Share with friends
Feeling ready to take your Kubernetes skills to the next level? This section is all about services, networking, and how to scale things up (or down) when you need to. Answering these questions will show interviewers you can handle complex container situations like a champ.
More on the topic
Kubernetes Interview Questions - Beginner Level
Kubernetes Interview Questions - Medium Level Part 1
Kubernetes Interview Questions - Medium Level Part 2
Kubernetes Interview Questions - Advanced Level Part 1
Kubernetes Interview Questions - Advanced Level Part 2
Kubernetes Interview Questions - Advanced Level Part 3
Kubernetes Interview Questions - Advanced Level Part 4
Medium Level Kubernetes Interview Questions
1. What are StatefulSets in Kubernetes, and how do they differ from Deployments?
Answer: StatefulSets come in handy when you're managing applications that need to keep track of their state. Unlike Deployments, StatefulSets make sure that each Pod has its own unique identity. This way, you can be sure that they're deployed in a specific order and that their persistent storage stays intact.
2. Explain the concept of a Persistent Volume (PV) and Persistent Volume Claim (PVC) in Kubernetes.
Answer: PV stands for Persistent Volume. It's like a storage space in the cluster. It can be set up by an admin or created dynamically using Storage Classes. PVC is a request for storage by a user. Pods use PVCs to request storage resources.
3. How does Kubernetes handle secrets and sensitive data?
Answer: Kubernetes uses Secrets to manage sensitive data such as passwords, OAuth tokens, and SSH keys. Secrets are base64 encoded and can be mounted as volumes or exposed as environment variables to Pods.
4. Describe the different types of Kubernetes services.
Answer: The different types of services are ClusterIP (default, accessible only within the cluster), NodePort (exposes the service on a static port on each node), LoadBalancer (uses a cloud provider's load balancer), and ExternalName (maps a service to a DNS name).
5. What is the purpose of Ingress in Kubernetes?
Answer: Ingress is like a traffic cop for your services in a cluster, especially when it comes to HTTP. It makes sure requests get to the right place, handles SSL stuff, and even helps with naming and hosting.
6. Explain the concept of a DaemonSet in Kubernetes.
Answer: A DaemonSet ensures that a copy of a Pod runs on all or some nodes in the cluster. It is used for running background tasks like log collection, monitoring, and node maintenance.
7. What are Kubernetes Operators, and how do they work?
Answer: Operators extend Kubernetes capabilities by managing custom resources. They use custom controllers to manage applications and their components, ensuring their desired state.
8. What is Helm in Kubernetes?
Answer: Helm, a package manager for Kubernetes, facilitates the definition, installation, and upgrading of intricate Kubernetes applications by utilizing Helm charts.
9. How do you manage application configurations using ConfigMaps in Kubernetes?
Answer: ConfigMaps are used to keep track of non-secret settings as key-value combos. They can be mounted as volumes or injected as environment variables into Pods.
10. Describe a Kubernetes Admission Controller and its purpose.
Answer: Admission Controllers are plugins that govern and enforce policies on objects during their creation, modification, and deletion. They can validate requests, mutate objects, and enforce security policies.
11. What are Kubernetes Custom Resource Definitions (CRDs)?
Answer: CRDs allow users to define their own resource types and make Kubernetes API extensible. They enable the creation of custom objects and controllers to manage those objects.
12. How does Kubernetes handle application upgrades?
Answer: Kubernetes handles application upgrades through rolling updates, ensuring zero downtime. It gradually replaces old Pods with new ones, monitoring their health before proceeding.
13. What is the difference between a Job and a CronJob in Kubernetes?
Answer: A Job creates one or more Pods to perform a task and then terminates. A CronJob runs Jobs on a scheduled basis, similar to cron jobs in Unix systems.
14. How do you secure a Kubernetes cluster?
Answer: Security measures include using RBAC for access control, network policies for restricting communication, securing the API server, regularly updating the cluster, and using Secrets for sensitive data.
