Day 86: Kubernetes Interview Questions

Introduction:

Kubernetes is a container orchestration platform that automates the deployment, scaling, and management of containerized applications, streamlining the process of running and maintaining applications in dynamic and scalable environments.

Kubernetes, often abbreviated as K8s, acts as a powerful conductor for containerized applications. In the world of software development, containers are like lightweight, standalone packages that encapsulate everything needed to run an application. Kubernetes takes these containers and orchestrates their deployment and management across a cluster of machines.

Imagine you have a fleet of containers, each representing a different part of your application. Kubernetes ensures these containers are always in the right place, at the right time, and in the right quantity. It can automatically scale your application based on demand, distribute traffic among different parts, and recover from failures, making sure your application runs reliably and efficiently.

In essence, Kubernetes provides a flexible and automated infrastructure for deploying, scaling, and managing applications, allowing developers to focus on building great software without worrying about the underlying complexities of deployment and maintenance.

---

1. What is Kubernetes?

   • Answer: Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It abstracts the complexity of managing containerized workloads, providing a framework for automating the deployment, scaling, and operations of application containers across clusters of hosts.

2. Explain the architecture of Kubernetes.

   • Answer: The architecture comprises a Master node and multiple Worker nodes. The Master node includes the API server (front end for Kubernetes control plane), Controller Manager (manages controllers), Scheduler (assigns nodes to newly created Pods), and etcd (distributed key-value store). Worker nodes run kubelet (communicates with the master and manages containers), kube-proxy (maintains network rules), and a container runtime.

3. How to monitor Kubernetes?

   • Answer: Monitoring Kubernetes involves using tools like Prometheus for collecting metrics, Grafana for visualization, and native Kubernetes solutions like kube-state-metrics for cluster state information and cAdvisor for container-level metrics. The Kubernetes dashboard also provides a web-based interface for monitoring.

4. How to do maintenance activity on the K8 node?

   • Answer: Maintenance activities involve draining the node, which involves evicting the pods gracefully, marking the node as unschedulable, performing maintenance tasks, and then marking it as schedulable again. This ensures minimal disruption to running applications.

5. How do we control the resource usage of POD?

   • Answer: Resource usage is controlled using resource requests (the amount of resources the container gets initially) and limits (the maximum amount of resources a container can use). This prevents a single container from consuming all available resources and impacting other containers on the same node.

6. What is PDB (Pod Disruption Budget)?

   • Answer: Pod Disruption Budget is a policy that defines the maximum number of concurrently disrupted pods during voluntary disruptions, such as during updates or maintenance. It helps maintain application availability by limiting the impact of disruptions.

7. What is the function of Kubectl?

   • Answer: Kubectl is a command-line tool that interacts with the Kubernetes API server, allowing users to manage clusters, deploy applications, inspect and manage cluster resources, and troubleshoot issues. It is a versatile tool for developers and administrators working with Kubernetes.

8. Differentiate between Docker Swarm & Kubernetes?

   • Answer: Both are container orchestration tools, but Kubernetes is more feature-rich and widely adopted. Docker Swarm is simpler, integrated with Docker, and suitable for smaller-scale deployments. Kubernetes provides a comprehensive set of features, including advanced scheduling, scaling, and service discovery, making it more suitable for complex applications and large-scale deployments.

9. How is Kubernetes related to Docker?

   • Answer: Kubernetes can orchestrate containers created by different container runtimes, but Docker is often the default runtime used with Kubernetes. Kubernetes is container runtime-agnostic, allowing users to choose other runtimes if needed.

10. How to secure K8s hosts?

    • Answer: Securing Kubernetes hosts involves regular system updates, securing communication channels using TLS, implementing RBAC to control access, securing etcd with authentication and encryption, and applying security best practices for container runtimes like Docker. Regular audits and adherence to security guidelines ensure a robust security posture.

11. List sensitive ports of Kubernetes

    • Answer: Sensitive ports include:

      • API Server (6443): This is the primary port for communication with the Kubernetes API, and securing it is crucial for controlling access to the cluster.

      • etcd (2379, 2380): These ports are used for communication with the etcd database, which stores cluster configuration and state information.

      • Kubelet (10250, 10255): These ports are used for communication with the Kubelet on each node and provide health and monitoring information.

      • Kube-scheduler (10251): This port is used for communication with the scheduler, which makes decisions about where to deploy pods in the cluster.

