organizations to unlock their full benefits. It can be used in any environment where you use containers.
Container orchestration is needed to manage and automate containerized applications’ deployment, scaling, and management. It helps to reduce operational overhead, increase efficiency and scalability, and ensure infrastructure availability, thus helping to improve application performance.
How does Kubernetes help in containerized deployment?
Kubernetes helps in containerized deployment by scaling, loading, balancing, and monitoring containers. You can take advantage of these features by deploying your containerized applications on a Kubernetes cluster. To do this, you create a deployment configuration that instructs Kubernetes on creating and updating instances of your application. Kubernetes manage these instances, which can automatically recover from failures and scale up or down based on demand.
Explain the cloud controller manager.
Question 27
https://www.turing.com/interview-questions/kubernetes
What are the different types of cloud controller managers?
Question 28
https://www.turing.com/interview-questions/kubernetes
List some container resource monitoring tools.
Here are some of the resource monitoring tools:
Grafana
Kibana
CAdvisor
Prometheus
SolarWinds
ElasticSearch
Sysdig
What is Grafana?
Grafana is an open-source interactive data visualization platform. It was developed by Grafana Labs, which allows users to see their data via charts, graphs, and alerts for the web when connected to supported data sources. It is divided into frontend and backend, written in TypeScript and Go, respectively.
What is CAdvisor?
CAdvisor stands for container advisor, which discovers active containers and monitors them. The tool runs as a daemon process in the background, collecting, aggregating, and processing useful DevOps information. With CAdvisor you can track historical resource usage with histograms and analyze the memory footprint of the code running on servers. It primarily helps understand resource consumption.
What is Prometheus?
Prometheus is an open-source monitoring and alerting system of the Cloud Native Computing Foundation. It was originally developed by SoundCloud and is designed to help users monitor their systems and applications by collecting and processing real-time metrics data. Prometheus has a powerful query language and a flexible alerting system that allows users to define custom rules and receive alerts when certain conditions are met.
Additionally, Prometheus offers various options for data visualization, including built-in graph and dashboarding capabilities. Prometheus supports static and dynamic service discovery mechanisms to discover and monitor targets automatically.
Which selectors does the replica set use?
A replica set in Kubernetes uses label selectors to identify which pods it should manage. The selectors specify a set of key-value pairs that the replica set uses to match against the labels applied to the pods. Set-based selectors allow filtering keys according to a set of values. There are three kinds of operators: in, not in, and exists. The replica set will look for pods whose labels match the selectors.
Which selectors do replication controllers use?
Replication controllers use label selectors to identify the set of pods that they manage. Specifically, they use equality-based selectors, which allow filtering by label key and values. These selectors look for pods with labels that match a specific key-value pair. To use an equality-based selector, you can use the “-l” or “–selector” option.
What do equality-based selectors do?
They allow filtering by label keys and values. Thus they will only look for pods with the exact same phrase as the label. When a pod or other resource is created, it can be labeled with key-value pairs. Equality-based selectors allow you to select resources based on an exact match of those key-value pairs.
How do you monitor applications in Kubernetes?
Intermediate Question 9
https://www.turing.com/interview-questions/kubernetes
Explain orchestration when it comes to software and DevOps.
Intermediate Question 13
https://www.turing.com/interview-questions/kubernetes
How do you perform maintenance on the K8 node?
This is one of the most popular k8s interview questions. When security updates become available, the Kubernetes administrator must execute the maintenance work of applying the security patch to the running container to prevent it from becoming vulnerable, which is an inevitable component of the administration. To safely drain the K8s node, use the following two commands:
kubectl cordon
kubectl drain –ignore-daemon set
How can you use Kubernetes for workload distribution optimization?
Intermediate Question 17
https://www.turing.com/interview-questions/kubernetes
How can an organization improve its technical operations and keep costs low through Kubernetes?