15. Explain the purpose of Kubernetes Namespaces.
Answer: Namespaces provide a way to divide cluster resources between multiple users or applications. They help organize resources, apply policies, and manage access controls within the cluster.
16. What is the role of the Kubernetes Scheduler?
Answer: The Kubernetes Scheduler assigns Pods to nodes based on resource availability, constraints, and affinity/anti-affinity rules. It ensures balanced distribution of workloads.
17. Describe the process of rolling back a Deployment in Kubernetes.
Answer: Rolling back a Deployment involves reverting to a previous version using the kubectl rollout undo
command. This restores the Deployment to its prior state.
18. What is a Resource Quota in Kubernetes, and how is it used?
Answer: A Resource Quota sets limits on the amount of resources (CPU, memory, objects) that can be consumed by a namespace. It ensures fair resource distribution and prevents resource exhaustion.
19. How does Kubernetes handle high availability and fault tolerance?
Answer: Kubernetes ensures high availability through replication, auto-scaling, self-healing, and load balancing. It uses controllers to manage Pod lifecycles and distribute workloads across nodes.
20. What are Kubernetes Annotations, and how are they different from Labels?
Answer: Annotations are used to attach arbitrary metadata to objects for external tools. Unlike labels, they are not used for selection or organization purposes but for storing non-identifying information.
21. What are Kubernetes Taints and Tolerations?
Answer: Taints are applied to nodes to repel specific Pods. Tolerations are applied to Pods to allow them to be scheduled on nodes with matching taints. This helps control Pod placement.
apiVersion: v1
kind: Pod
metadata:
name: example-pod
spec:
tolerations:
- key: "key1"
operator: "Equal"
value: "value1"
effect: "NoSchedule"
22. Explain how Horizontal Pod Autoscaling works in Kubernetes.
Answer: Horizontal Pod Autoscaling is a feature that can automatically change the number of Pods in a replication controller, deployment, or replica set. It does this by looking at how much CPU each Pod is using (or other metrics you choose) and then deciding whether to add or remove Pods. This helps keep your application running smoothly by making sure there are always enough Pods to handle the load. It ensures applications have enough resources to handle varying loads.
23. What are Init Containers, and how do they differ from regular Containers?
Answer: Init Containers run and complete before regular Containers start. They can contain setup scripts or preconditions. Regular Containers in a Pod do not start until all Init Containers have successfully completed.
24. How do you create a Network Policy in Kubernetes?
Answer: A Network Policy is created using a YAML file to specify allowed ingress and egress traffic for Pods.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: example-policy
spec:
podSelector:
matchLabels:
role: db
policyTypes:
- Ingress
- Egress
ingress:
- from:
- podSelector:
matchLabels:
role: frontend
egress:
- to:
- podSelector:
matchLabels:
role: backend
25. What is a Kubernetes Persistent Volume Claim (PVC), and how is it used?
Answer: A PVC is a request for storage by a user. It is used to dynamically provision or bind to an existing Persistent Volume (PV). Pods can use PVCs to request specific storage resources.
26. How do you configure Kubernetes to use a specific container runtime?
Answer: Kubernetes can be configured to use a specific container runtime (like Docker, containerd, or CRI-O) by setting the --container-runtime
and --container-runtime-endpoint
flags in the kubelet configuration.
27. What is a Kubernetes Service Mesh, and how does it work?
Answer: A Service Mesh is like a special pathway built just for services in a microservices setup to talk to each other. It's like a dedicated highway for service communication, making sure they can chat without any traffic jams or delays. Examples include Istio and Linkerd. It provides features like traffic management, security, and observability.
