With the introduction of containers, the efforts of development and operations teams have changed drastically. Containers have helped various companies scale easier by deploying container-based applications.
But alongside these benefits, it has also faced challenges, as it has created an entirely new infrastructure for running applications. Currently, most companies create container instances daily, resulting in the issue of managing these thousands of containers efficiently. This is where Kubernetes comes into the picture.
Kubernetes was introduced by Google as an open-source container orchestration tool. It provides a platform that allows users to automate the process of development, scaling, and managing containerized applications. Kubernetes comes with standard practices for orchestrating containers backed by companies like Google, AWS, IBM, Microsoft, Cisco, and RedHat.
This article delves deep into Kubernetes concepts. It covers the most important and frequently asked questions related to Kubernetes, which can help you prepare for interviews.
So, let us begin.
Kubernetes Interview Questions and Answers
1. What is Kubernetes?
Kubernetes is an open-source container orchestration tool that helps manage containerized applications within and across clusters. Any Kubernetes collection consists of master and worker nodes.
The master node is responsible for coordinating all major work within clusters, such as scheduling, maintenance, scaling, and application deployment. In contrast, the worker node is an instance of the OS acting as a worker machine.
Nodes have two components, namely Kubelet and tool. The kubelet is an agent that helps manage and communicate with the master node, and tools are used for running various container-based operations.
Pods that package together one or more containers are considered the smallest unit of an object deployed on Kubernetes. They always run on nodes sharing resources, such as volumes, cluster unique IP, and other important information regarding running each container.
You can schedule containers of pods on individual nodes. For accessing workloads on pods, you can use services. For manipulating the object’s state in Kubernetes, you can use an API server called a control panel.
2. What type of activities are managed by Kubernetes?
Kubernetes helps in managing the following activities:
- Consumption of resources by an application or team
- Spreading the load of an application across a hosting infrastructure evenly
- Automatically balancing the load of incoming requests across different instances of an application
- Limiting resource consumption, which automatically stops applications from consuming too many resources and restarting the applications
- Helping users move an application instance from one host to another in case of a resource shortage within a host, or if the host dies
- Making the resources available automatically to a newly added host in a cluster
- Making the process of performing canary deployments and rollbacks seamless
3. What makes Kubernetes so popular?
The following are a few reasons behind the growing popularity of Kubernetes:
- Kubernetes allows dev teams to request resources that are required quickly. If a team needs more resources to manage the growing load, they can get the desired resources as fast as possible since resources are available from an infrastructure shared across your teams. Kubernetes helps in provisioning the resources within seconds and lets you scale quickly.
- Containers are lightweight and consume fewer resources, such as CPU and memory than hypervisors and VMs, making Kubernetes a cost-effective solution
- Kubernetes is cloud-agnostic and can run significant cloud platforms such as AWS, Microsoft Azure, and GCP. It makes the migration simpler since you do not have to redesign your applications to be compatible with a new platform. Also, it solves the problem of vendor lock-in issues, as you can standardize on a platform.
- Kubernetes is the only standard for container orchestration tools. Thus, major cloud providers are now offering Kubernetes-as-a-Service, making it more popular among developers and operations teams.
4. What makes Kubernetes different from Docker Swarm?
The following table lays out the differences between Kubernetes and Docker Swarm:
Features |
Kubernetes |
Docker Swarm |
Installation & Cluster Config |
It comes with a complex setup process, but the cluster is robust. |
It has a simple setup process, but the cluster is not powerful. |
GUI |
Kubernetes Dashboard. |
No specific GUI. |
Scalability |
It ensures high scalability but not as Docker Swarm. |
It shows high scalability, which is 5x faster than Kubernetes. |
Auto-scaling |
Ensures auto-scaling. |
Do not ensure auto-scaling. |
Load Balancing |
It requires manual intervention for load balancing the traffic between different containers and pods. |
It manages the load balancing between containers in the cluster automatically. |
Rolling Updates & Rollbacks |
Kubernetes ensures the deployment of the rolling updates and ensures automatic rollbacks. |
Docker Swarm ensures the deployment of the rolling updates but does not support automatic rollback. |
DATA Volumes |
It ensures the sharing of storage volumes only with the other containers available in the same pod. |
It allows storage volumes to be shared with any other container. |
Logging & Monitoring |
Kubernetes comes with built-in tools for logging and monitoring. |
It supports third-party tools, like the ELK stack, for logging and monitoring. |
5. What are the key features of Kubernetes?
Below are the key features of Kubernetes:
- Automated Scheduling of containers across and within clusters
- Self-healing capabilities and ensures automated rollouts & rollback
- Managing horizontal scaling & load balancing
- Consistent environment for development, testing, and production
- Infrastructure that is loosely coupled to each component that acts as a separate unit
- Resource utilization efficiency, application-centric management and an auto-scalable infrastructure
6. How is Kubernetes related to Docker?
Docker CLI comes with a mechanism that helps manage containers’ life cycle efficiently, and docker images specify the build time framework of runtime containers. You can use CLI commands for performing various actions on containers. Also, these commands allow you to orchestrate containers and make them run on several hosts.