Intermediate Question 18
https://www.turing.com/interview-questions/kubernetes
What do you know about clusters of containers in Kubernetes?
The clusters of containers in Kubernetes are a set of nodes. They create some routes so the containers running on the nodes can communicate. They allow containers to run across multiple machines and environments, such as physical, virtual, and cloud-based. Kubernetes clusters coordinate processes such as scheduling and scaling applications, maintaining a cluster’s state, and implementing updates.
How do containers in a pod communicate?
Within a pod, containers share networking space and can reach one another through localhost. This means they can communicate using standard inter-process communication mechanisms like TCP/IP or Unix domain sockets as if running on the same machine. In addition to communicating through localhost, pod containers can communicate with each other using Kubernetes services or environment variables.
Differentiate between ConfigMaps and Secret?
Where Secret stores critical data in an encrypted format, ConfigMaps stores the configuration of an application in a normal plain text format. However, both of them can be used as volume and be mounted on a pod through a pod definition file.
Explain Kubernetes RBAC.
It stands for Role-Based Access Control. It allows the management of permissions for users and groups inside a Kubernetes cluster. With RBAC, one can set access permissions and the required conditions to fulfill to gain access. Roles define a set of permissions granted to users or groups, and role bindings associate roles with specific users or groups.
Using RBAC, you can limit access to sensitive resources and ensure that only authorized users and applications can perform certain actions within the cluster. This helps to improve the security and reliability of your Kubernetes environment.
What tools will you use for container orchestration?
Some tools we can use for container orchestration are:
Docker Swarm: It is an orchestration management tool running on Docker applications that helps in the creation and deployment of Docker nodes.
Apache Mesos: It is a cluster manager that helps in resource isolation and sharing.
Kubernetes: Kubernetes (commonly abbreviated K8s) is an open-source container orchestration system that automates software deployment, scaling, and management.
Can you list some of the objects of Kubernetes?
Here are some of the objects used by Kubernetes:
Pods
Controllers and replication set
Cron jobs
DaemonSets
Distinctive identities
Stateful sets
Deployments
Define StatefulSets.
StatefulSets are a type of workload API that manage stateful applications. They can also be used to manage the scaling and deployment of pod sets. StatefulSets are often used to manage the deployment and scaling of pods that require stable network identities and persistent storage, making them well-suited for stateful workloads.
Can you list some reasons why DaemonSets are used?
Intermediate Question 36
https://www.turing.com/interview-questions/kubernetes
Can you tell me some Kubectl commands?
Some Kubectl commands are:
kubectl annotate
kubectl config
kubectl autoscale
kubectl config current-context
kubectl apply
kubectl config set.
kubectl cluster-info
kubectl attach
What you will do to upgrade a Kubernetes cluster?
Advanced Question 1
https://www.turing.com/interview-questions/kubernetes
Explain the two types of Kubernetes pods.
Advanced Question 2
https://www.turing.com/interview-questions/kubernetes
Tell me about labels in Kubernetes.
Labels are added to objects during their creation and can be altered by the users at run time. They are precisely collections of keys that hold some values.
They are a type of metadata that work through the concept of key-value pair attached to objects. In many cases, they are also used to define “identifying aspects” of an object mainly to help the user at a later stage. Also, as they do not imply semantics to Kubernetes by default, they do not directly change any functionality like other metadata.
List some objectives of the replication controller.
Some of the objectives of a replication controller are:
Control and administer pod lifecycle
Monitor and verify the permissible number of replicas
Help user to check pod status
Enable the alteration of pod
What is persistent volume?
Persistent volume (PV) is a storage piece that an administrator provides to a Kubernetes cluster. Suppose a developer needs persistent storage for an application in a cluster; they do so by creating a persistent volume claim (PVC) and then mounting the volume to a path in the pod. Once this process is done, the pod can claim any volume matching its requirements.
Do you know anything about the Secrets in Kubernetes?