28. Explain the concept of Pod Affinity and Anti-Affinity.
Answer: Pod Affinity ensures Pods are scheduled on nodes with specific characteristics or with other Pods. Anti-Affinity ensures Pods are scheduled on different nodes to improve availability and fault tolerance.
apiVersion: v1
kind: Pod
metadata:
name: example-pod
spec:
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- frontend
topologyKey: "kubernetes.io/hostname"
29. What is the purpose of a Kubernetes StorageClass?
Answer: A StorageClass provides a way to describe the “classes” of storage available in a cluster. It allows dynamic provisioning of Persistent Volumes and specifies the storage type, performance, and parameters.
30. How do you perform a rolling update on a StatefulSet in Kubernetes?
Answer: Performing a rolling update on a StatefulSet involves updating the StatefulSet's Pod template and using the kubectl rollout
commands. Pods are updated in a controlled manner, one at a time, following their order.
31. What are the differences between Docker Swarm and Kubernetes?
Answer: Docker Swarm is Docker’s native clustering and orchestration tool, while Kubernetes is a comprehensive orchestration platform. Kubernetes provides advanced features like auto-scaling, self-healing, and a rich ecosystem of tools and extensions.
32. How do you ensure that a specific Pod is always scheduled on the same node in Kubernetes?
Answer: To ensure a specific Pod is always scheduled on the same node, you can use node selectors, node affinity, or taints and tolerations.
33. What is the purpose of a Kubernetes Job, and when would you use it?
Answer: A Job in Kubernetes creates one or more Pods to perform a specific task and then terminates. It is used for batch processing, tasks that run to completion, or ad-hoc operations.
34. How do you create and use a Kubernetes ConfigMap?
Answer: A ConfigMap is created using a YAML file or kubectl
command to store non-confidential data in key-value pairs. It can be used as environment variables, command-line arguments, or mounted as a volume in Pods.
apiVersion: v1
kind: ConfigMap
metadata:
name: example-config
data:
key1: value1
key2: value2
35. What are the primary components of Kubernetes architecture?
Answer: The primary components of Kubernetes architecture are the Master Node (containing the API Server, Controller Manager, Scheduler, and etcd) and Worker Nodes (containing the kubelet, kube-proxy, and container runtime).
36. How does Kubernetes handle node failures?
Answer: Kubernetes detects node failures through the node controller, which periodically checks node health. If a node is unresponsive, Kubernetes reschedules the Pods on other healthy nodes.
37. What is a Kubernetes PodPreset?
Answer: A PodPreset is an admission controller resource used to inject runtime requirements into Pods, such as environment variables, volumes, or volume mounts, without modifying the Pod specification directly.
38. Explain the concept of a Kubernetes ReplicaSet.
Answer:A ReplicaSet makes sure that a certain number of Pod copies are always running, no matter what. It replaces old replication controllers and is mainly used by Deployments to manage scaling and updates.
39. What is the purpose of Kubernetes API aggregation?
Answer: Kubernetes API aggregation allows extending the Kubernetes API with additional APIs by aggregating multiple API servers into a single endpoint, enhancing the platform's extensibility.
40. How do you perform cluster maintenance in Kubernetes?
Answer: Cluster maintenance involves draining nodes (kubectl drain
), applying updates to the cluster components (control plane and worker nodes), monitoring cluster health, and ensuring backups of critical data like etcd.
41. What is Kubernetes Federation, and how is it used?
Answer: Kubernetes Federation is a feature that allows the management of multiple Kubernetes clusters from a single control plane. It provides a way to distribute applications across clusters and achieve high availability and disaster recovery.
42. How do you monitor a Kubernetes cluster?
Answer: Monitoring a Kubernetes cluster involves using tools like Prometheus, Grafana, and Kubernetes Dashboard. These tools collect metrics, visualize data, and alert on anomalies in the cluster.
43. What is the purpose of Kubernetes Admission Webhooks?
Answer: Admission Webhooks are HTTP callbacks that allow custom admission control policies to be executed before an object is persisted. They can mutate or validate requests to enforce security, compliance, or custom business rules.
44. How do you manage external dependencies in Kubernetes?
Answer: External dependencies in Kubernetes can be managed using services like ExternalName, Ingress, Service Mesh, or sidecar containers to handle communication, configuration, and data access.