But how do you manage and schedule these containers, and how do applications within the containers communicate with each other?
This is where Kubernetes uses Docker for packaging, instantiating, and running containerized applications. Among various container runtimes, only Docker is extensively used with Kubernetes, and both work together intelligently for managing containerized applications.
Docker has its clustering tools used for orchestration, but Kubernetes is available as an orchestration platform for dockerized containers, responsible for scaling to production level.
Check This Related Course: Docker and Kubernetes: The Complete Guide
7. What are the architecture layers of Kubernetes?
The Kubernetes architecture has three main layers. The upper level abstracts the complexities of the lower layer. The image below illustrates the different layers:
- Base Layer (Infrastructure layer):
At this layer, Kubernetes makes a cluster of host storage resources and networking that helps run various workloads of the system. These clusters group several machines into a single unit.
- Mid Layer (Kubernetes layer):
Every machine available in a cluster is allocated a specific role. The master is the control plane responsible for carrying out activities, like authorization, authentication, and scheduling the pods at the cluster level. The main components of the master are the API server, scheduler, and controller manager.
- Application Layer:
Kubernetes itself is a complicated distributed system running on an API approach. You need to submit a plan in a YAML or JSON format whenever you wish to run an application. The master server goes through the submitted plan and checks the requirements and current state of the cluster.
Later, users interact with the cluster using the API ecosystem. The scheduler and controller manager manage the functioning of the cluster, and workers do their job to produce the output.
8. What is the etcd master component in Kubernetes?
Etcd is an essential component of the master server in Kubernetes. Also, it is the heart of the Kubernetes cluster that stores its objects in a distributed key-value store. It works on an algorithm with the replication technique helping in maintaining the data stored in etcd across servers. Comparing and swapping the data across the etcd servers uses the optimistic currency that avoids the locking situation for increasing the throughput of the server.
9. What is a kubelet?
A kubelet is one of the main processes on the Kubernetes node, helping in performing operations on containers. It is a daemon responsible for communicating with the Kubernetes master for every machine available in the cluster. It keeps accessing the controller and checks and reports on the cluster’s status.
Furthermore, it can merge all available resources such as CPU, disk, and memory into a large Kubernetes cluster and send the response back to the API-server regarding the container’s state to observe its current state.
10. What is kube-proxy?
Kube-proxy is another major component of the node server of Kubernetes. This component is responsible for implementing the load-balancer networking model on each node in Kubernetes. It helps in performing TCP and UDP forwarding.
This component programs a network on the node to request the virtual IP address of the services routed to the endpoints implementing this service. Kube-proxy also finds the IP address of the clusters using DNS or environment variables. Lastly, it is responsible for routing the traffic from a specific pod on a machine to pods anywhere else within the cluster.
11. What are the various types of Kubernetes objects?
The following are some objects of Kubernetes used for defining workloads:
- Pods: They are the basic unit of Kubernetes that packages one or more containers within it. Containers do not interact directly with the host. Instead, they interact via encapsulated objects called pods.
- Replication controllers and sets: These are also called replication of pods created from pod templates. You can scale them horizontally using controllers called replication controllers and replication sets.
- Deployments: It refers to multiple identical pods having no distinctive identities. A deployment controller is used to manage the deployments. It is capable of running multiple copies of applications and replacing failed application instances automatically.
- Stateful sets: It is a controller providing a unique identity to each pod and can manage deployments and scaling sets of pods. You can use this controller with stateful applications and distributed systems.
- Daemon Sets: It ensures that every cluster node runs a copy of a pod. Whenever you add a node to the Kubernetes cluster, it will add the pod automatically to the new nodes as needed. Hence, it takes responsibility for managing a multitude of replicated pods.
- Jobs & Cron Jobs: A job that is responsible for creating one or multiple pods and terminating them successfully. This job will automatically track successful completions.
12. What are pods?
Pod refers to a single or multiple containers which can be controlled as a single application.
- Containers packaged within a single pod have a common life cycle but need to be scheduled on the same node
- Pods are a single unit having a common environment for volume and IP address space
- Every pod has a master container that manages the workload among other containers
13. Mention various Kubernetes services and their role.
Kubernetes has two major nodes, namely executor and master. The following are the services that run on these two nodes:
Executor node: (runs on master node)
- Kube-proxy: This service is responsible for the communication of pods within the cluster and to the outside network and runs on every node. This service ensures that the network protocols are maintained when network communication is established by a pod.
- kubelet: Each node has a kubelet service that regularly updates the running node as per the configuration (YAML or JSON) file
Master services:
- Kube-apiserver: a Master API service that acts as an entry point for the K8 cluster
- Kube-scheduler: This service is responsible for scheduling the pods according to available resources on executor nodes
- Kube-controller-manager: A control loop that tracks the shared state of a cluster via the API server and makes the desired changes to move the current state towards the desired stable state.