Yes, the Secrets in Kubernetes are objects that hold sensitive information such as login credentials for the user, passwords, OAuth tokens, and SSH keys. Here “Secrets” give you more control over this information and its accidental exposure. Using Secrets, Kubernetes ensures that the sensitive data is encrypted, only authorized entities can access it, and it is not exposed to unauthorized users or applications.
Tell me about Sematext Docker Agent.
The Sematext Docker Agent is a lightweight log collection agent that runs as a container on a Docker host. It collects and streams logs, events, and metrics from Docker containers and nodes to Sematext Cloud, a cloud-based monitoring and logging platform. With Sematext Docker Agent, users can monitor their Docker environments in real-time, troubleshoot issues quickly, and gain insights into container performance. Sematext Docker Agent supports Kubernetes, Docker Swarm, and other container orchestration systems.
Explain OpenShift.
It is a public cloud Kubernetes platform that aids developers in building applications. Its offerings include automated installation, life cycle management, and upgrades. OpenShift provides developers with tools and services to build, deploy, and manage applications in a containerized environment. These tools include an integrated development environment (IDE), container images, source code management, automated builds, and deployments.
Mention some differences between Kubernetes Volumes and Docker Volum
Advanced Question 9
https://www.turing.com/interview-questions/kubernetes
How can you provide API-Security on Kubernetes?
Securing APIs on Kubernetes is crucial to prevent unauthorized access and data breaches. One approach is to implement Role-Based Access Control (RBAC) policies with the kube-dashboard, which allows defining permissions for individual users or groups. Another option is to use Kubeless, a Kubernetes-native serverless framework, to protect APIs by automatically injecting security measures such as rate limiting and authentication. Additionally, it’s important to use the correct authorization mode, such as the Node Authorizer or Attribute-Based Access Control (ABAC), to ensure that only authorized requests are accepted. By combining these methods, Kubernetes can provide strong API security for your applications.
How do you debug a POD that isn’t being scheduled?
The scheduler in K8 is in charge of spawning pods into nodes. A variety of circumstances can cause unstartable POD. The most typical reason for POD not starting is a lack of resources; use commands like kubectl describe POD> -n Namespace> to find out why. Also, watch kubectl get events to observe the cluster’s events.
List some of the types of Kubernetes volumes.
Advanced Question 12
https://www.turing.com/interview-questions/kubernetes
What is PVC?
PVC stands for Persistent Volume Claim, a request made by a user for storage in a Kubernetes cluster. When a user creates a PVC, Kubernetes matches it with an appropriate Persistent Volume (PV) based on the storage requirements and properties specified in the PVC.
Persistent Volumes are network-attached storage devices that multiple pods can access in a cluster. A PVC is a request for a specific amount of storage, which is bound to a single pod or multiple pods, depending on the user’s requirements.
What do you know about Kubernetes network policy?
The Kubernetes network policy indicates how pods in the same namespace communicate with one another and the network endpoint. Network policies allow you to control traffic at the IP address and port level. With Kubernetes network policy, you can define rules that specify which traffic can flow between pods and which traffic should be blocked.
What are the limitations of using the default namespace?
Using the default namespace alone makes it difficult to keep track of all the applications you can manage in your cluster over time. Custom namespaces help in grouping apps into logical groupings, such as one namespace for monitoring programs and another for security applications, and so on. This makes it easier to manage and monitor different applications within your cluster and control access to specific resources.
How can you safely drain the K8s node?
We can use the following commands
Use the command ‘kubectl cordon’ to mark the node as “un-schedulable”. This moves the node to maintenance mode and prevents new pods from being scheduled on it.
The ‘kubectl drain –ignore-daemon-set’ command removes the existing pods from the node. The ‘–ignore-daemon-set’ option will skip over any pods that are part of a DaemonSet, which ensures that essential system services are not disrupted.
How can you perform maintenance in a single pod?
Advanced Question 17
https://www.turing.com/interview-questions/kubernetes
How can you control the usage of resources in a pod?