      • Kube-controller-manager (10252): This port is used for communication with the controller manager, which manages different controllers responsible for different aspects of the cluster.

12. How to get the central logs from POD?

    • Answer: Centralized logs are commonly achieved using solutions like the EFK stack (Elasticsearch, Fluentd, Kibana) or Prometheus and Grafana. These tools allow aggregation, storage, and visualization of logs from multiple Pods, providing a centralized and searchable interface for monitoring and troubleshooting.

13. What is Kubelet?

    • Answer: Kubelet is a critical Kubernetes component running on each node. It ensures that containers within Pods are running and healthy. It communicates with the container runtime (e.g., Docker) to manage container lifecycle, starting, stopping, and monitoring containers. Additionally, Kubelet reports node status and performance metrics to the control plane.

14. What is the role of kube-apiserver and kube-scheduler?

    • Answer: The kube-apiserver acts as the API frontend for the Kubernetes control plane. It validates and processes API requests, serving as the central communication hub. On the other hand, kube-scheduler is responsible for making decisions about where to place Pods in the cluster. It considers factors like resource requirements, policies, and availability when scheduling Pods onto nodes.

15. Explain about the Kubernetes controller manager

    • Answer: The Kubernetes controller manager embeds various controllers, each responsible for managing different aspects of the cluster. Controllers continuously watch the state of the system through the API server and take corrective actions to ensure the desired state. Examples include the Replication Controller, Endpoints Controller, and Namespace Controller.

16. What is ETCD?

    • Answer: etcd is a distributed, consistent, and highly available key-value store used as the primary backing store for all cluster data in Kubernetes. It stores configuration data, metadata, and state information, ensuring data consistency across the cluster. etcd's reliability is crucial for maintaining the overall stability and resilience of the Kubernetes control plane.

17. What are the different types of services in Kubernetes?

    • Answer: Kubernetes supports several service types. ClusterIP for internal services, NodePort for exposing services on each node's IP at a static port, LoadBalancer for provisioning external load balancers (common in cloud environments), and ExternalName for mapping services to external DNS names.

18. What is a load balancer in Kubernetes?

    • Answer: In Kubernetes, a LoadBalancer service type automatically provisions an external load balancer to distribute traffic among the service's Pods. This is particularly useful in cloud environments, where the external load balancer ensures traffic is distributed across multiple nodes running the service.

19. What is Ingress network, and how does it work?

    • Answer: Ingress is an API object that manages external access to services within a Kubernetes cluster. It provides a way to define rules for routing external HTTP/S traffic to services, allowing for more sophisticated traffic management. Ingress controllers, like Nginx or Traefik, implement these rules and enable features like SSL termination and virtual hosting.

20. What is the difference between a replica set and a replication controller?

    • Answer: Both replica sets and replication controllers ensure a specified number of replicas are running, but replica sets use set-based selectors, allowing more expressive matching criteria. Replication controllers use only equality-based selectors. In practical terms, replica sets are considered the successor to replication controllers and offer more flexibility.

21. What is a Headless Service?

    • Answer: A Headless Service in Kubernetes is a service without a cluster IP. It is used when load balancing is not required, and each Pod associated with the service should have its DNS record. This allows direct communication between Pods using DNS names, making it suitable for stateful applications and scenarios where each Pod has a unique identity.

22. How can a company shift from monolithic to microservices and deploy their services in containers?

    • Answer: Shifting from monolithic to microservices involves breaking down a monolithic application into smaller, independent services. Containers, such as Docker, provide a consistent environment for these services. Adopting container orchestration tools like Kubernetes helps manage, deploy, and scale microservices effectively.

23. How can a company increase efficiency and speed of technical operations by maintaining minimal costs in DevOps methodology?

    • Answer: Implementing Continuous Integration/Continuous Deployment (CI/CD) pipelines automates testing, builds, and deployments, reducing manual efforts. Infrastructure as Code (IaC) enables consistent and automated infrastructure provisioning, minimizing costs. Monitoring tools ensure quick issue detection and resolution, enhancing overall efficiency.

24. What is the use of Transport Layer Security (TLS) in K8s?

    • Answer: TLS in Kubernetes ensures secure communication between various components, including the API server, etcd, and between Pods. It encrypts data in transit, providing confidentiality and integrity, and helps secure communication channels within the cluster.

