Skip to main content

K8S Interview Questions

Explain Kubernetes Architecture

  • API server, controller manager, scheduler, etcd
  • kubelet, kube-proxy, POD, containers

What is container orchestration

  • create/updaste/delete containers automatically based on the deloyment needs
  • autoscaling

What is a context

  • a combination of cluster, user, and namespace

What is Pod?

  • smallest unit in k8s
  • contains many containers

How do K8S handle container scaling?

  • HorizontalPodAutoscaler
    • specify min and max replicas
    • set a target utilization based on CPU or memory

How does kube-scheduler work?

  • its responsible for assigning Pods to Nodes
  • it evaluates constraints and readily accessible assets to identify acceptable candiate Nodes for each Pod in the scheduling queue

What does Kubelet do?

  • One kubelet on every host machine
  • responsible for communicating with api server and manages the pods on the node

What does kube-proxy do?

  • responsible for network communications, finding the pod's ip and ns names
  • it keeps track of modifications made to the service of objects and the endpoints that correspond to them, it then changes these modifications into actual network rules that are implemented into the node.

Diff between a StatefulSet and a Deployment?

  • statefulset manages pods with persistent storage, unique network identifies, and a specific order of creation and deletion.

    • intended for databases, messages queues, distributed caches, etc.
    • consistent ns names

  • deployment handles Pods without states, if a pod dies, a new pod will be generated to replace it

What is a DaemonSet?

  • One pod per host

What is a service?

  • to group a set of Pod endpoints into a single resource so that requests can go to them

ConfigMaps and Secrets?

  • secrets stored base64 encoded sensitive information
  • they can be used to bind to env variables, or as files in the container

What's a master node?

  • hosting the API server, etcd, scheduler, etc

What is Ingress?

  • It expose HTTP and HTTPS routes from outside the cluster to services inside the cluster. It provides a single entry point into a cluster. It allows more straightforward management applications and troubleshooting routing issues

What is a ConfigMap?

  • used to store several key-value pairs for configuration purposes
  • ConfigMaps can be created from file, literal, or from env-file
  • ConfigMaps can be injected into Pods as Env, or files
  • ConfigMaps can be set as immutable

What is a Secret?

  • similar to a ConfigMap, but designed for sensitive information
  • Types of secrets:
    • opaque, dockerconfigjson, basic-auth, ssh-auth, tls, token

Role of ETCD in kubernetes?

  • the centrl database

How do rolling updates work in a Deployment?

  • After the deployment yaml file is updated, we can start a roling update
  • it will gradually start new Pods and terminate old pods. Old pods are only terminated after new Pods are up and running

What is a namespace?

  • Organize objects into namespaces to allow RBAC

Labels and Selectors?

  • labels are used to mark resources, selectors are set of rules to decide which resource to pick based on its labels

What is a PV?

  • it represent a storage block, either within the same host or from another host on the network, or even a cloud storage

How does internal network communication work?

  • K8S has a virtual internal network. Each pod has its own internal IP

Advantage?

  • self healing
  • auto scaler
  • PV and PVC
  • RBAC
  • etc

Custom Resource?

What is a service?

  • a way to bind an internal IP to a set of pods
  • ClusterIP, NodePort, LoadBalancer, ExternalName

What is Ingress?

  • a external load balancer
  • a set of rules to route external traffic to internal services

How ddoes K8S handle security and access control?

  • RBAC

Taints and Tolerations?

What is Resource Quota?

  • a upper bound on resource consumption within a namespace

What is LimitRange

  • applied to containers to set default/max resource it can use

What is a finalizer?

  • operations that must be completed before a resource can be deleted

What is a Container Probe?

  • Startup Probe, liveness probe, readiness probe

Pod Quality of Service

  • needed so that K8S can make a decisions about which Pods to evict when resources are running out on a Node
  • Guaranteed, Burstable, BestEffort

Priority Class

  • a number assigned to each Pod to indicate the level of importance

Init Container

  • run sequentially

Sidecar Container

  • a init container with a "Always" restart policy

Ephemeral Container

  • a temporary container environment within the Pod, helps to debug a failed/stuck container
  • kubectl debug -it ephemeral-demo --image=busybox:1.28 --target=ephemeral-demo

Static Pods?

  • Created and managed by the kubernetes control plane, defined in the node's configuration files

Storage Class?

  • a blueprint for creating storage in kubernetes clusters
  • type, provisioner, and other properties of the storage
  • Default Storage Class
  • if a PVC cannot be satisfied, the defaultStorageClass will try to allocate that PV

Type of volumes

  • configMap
  • downwardAPI
  • emptyDir
  • hostPath
  • image
  • iscsi
  • local
  • nfs
  • projected

What is Container Storage Interface?

Back to top