45. Explain the concept of Kubernetes Garbage Collection.
Answer: Kubernetes Garbage Collection automatically cleans up unused or terminated resources, such as old ReplicaSets from Deployments, completed Jobs, and unreferenced Persistent Volumes, ensuring efficient resource utilization.
46. What is a Kubernetes Volume and its types?
Answer: A Kubernetes Volume is a directory accessible to containers in a Pod. Types include emptyDir, hostPath, configMap, secret, persistentVolumeClaim, and more, each providing different storage options and use cases.
47. How does Kubernetes handle resource constraints for Pods?
Answer: Kubernetes handles resource constraints using resource requests and limits defined in the Pod specification. The scheduler uses these constraints to place Pods on appropriate nodes, ensuring fair resource distribution and preventing resource contention.
48. What is the purpose of the kube-proxy component?
Answer: The kube-proxy component runs on each node and manages network rules to allow communication to and from Pods. It uses iptables or IPVS to handle traffic routing and load balancing.
49. How do you manage multiple Kubernetes clusters?
Answer: Multiple Kubernetes clusters can be managed using tools like Kubernetes Federation, kubeconfig contexts, multi-cluster management platforms (e.g., Rancher, OpenShift), and CI/CD pipelines to automate deployments across clusters.
50. Explain the concept of Horizontal Pod Autoscaler (HPA) in Kubernetes.
Answer: HPA (Horizontal Pod Autoscaler) is like a smart assistant that automatically adjusts the number of Pods in your Deployment, ReplicaSet, or StatefulSet based on how busy they are. It keeps an eye on things like CPU usage and other metrics to make sure your applications can handle changes in workload without any hiccups or slowdowns. It's like having a sidekick that helps your apps stay responsive and efficient, no matter how much traffic they're getting.
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: example-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: example-deployment
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
51. What is the role of the etcd component in Kubernetes?
Answer: etcd is a distributed key-value store used by Kubernetes to store all cluster data. It holds configuration data, state information, and metadata, ensuring consistency across the cluster.
52. How do you create a Kubernetes Secret, and what types are supported?
Answer: A Secret is created using a YAML file or kubectl
command. Supported types include Opaque (default), kubernetes.io/dockerconfigjson
for Docker registry credentials, and kubernetes.io/tls
for TLS certificates.
apiVersion: v1
kind: Secret
metadata:
name: example-secret
type: Opaque
data:
username: YWRtaW4=
password: MWYyZDFlMmU2N2Rm
53. What is a Kubernetes Pod Security Policy (PSP)?
Answer: A PSP is a cluster-level resource that controls security-sensitive aspects of Pod specifications. It defines a set of conditions that a Pod must meet to be accepted into the cluster, such as running as non-root or using specific volume types.
54. Explain the concept of Kubernetes Namespaces.
Answer: Namespaces provide a way to partition resources within a single Kubernetes cluster. They allow for resource isolation, separate resource quotas, and distinct policies for different teams or projects.
55. What is the difference between Horizontal Pod Autoscaling (HPA) and Vertical Pod Autoscaling (VPA)?
Answer: HPA adjusts the number of Pod replicas based on metrics like CPU utilization. VPA adjusts the resource requests and limits of individual Pods based on their usage, ensuring optimal resource allocation.
56. How does Kubernetes handle Pod disruption during a node upgrade?
Answer: Kubernetes handles Pod disruption using Pod Disruption Budgets (PDBs) and draining nodes with kubectl drain
. PDBs ensure that a minimum number of Pods remain available during maintenance.
57. What is the purpose of Kubernetes Role-Based Access Control (RBAC)?
Answer: RBAC restricts cluster actions based on user roles. It defines roles with specific permissions and binds them to users or service accounts, ensuring secure and controlled access to resources.