25. What are minions in the Kubernetes cluster?

    • Answer: In older versions of Kubernetes, nodes in the cluster were referred to as "minions." However, the term has been deprecated, and now nodes are simply called "nodes" or "worker nodes."

26. Where is the cluster data stored in Kubernetes?

    • Answer: The cluster data in Kubernetes, including configuration, metadata, and state information, is primarily stored in etcd. Etcd is a distributed key-value store that maintains the state of the entire cluster.

27. What are the core Kubernetes objects?

    • Answer: Core Kubernetes objects include Pods, Services, Replication Controllers, Replica Sets, Deployments, ConfigMaps, Secrets, Namespaces, Persistent Volumes, and Persistent Volume Claims.

28. What are the responsibilities of the Replication Controller?

    • Answer: The Replication Controller ensures the desired number of replicas (Pods) are running and maintains high availability. It monitors the state of Pods and takes corrective actions if the actual state deviates from the desired state, such as scaling up or down based on defined replication settings.

29. How to define a service without a selector in Kubernetes?

    • Answer: Defining a service without a selector is achieved by specifying the selector field as an empty map in the service definition. This effectively means the service does not target any specific Pods. It's commonly used for headless services or when external entities handle service discovery. Example YAML snippet:

        apiVersion: v1
        kind: Service
        metadata:
          name: my-service
        spec:
          selector: {}
          ports:
            - protocol: TCP
              port: 80
              targetPort: 8080
      

30. The command used to delete a service in Kubernetes is:

    kubectl delete service <service-name>
    

    Replace <service-name> with the actual name of the service you want to delete. This command will remove the specified service from the Kubernetes cluster.

31. Define Daemon Sets:

    • Answer: Daemon Sets ensure that all (or some) nodes run a copy of a Pod. They are used for deploying system daemons or background services that need to run on all nodes, such as log collectors or monitoring agents. Daemon Sets ensure that specified Pods run on every node in a cluster, maintaining a consistent environment.

32. Why use Namespace in Kubernetes?

    • Answer: Namespaces provide a way to divide cluster resources between multiple users, teams, or projects. They help in organizing and isolating resources, preventing naming conflicts, and allowing finer control over access and resource allocation. Namespaces offer a logical separation of cluster resources, enhancing scalability and resource management.

33. Mention the types of Controller Managers:

    • Answer: Kubernetes has several controller managers, including:

      • Replication Controller Manager: Ensures the desired number of Pods are running.

      • Node Controller Manager: Handles various node-related functions.

      • Namespace Controller Manager: Maintains namespaces.

      • Service Account & Token Controller Manager: Manages service accounts and API access tokens. Each manager plays a specific role in maintaining the desired state of the cluster, contributing to its reliability and consistency.

34. Define Cluster IP:

    • Answer: Cluster IP is an internal IP address assigned to a Service in a Kubernetes cluster. It allows communication between different parts of the application within the cluster. It's not accessible from outside the cluster. Cluster IP ensures that Pods within the same cluster can communicate seamlessly through a consistent internal IP address, facilitating inter-service communication.

35. What are the disadvantages of Kubernetes?

    • Answer: Disadvantages include complexity in setup, steep learning curve, resource-intensive, and potential resource overhead. It may not be suitable for smaller applications, and managing persistent storage can be challenging. Kubernetes' complexity may pose challenges for small projects, and its resource requirements demand careful consideration during implementation.

36. How to run Kubernetes locally?

    • Answer: Kubernetes can be run locally using tools like Minikube or Kind (Kubernetes in Docker). These tools provide a single-node Kubernetes cluster on your local machine for development, testing, and learning Kubernetes concepts. Running Kubernetes locally facilitates a development environment that mirrors a production-like Kubernetes setup.

37. What are the important components of node status?

    • Answer: Important components of node status include capacity (available resources), allocatable resources, node conditions (Ready status), addresses (IP addresses), and usage statistics. These components collectively provide insights into the health and availability of individual nodes within the cluster.

38. What is Minikube?

    • Answer: Minikube is a tool that enables running Kubernetes clusters locally. It creates a single-node cluster on your machine, suitable for development, testing, and learning Kubernetes concepts. Minikube simplifies the process of setting up a local Kubernetes environment, allowing developers to experiment and develop applications.

39. What is GKE?

    • Answer: Google Kubernetes Engine (GKE) is a managed Kubernetes service provided by Google Cloud Platform (GCP). It simplifies Kubernetes deployment, management, and scaling on Google Cloud infrastructure. GKE abstracts away the complexities of managing Kubernetes clusters, offering a fully managed solution.