Advanced Question 18
https://www.turing.com/interview-questions/kubernetes
List various K8’s services that can run on nodes.
Advanced Question 19
https://www.turing.com/interview-questions/kubernetes
What is PDB (Pod Disruption Budget)?
Advanced Question 20
https://www.turing.com/interview-questions/kubernetes
Why should we use custom namespaces ?
Advanced Question 21
https://www.turing.com/interview-questions/kubernetes
Why should we use custom namespaces ?
Advanced Question 21
https://www.turing.com/interview-questions/kubernetes
What are the various logging patterns you can use to get central logs from pod?
Advanced Question 22
https://www.turing.com/interview-questions/kubernetes
In the service given below, how can you convert the spec into an external one?
Advanced Question 23
https://www.turing.com/interview-questions/kubernetes
Complete the following configuration spec file and turn it Ingress:
Advanced Question 24
https://www.turing.com/interview-questions/kubernetes
Can you schedule the pods to the node if the node is tainted?
If a node is tainted, pods will not be scheduled on it by default, but you can use tolerations in the pod spec to allow specific pods to be scheduled on the tainted node. Tolerations are used to specify that a pod can tolerate (or “ignore”) a certain taint, allowing it to be scheduled on a tainted node. This can be useful in scenarios where you want to reserve certain nodes for specific types of workloads or to mark nodes as unsuitable for certain workloads.
How can you achieve zero downtime in Kubernetes?
Advanced Question 26
https://www.turing.com/interview-questions/kubernetes
How can you check that a pod always runs?
Advanced Question 27
https://www.turing.com/interview-questions/kubernetes
How can you check that a pod always runs?
Advanced Question 27
https://www.turing.com/interview-questions/kubernetes
Can you tell if the rolling update with stateful set replicas = 1 looks right?
No, it doesn’t look right since there is only 1 replica, and any changes to the state full set may result in an outage. It means that the rolling update of a StatefulSet needs to rip apart one or more old pods before replicating them. Therefore, it’s generally recommended to have at least two replicas in a StatefulSet to ensure high availability during rolling updates.
Suppose a pod exceeds its memory limit. What signal will be sent to the process?
In such cases, SIGKILL instantly ends the container and spawns a new one using out of memory (OOM) error. This will result in the kernel sending a SIGKILL signal to the process running inside the container. By default, Kubernetes will send a SIGTERM signal to the container’s main process and wait for a certain period of time (determined by the terminationGracePeriodSeconds parameter) for the process to exit gracefully.
How can you run a pod on a specific node?
We can run a pod on a specific node using node affinity. Here, a node is assigned to an arbitrary label, and they are configured to be assigned to that node as per the label created.
For example, this code snippet creates an arbitrary label, node location, and assigns the value Germany to the node named person-01:
kubectl label nodes person-01 nodelocation=Germany
What happens when the master or the worker node fails?
Inside Kubernetes, when the master node fails, the cluster remains operational. There is no effect on the pod creation or any service member changes.
If a worker node fails, the master stops receiving updates, and any pods running on the failed worker node are terminated. The Kubernetes scheduler will then create new replicas of the terminated pods on other healthy worker nodes in the cluster.
What happens when the master or the worker node fails?
Inside Kubernetes, when the master node fails, the cluster remains operational. There is no effect on the pod creation or any service member changes.
If a worker node fails, the master stops receiving updates, and any pods running on the failed worker node are terminated. The Kubernetes scheduler will then create new replicas of the terminated pods on other healthy worker nodes in the cluster.
What happens when the master or the worker node fails?
Inside Kubernetes, when the master node fails, the cluster remains operational. There is no effect on the pod creation or any service member changes.
If a worker node fails, the master stops receiving updates, and any pods running on the failed worker node are terminated. The Kubernetes scheduler will then create new replicas of the terminated pods on other healthy worker nodes in the cluster.