58. Explain the concept of a Kubernetes Sidecar Container.
Answer: A Sidecar Container runs alongside the main application container in a Pod, providing supporting features such as logging, monitoring, or proxying without modifying the main application.
59. What is a Kubernetes MutatingAdmissionWebhook?
Answer: A MutatingAdmissionWebhook is an admission controller that intercepts and modifies incoming API requests before they are persisted. It can alter resource specifications to enforce policies or defaults.
60. How do you manage Kubernetes cluster upgrades?
Answer: Cluster upgrades involve updating the control plane components (API server, controller manager, scheduler) and worker nodes. This can be done using tools like kubeadm, managed Kubernetes services (GKE, EKS), or custom scripts.
61. What is a Kubernetes CronJob, and how is it different from a regular Job?
Answer: A CronJob schedules Jobs to run at specific times or intervals, similar to Unix cron jobs. Regular Jobs run immediately when created, while CronJobs follow a defined schedule.
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: example-cronjob
spec:
schedule: "0 0 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: example
image: busybox
args:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure
62. What are Kubernetes Custom Resource Definitions (CRDs)?
Answer: CRDs allow users to create custom resources that extend Kubernetes functionality. They enable defining custom objects and controllers, providing a way to manage non-standard resources within the cluster.
63. How does Kubernetes handle inter-Pod communication?
Answer: Inter-Pod communication in Kubernetes is handled using a flat network model where each Pod has a unique IP address. Services, DNS, and Ingress resources facilitate communication across Pods and external clients.
64. What is the purpose of Kubernetes Network Policies?
Answer: Network Policies control the allowed ingress and egress traffic to Pods. They provide fine-grained control over network communication, enhancing security by restricting traffic between Pods and external sources.
65. Explain the Kubernetes kubelet component.
Answer: The kubelet runs on each node and is responsible for managing Pods, ensuring containers are running, and reporting node status to the control plane. It interacts with the container runtime and monitors Pod health.
66. How do you troubleshoot a Kubernetes Pod stuck in the Pending
state?
Answer: Troubleshooting a Pod stuck in the Pending
state involves checking node resource availability, examining events (kubectl describe pod <pod-name>
), verifying PVC binding, and reviewing taints and tolerations.
67. What is a Kubernetes Horizontal Pod Autoscaler (HPA), and how is it configured?
Answer: HPA automatically scales the number of Pods in a deployment based on metrics like CPU utilization. It is configured using a YAML file specifying the target resource and scaling criteria.
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: example-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: example-deployment
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
68. What is the purpose of the Kubernetes kube-proxy component?
Answer: kube-proxy runs on each node and manages network rules to allow communication to and from Pods. It handles traffic routing and load balancing, using iptables or IPVS for efficient packet forwarding.
69. How do you secure a Kubernetes cluster?
Answer: Securing a Kubernetes cluster involves using RBAC for access control, enabling network policies, securing the API server, regularly updating components, using Secrets for sensitive data, and auditing logs for suspicious activities.
70. What are Kubernetes Pod Presets, and how are they used?
Answer: Pod Presets inject runtime requirements into Pods at creation time, such as environment variables, volumes, or volume mounts. They allow adding configurations without modifying the Pod specification directly.
71. How do you monitor and collect metrics in a Kubernetes cluster?
Answer: Monitoring and collecting metrics in a Kubernetes cluster can be done using tools like Prometheus for metrics collection, Grafana for visualization, and Kubernetes Dashboard for a web-based UI.
72. What is Kubernetes Ingress, and how does it differ from a Service?
Answer: Ingress manages external access to services, typically HTTP/HTTPS. It provides load balancing, SSL termination, and name-based virtual hosting. A Service, on the other hand, defines a logical set of Pods and a policy to access them.
73. How do you configure Kubernetes to use a specific container runtime?
Answer: Kubernetes can be configured to use a specific container runtime by setting the --container-runtime
and --container-runtime-endpoint
flags in the kubelet configuration, allowing integration with Docker, containerd, or CRI-O.