40. Mention the uses of GKE:

    • Answer: GKE is used for deploying, managing, and scaling containerized applications using Kubernetes on Google Cloud. It provides automated operations, built-in security features, and seamless integration with other GCP services. GKE accelerates the development and deployment of containerized applications on Google Cloud, leveraging the benefits of Kubernetes.

41. Define Stateful Sets in Kubernetes:

    • Answer: Stateful Sets are a type of workload controller in Kubernetes that provides guarantees about the ordering and uniqueness of Pods. They are often used for stateful applications that require stable network identifiers and persistent storage. Stateful Sets ensure that each Pod has a unique identifier and maintains a stable network identity, crucial for stateful applications like databases.

42. List out some important Kubectl commands:

    • Answer:

      • kubectl get pods: List all Pods.

      • kubectl describe pod <pod-name>: Show detailed information about a Pod.

      • kubectl apply -f <filename>: Apply a configuration file to create or update resources.

      • kubectl logs <pod-name>: Print the logs of a Pod.

      • These commands are foundational for interacting with and managing resources in a Kubernetes cluster.

43. Explain the types of Kubernetes Pods:

    • Answer: Types include:

      • Single-container Pods: One container per Pod.

      • Multi-container Pods: Multiple containers sharing the same network namespace.

      • Init Containers: Run before the main application container to complete setup tasks. Single-container Pods are straightforward, while multi-container Pods allow containers to share resources and communication. Init Containers perform setup tasks before the main application starts.

44. What are the labels in Kubernetes?

    • Answer: Labels are key-value pairs attached to Kubernetes objects. They are used for identifying, organizing, and selecting objects. Labels play a crucial role in grouping and managing resources. Labels provide metadata to Kubernetes objects, enabling efficient organization, grouping, and selection based on specific characteristics.

45. What do you mean by Persistent Volume?

    • Answer: A Persistent Volume (PV) in Kubernetes is a storage resource in the cluster that has been provisioned by an administrator. It exists independently of a Pod and retains data beyond the lifecycle of individual Pods. Persistent Volumes provide a mechanism for decoupling storage from Pods, allowing data to persist across Pod restarts.

46. What is the Kubernetes Network Policy?

    • Answer: Network Policy in Kubernetes is a specification that defines how groups of Pods are allowed to communicate with each other and other network endpoints. It provides fine-grained control over ingress and egress traffic. Network Policy allows administrators to define rules governing communication between different Pods, enhancing security and network isolation.

47. Explain PVC:

    • Answer: PVC stands for Persistent Volume Claim. It is a request for storage by a user in a cluster. When a user creates a PVC, it allows them to use storage resources from a Persistent Volume. PVC acts as a user's request for storage, and upon successful claim, it binds to an available Persistent Volume.

48. What are federated clusters?

    • Answer: Federated clusters in Kubernetes involve managing multiple Kubernetes clusters as a single logical entity. It allows the coordination of resources and configurations across clusters for unified management. Federated clusters enable centralized control and policy enforcement across a distributed set of Kubernetes clusters.

49. What is Sematext Docker Agent?

    • Answer: Sematext Docker Agent is a monitoring and log collection agent for Docker containers and Kubernetes. It provides insights into container performance, resource usage, and log data. Sematext Docker Agent assists in monitoring and managing the performance of containerized applications, ensuring optimal resource utilization.

50. What are the types of Kubernetes Volume?

    • Answer: Types include:

      • EmptyDir: Volume is created when a Pod is assigned to a node and exists as long as the Pod is running.

      • HostPath: Uses a file or directory on the host

---

Conclusion:

Kubernetes emerges as a powerful orchestrator in the realm of containerized applications. Its ability to automate deployment, scaling, and management streamlines the complex task of running applications in dynamic and scalable environments. Acting as a conductor for containerized applications, Kubernetes ensures they are always in the right place, at the right time, and in the right quantity. This flexibility, coupled with automated infrastructure management, empowers developers to concentrate on building exceptional software without being bogged down by the intricacies of deployment and maintenance. As organizations continue to embrace microservices and containerization, Kubernetes stands as a pivotal tool, providing the necessary framework for efficient, scalable, and reliable application deployment.

Hope you like my post. Don't forget to like, comment, and share.