Kubernetes Fundamentals

Question 1

Kubernetes is often used as a ______, which means that it is spanned across multiple servers that work on different tasks and to distribute the load of a system.

Answer 1

Cluster

Question 2

Name the two types of server nodes that make up a Kubernetes Cluster.

Answer 2

1) Control plane nodes
2) Worker nodes

Question 3

What does the control plane node do?

Answer 3

Control plane nodes contain various components which manage the cluster and control various tasks, such as deployment, scheduling and self-healing.

Question 4

What does the worker node do?

Answer 4

Applications run on the worker node. Their behavior is controlled by the control plane node.

Question 5

Which services are typically hosted on the control plane node?

Answer 5

1) kube-apiserver
2) kube-scheduler
3) kube-controller-manager
4) etcd
5) cloud-controller-manager

Question 6

Which services are typically hosted on the worker node?

Answer 6

1) container runtime
2) kubelet
3) kube-proxy

Question 7

What is a Kubernetes namespace?

Answer 7

A Kubernetes namespace can be used to divide a cluster into multiple virtual clusters, which can be used for multi-tenancy when multiple teams share a cluster.

Question 8

The ________ is the centerpiece of Kubernetes. All other components interact with it and this is where users would access the cluster.

Answer 8

kube-apiserver

Question 9

________ is a database which holds the state of a cluster.

Answer 9

etcd

Question 10

When a new workload should be scheduled, the __________ chooses a worker node that could fit, based on different properties like CPU and memory.

Answer 10

kube-scheduler

Question 11

The _____________ contains different non-terminating control loops that manage the state of the cluster. For example, one of these control loops can make sure that a desired number of your application is available all the time.

Answer 11

kube-controller-manager

Question 12

The _____________ can be used to interact with the API of cloud providers, to create external resources like load balancers, storage or security groups.

Answer 12

cloud-controller-manager

Question 13

The _________ _________ is responsible for running the containers on the worker node. For a long time, Docker was the most popular choice, but is now replaced in favor of other runtimes like containerd.

Answer 13

container runtime

Question 14

__________ is a small agent that runs on every worker node in the cluster. It talks to the api-server and the container runtime to handle the final stage of starting containers.

Answer 14

kubelet

Question 15

_________ is a network proxy that handles inside and outside communication of your cluster. Instead of managing traffic flow on its own, it tries to rely on the networking capabilities of the underlying operating system if possible.

Answer 15

kube-proxy

Question 16

What three tools can be used to create a test cluster?

Answer 16

1. Minikube
2. kind
3. MicroK8s

Question 17

Which installers can be used to setup a production-grade cluster on your own hardware or virtual machines?

Answer 17

1. kubeadm
2. kops
3. kubespray

Question 18

What are some commercial Kubernetes distributions?

Answer 18

1. Rancher
2. k3s
3. OpenShift
4. VMWare Tanzu

Question 19

What Kubernetes services are offered by cloud providers?

Answer 19

1. Amazon (EKS)
2. Google (GKE)
3. Microsoft (AKS)
4. DigitalOcean (DOKS)

Question 20

Before a request is processed by Kubernetes, what three stages does it have to go through?

Answer 20

1. Authentication
2. Authorization
3. Admission Control

Question 21

Kubernetes users are always _________ managed. ________ _______ can be used to authenticate technical users.

Answer 21

Externally, Service Accounts

Question 22

_________ decides what the requester is allowed to do. In Kubernetes this can be done with __________.

Answer 22

Authorization, RBAC (Role-Based Access Control)

Question 23

In the last step, _________ _________ can be used to modify or validate a request. Tools like the _______ _______ ______ can be used to manage _______ ________ externally.

Answer 23

Admission controllers, Open Policy Agent, admission control

Question 24

In Kuberentes, what is a Pod?

Answer 24

Pods are the smallest compute unit and can be thought of as a wrapper around a container.

Question 25

Which container runtimes are available with CRI?

Answer 25

1. containerd
2. CRI-O
3. Docker

Question 26

____________ is a lightweight and performant implementation to run containers. Arguably it is the most popular container runtime right now. It is used by all major cloud providers for the Kubernetes As A Service products.

Answer 26

containerd

Question 27

___________ was created by Red Hat and with a similar code base closely related to podman and buildah.

Answer 27

CRI-O

Question 28

The standard for a long time, but never really made for container orchestration. The usage of _______ as the runtime for Kubernetes has been deprecated and removed in Kubernetes 1.24. Kubernetes has a great blog article that answers all the questions on the matter.

Answer 28

Docker

Question 29

What are the two most common tools that try to solve the security problem of Kubernetes sharing the kernel?

Answer 29

1. gvisor
2. Kata Containers

Question 30

Made by Google, __________ provides an application kernel that sits between the containerized process and the host kernel.

Answer 30

gvisor

Question 31

____________ _________ is a secure runtime that provides a lightweight virtual machine, but behaves like a container.

Answer 31

Kata Containers

Question 32

What are the four different networking problems that Kubernetes aims to solve?

Answer 32

1. Container-to-Container communications
2. Pod-to-Pod communications
3. Pod-to-Service communications
4. External-to-Service communications

Question 33

What are the three important requirements for implementing networking in Kubernetes?

Answer 33

1. All pods can communicate with each other across nodes.
2. All nodes can communicate with all pods.
3. No Network Address Translation (NAT).

Question 34

__________ can be solved by Pods.

Answer 34

Container-to-Container communications

Question 35

_________ can be solved with an overlay network.

Answer 35

Pod-to-Pod communications

Question 36

__________ and _________ is implemented by the kube-proxy and packet filter on the node.

Answer 36

Pod-to-Service and External-to-Service communications

Question 37

Name three network vendors can you choose from to implement networking.

Answer 37

1. Project Calico
2. Weave
3. Cilium

Question 38

Most Kubernetes setups include a DNS server add-on called _________ , which can provide service discovery and name resolution inside the cluster.

Answer 38

core-dns

Question 39

What are Network Policies?

Answer 39

Network Policies act as cluster internal firewalls. Network policies can be defined for a set of pods or namespaces.

Question 40

Network Policies are implemented by the __________ plugin.

Answer 40

network

Question 41

In Kubernetes, what is scheduling?

Answer 41

Scheduling is a sub-category of container orchestration and describes the process of automatically choosing the right (worker) node to run a containerized workload on.

Question 42

In a Kubernetes cluster, the ___________ is the component that makes the scheduling decision, but is not responsible for starting the workload.

Answer 42

kube-scheduler

Question 43

Regarding Pods, what is the default behavior of Kubernetes schedulers?

Answer 43

The default behavior is to schedule the Pod on the node with the least amount of Pods.