74. What is a Kubernetes DaemonSet, and when would you use it?
Answer: A DaemonSet ensures that a copy of a Pod runs on all or some nodes in the cluster. It is used for tasks like log collection, monitoring, or node maintenance that need to run on every node.
75. Explain the concept of Kubernetes Pod Affinity and Anti-Affinity.
Answer: Pod Affinity ensures Pods are scheduled on nodes with specific characteristics or with other Pods, improving performance or reliability. Anti-Affinity ensures Pods are scheduled on different nodes to increase fault tolerance.
76. What is the purpose of a Kubernetes Persistent Volume (PV) and Persistent Volume Claim (PVC)?
Answer: PV is a piece of storage provisioned by an administrator or dynamically using Storage Classes. PVC is a user's request for storage, which can be used by Pods to request specific storage resources.
77. How do you handle application configuration using ConfigMaps in Kubernetes?
Answer: ConfigMaps store non-confidential data in key-value pairs. They can be mounted as volumes, injected as environment variables, or used as command-line arguments to configure applications running in Pods.
78. What is the purpose of Kubernetes Admission Controllers?
Answer: Admission Controllers are plugins that govern and enforce policies on objects during creation, modification, and deletion. They validate requests, mutate objects, and enforce security or compliance policies.
79. How do you perform a rolling update on a Deployment in Kubernetes?
Answer: Rolling updates are performed by updating the Deployment's Pod template. Kubernetes gradually replaces old Pods with new ones, ensuring zero downtime and maintaining application availability.
kubectl set image deployment/<deployment-name> <container-name>=<new-image>
80. Explain the Kubernetes Scheduler and its role.
Answer: The Kubernetes Scheduler assigns Pods to nodes based on resource requirements, constraints, and policies. It ensures optimal resource utilization and adherence to scheduling policies like affinity and anti-affinity.
81. What is a Kubernetes Service Mesh, and how does it enhance microservices communication?
Answer: A Service Mesh is a dedicated infrastructure layer for managing service-to-service communication. It provides features like traffic management, security, and observability, enhancing the reliability and security of microservices.
82. How do you use Kubernetes ConfigMaps and Secrets together in a Pod?
Answer: ConfigMaps and Secrets can be used together by mounting them as volumes or injecting them as environment variables, providing both non-confidential and confidential data to the Pod.
apiVersion: v1
kind: Pod
metadata:
name: example-pod
spec:
containers:
- name: example-container
image: nginx
env:
- name: CONFIG_KEY
valueFrom:
configMapKeyRef:
name: example-config
key: key1
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: example-secret
key: password
83. What are Kubernetes taints and tolerations, and how are they used?
Answer: Taints are applied to nodes to repel specific Pods, while tolerations are applied to Pods to allow them to be scheduled on nodes with matching taints. They control Pod placement and ensure specific workloads run on appropriate nodes.
84. Explain the Kubernetes API aggregation layer.
Answer: The API aggregation layer allows extending the Kubernetes API with additional APIs by aggregating multiple API servers into a single endpoint. It enhances Kubernetes' extensibility by supporting custom resources and controllers.
85. What is a Kubernetes Persistent Volume Claim (PVC), and how does it relate to a Persistent Volume (PV)?
Answer: A PVC is a user's request for storage resources, which can be dynamically provisioned or bound to an existing PV. PVs are actual storage units provisioned by an administrator or Storage Class.
86. How do you perform cluster maintenance in Kubernetes?
Answer: Cluster maintenance involves draining nodes (kubectl drain
), applying updates to control plane and worker nodes, monitoring cluster health, ensuring data backups, and reviewing logs for anomalies.
87. What is the purpose of Kubernetes Resource Quotas?
Answer: Resource Quotas limit the resource usage (CPU, memory, storage) within a namespace, preventing a single user or team from consuming excessive resources and ensuring fair resource distribution.
