Recap Core Concepts

Question 1

What are parts of the Open Container Initiative?

Answer 1

• imagespec: specifications on how an image should be build
• runtimespec: how any container runtime should be build

Question 2

What is the tool ‘ctr’?

Answer 2

• CLI
• comes with containerD
• made for debugging containerD
• only supports limited set of features

Question 3

What is ‘nerdctl’?

Answer 3

• CLI
• provides a Docker-like CLI for containerD
• very similiar to Docker commands
• supports most of the options docker offers
• supports: Lazy Pulling, encrypted container images, …

Question 3

What is ‘crictl’?

Answer 3

• CLI for CRI compatible container runtimes
• command line utility used to interact with the CRI compatible runtime
• installed separately
• comes from Kubernetes perspective
• works across different runtimes
• used to inspect and debug container runtimes

Question 4

Name a few ‘crictl’ commands

Answer 4

• crictl
• crictl pull busybox : pulls an image
• crictl images : list existing images
• crictl ps -a : list containers
• crictl exec -i -t 3e024dd50a72.. ls : run a command inside a container, with same options (-i for staying open, even when not attached, -t for allocating a pseudo -tty)
• crictl logs < container-id>
• crictl pods
• crictl inspect …
• crictl attach …

Question 4

How are endpoints handled with crictl?

Answer 4

• users are encouraged to manually manage endpoints for interaction
• ‘crictl –runtime-endpoint’
• ‘crictl –image-endpoint
• or by setting the environment variables

Question 5

In a ‘kubectl delete’ command, how do you terminate multiple pods?

Answer 5

• by chaining htem together with space

‘kubectl delete pod new-pod-1 new-pod-2 new-pod-3’

Question 6

Name a few options for the Output format flag for commands

Answer 6

‘kubectl [command] [TYPE] [NAME] -o < output-format>’

-o json -> JSON formatted API object
-o name -> print only resource name
-o wide -> plain text with additional information
-o yaml -> yaml formatted api object

Question 7

What is the default namespace and when is it created?

Answer 7

‘Default’-namespace
- created when the cluster is the first time set up

Question 8

What is the namespace called, that is used for internal purposes, such as thos required by networking solution, DNS service etc

Answer 8

kube-system
- created at cluster-startup

Question 9

What is the namespace called with resources that should be made available to all users?

Answer 9

kube-public

Question 10

Which namespaces are created with cluster-startup?

Answer 10

kube-system
default
kube-public

Question 11

What can be set for namespaces?

Answer 11

• own set of policies, who can do what
• quota of resources, that is allowed to use

Question 12

How would it be possible to connect a container from one namespace to a container in a different namespace?

Answer 12

• by appending the namespace to the application name
  ‘db-service’
  ->
  ‘db-service.dev.svc.cluster.local’
  -> possible, because when service is created, a DNS entry is created automatically in this format

‘cluster.local’ is the default domain name of kubernetes cluster
‘svc’ is subdomain of service
‘dev’ is the namespace
‘db-service’ is the service name

Question 13

How is a dns-entry for a service name structured?

Answer 13

SERVICE-NAME.NAMESPACE.svc.cluster.local

Question 14

How can you specify the namespace in a kubectl command?

Answer 14

‘kubectl get pods –namespace=kube-system’
or ‘-n’ in short for namespace

Question 15

How does a yaml file look with the namespace definition included?

Answer 15

apiVersion:
kind:
metadata:
    name: xxx
    namespace: dev
    labels:
	  
		
spec:

Question 16

How do you create a new namespace?

Answer 16

Like any other object, yaml

apiVersion: v1
kind: Namespace
metadata:
  name: dev

OR
‘kubectl create namespace name’

Question 17

How do we switch to a different namespace?

Answer 17

‘kubectl config set-context $(kubectl config current-context) –namespace=dev’

(kubectl config current-context) -> identifies the current context and then sets it

Question 18

How can we see the pods from all namespaces?

Answer 18

‘kubectl get pods –all-namespaces’

Question 19

How do we limit the resources used in a namespace?

Answer 19

• using a resource quota
• yaml-definition file

apiVersion: v1
kind: ResourceQuota
metadata: 
  name: compute-quota
	namespace: dev
spec:
  hard:
	  pods: "10"
		requests.cpu: "4"
		requests.memory: 5Gi
		limits.cpu: "10"
		limits.memory: 10Gi

Question 20

What does the addition ‘-A’ do to a command?

Answer 20

• covers all the namespaces

kubectl get pods -A
equals
kubectl get pods –all-namespaces

Question 21

What is command to create a deployment with a certain image and number of replicas?

Answer 21

kubectl create deployment nginx-deployment –image=nginx –replicas=4

Question 22

How can you generate from the cl a yaml file for a deployment

Answer 22

kubectl create deployment nginx-deployment –image=nginx –replicas=4 -o yaml > deployment-definition.yaml

Question 23

How can you expose a pod with a service via cl?

Answer 23

kubectl expose pod nginx –port=6379 –name=nginx-service –type=NodePort

The NodePort then needs to be specified after generating the yaml or service

Question 24

What is important about the order of creating services and pods?

Answer 24

• when creating pods, services that should be connected should be created beforehand
• when a pod is created, the environment variables are being set, including the service only if it was created before the pod

Question 25

How do you create a pod with certain labels?

Answer 25

kubectl run nginx –image=nginx –labels=”tier:frontend, env=prod”

Question 26

How can you specify the container port for a pod you want to deploy via the cl?

Answer 26

kubectl run custom-nginx –image=nginx –port=8080

Question 27

What does ‘kubectl config view | grep namespace’ do?

Answer 27

Shows the namespace entry in the current context

Question 28

How can we expose a service and create a pod in one command?

Answer 28

kubectl run redis –image=redis –port=80 –expose=true