88. Explain the concept of Kubernetes ServiceAccount.
Answer: A ServiceAccount provides an identity for Pods to use when interacting with the Kubernetes API. It allows fine-grained control over API access and can be associated with specific RBAC roles and permissions.
89. What is a Kubernetes Volume, and how does it differ from a Persistent Volume?
Answer: A Volume is a directory accessible to containers in a Pod, used for temporary or shared storage. A Persistent Volume (PV) provides long-term storage independent of the Pod lifecycle, supporting dynamic provisioning and binding to PVCs.
90. How does Kubernetes handle stateful applications?
Answer: Kubernetes handles stateful applications using StatefulSets, which ensure unique network identifiers, ordered deployment, and persistent storage for each Pod, maintaining consistency and reliability.
91. What is the purpose of the kube-apiserver component in Kubernetes?
Answer: The kube-apiserver is the central management point for the cluster, exposing the Kubernetes API. It handles requests, validates them, and updates the state in etcd, serving as the gateway for all control plane operations.
92. How do you create and manage Kubernetes Ingress resources?
Answer: Ingress resources are created using YAML files defining rules for routing external traffic to Services. Ingress controllers, such as NGINX or Traefik, are used to manage Ingress resources and handle HTTP/HTTPS traffic.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: example-service
port:
number: 80
93. What is a Kubernetes StatefulSet, and how is it different from a Deployment?
Answer: A StatefulSet manages stateful applications, ensuring stable network identities, ordered deployment, and persistent storage. Unlike Deployments, StatefulSets maintain consistency and unique identities for each Pod.
94. How do you perform a blue-green deployment in Kubernetes?
Answer: Blue-green deployments involve creating a new version of an application (green) alongside the current version (blue) and switching traffic to the new version once it's validated. This can be achieved using Services and Ingress to route traffic.
95. What is Kubernetes Dynamic Admission Control?
Answer: Dynamic Admission Control involves using Admission Webhooks (Mutating and Validating) to enforce custom policies during the admission phase. These webhooks can modify or validate incoming API requests before they are persisted.
96. How do you manage Kubernetes clusters across multiple regions?
Answer: Managing clusters across multiple regions involves using Kubernetes Federation, multi-cluster management tools (e.g., Rancher), and ensuring consistent configurations, monitoring, and disaster recovery plans.
97. Explain the concept of Kubernetes PersistentVolume and its ReclaimPolicy.
Answer: A PersistentVolume (PV) is a piece of storage provisioned in the cluster. The ReclaimPolicy determines the action to take when the PV is released: Retain
, Recycle
, or Delete
.
98. How do you handle secrets in Kubernetes?
Answer: Secrets are used to store sensitive data like passwords, tokens, and certificates. They can be created using YAML files or kubectl
commands and consumed by Pods as environment variables or mounted volumes.
99. What is the purpose of Kubernetes ConfigMap?
Answer: ConfigMap stores non-confidential data in key-value pairs. It provides configuration data to Pods, enabling separation of configuration from code and allowing dynamic updates without redeploying the application.
100. How do you debug a Kubernetes Pod?
Answer: Debugging a Pod involves examining logs (kubectl logs <pod-name>
), describing the Pod (kubectl describe pod <pod-name>
), checking events, using kubectl exec
to run commands inside the Pod, and reviewing resource utilization and configurations.
Nailed those medium-level Kubernetes questions? High five! Understanding services, networking, and scaling shows you're ready to tackle real-world container challenges. Keep building your skills, and you'll be a Kubernetes pro in no time!
Next Steps
Kubernetes Interview Questions - Beginner Level
Kubernetes Interview Questions - Medium Level Part 1
Kubernetes Interview Questions - Medium Level Part 2
Kubernetes Interview Questions - Advanced Level Part 1
Kubernetes Interview Questions - Advanced Level Part 2
Kubernetes Interview Questions - Advanced Level Part 3
Kubernetes Interview Questions - Advanced Level Part 4
Share with friends