14. What is the load balancer?
Load balancing helps distribute the incoming traffic to multiple servers, ensuring that the application is available to every user. All the incoming traffic will come to the single IP address on the load balancer visible to the outside world.
Later, the traffic will get distributed to a particular pod using a round-robin algorithm. Whenever a pod fails, the load balancer gets notified, and it will avoid routing the traffic to that pod and check for other available pods.
15. How can you improve security in Kubernetes?
As a pod can communicate with another pod, we can set some security policies to limit this communication. We can do this by using the following methods:
- Implementing RBAC (Role-based access control) for narrowing down permissions
- Use namespaces to establish security boundaries
- Set admission control policies to avoid the execution of privileged containers
- Turn on audit logging for better troubleshooting
16. How can you monitor the Kubernetes cluster?
You can use various tools to monitor the operation of and the state of containers running within Kubernetes. One of the most commonly used tools is Prometheus, and it has multiple components, as described below.
- The server of Prometheus scrapes and stores time-series data
- It comes with the client libraries that help in instrumenting the application code
- It has a push gateway to help in supporting short-lived jobs
- There are special-purpose exporters for various container services, like StatsD, HAProxy, Graphite, etc.
- You will also get an alert manager for handling alerts on various support tools
17. How do you check the central logs from the pod?
You can use either of the logging patterns for getting central logs from the pod.
- Use a node-level logging agent
- Stream the sidecar container
- Use the sidecar container with the logging agent
- Export the logs directly from the application
18. How do you troubleshoot a pod that isn’t getting scheduled?
In Kubernetes, a scheduler is responsible for scheduling pods into nodes. There are many reasons that result in the failure of unstartable POD. One of the most common reasons is that if you are low on the required resources for pod scheduling, make them execute specific tasks.
You can use commands like kubectl describe <POD> -n <Namespace> to check the specific reason as to why the POD isn’t starting. Also, keep checking the kubectl to get all the running events to see all events coming from a particular cluster.
19. How do you run a pod on a node?
The following are the various ways to run a pod on a specific node within a Kubernetes cluster:
- nodeName: You can mention the name of a node within the POD spec configuration file. It runs the POD on the specified node.
- nodeSelector: For this, you need to assign a specific label to the node which has all the required resources and use the same node label in the POD spec file so that POD will run only on that specified node.
- nodeAffinities: For this, you require DuringSchedulingIgnoredDuringExecution, preferredDuringSchedulingIgnoredDuringExecution, which are hard and soft requirements for running the POD on specific nodes.
20. How can you provide external network connectivity to Kubernetes?
By default, a POD should reach the external network itself, but we need to make some desired changes in the reverse case. You can follow any of the following options to connect with the POD from an external network.
- Nodeport (with this method, the open port will get exposed on each node to communicate with it)
- Load balancers (L4 layer of TCP/IP protocol)
- Ingress (L7 layer of TCP/IP Protocol)
You can try using Kube-proxy to expose a service with only cluster IP on the local system port:
$ kubectl proxy --port=8080 $ http://localhost:8080/api/v1/proxy/namespaces//services/:/
21. What is Ingress Default Backend?
If there is no mapping to any backend, Ingress Default Backend specifies what you need to do with the incoming traffic or request to a Kubernetes cluster. Alternatively, it implies what you have to do if there are no defined rules for an incoming HTTP request if no backend service has been defined. Make sure to specify it so that the users will see some meaningful message rather than getting an unclear error.
22. What are namespaces in Kubernetes?
Namespaces are useful for dividing the resources of a cluster among multiple users.
23. What are daemon sets?
These are sets of pods that run only once on the host. They are specifically used for host layer attributes, such as network or for monitoring a network that is not required to run on a host not more than one time.
24. What is the cloud controller manager?
The cloud controller manager looks for persistent storage, network routing, and abstracting cloud-specific code from Kubernetes-specific code. It is also responsible for managing the interaction with underlying cloud services. Depending on the cloud platform you use, it splits up among containers and enables cloud vendors to deploy the Kubernetes code. After that, the cloud vendor will create their code and interact with the cloud controller manager of Kubernetes once you run it.
The different types of cloud controller managers are:
- Node controller: Checks for nodes being deleted successfully after it has been stopped
- Route controller: Helps manage traffic routes in the underlying cloud infrastructure
- Volume controller: Helps manage storage volumes and communicates with a cloud provider for this purpose
- Service controller: Helps manage a cloud provider load balancer
25. What is container resource monitoring?
It is essential to understand how an application performs and utilizes resources at different abstraction levels from the user’s perspective. Kubernetes differentiates clusters by creating different abstraction layers like container pods. Now, it is easier to monitor each level individually, known as container resource monitoring.
You can use any of the following tools for container resource monitoring:
- Heapster: Helps gather data from containers within a cluster
- influxDB: You can use this tool along with the heapster for visualizing data within the Kubernetes environment.
- Grafana: A time-series database that stores all data gathered by heapster pods
26. What are master nodes in Kubernetes?
The Kubernetes master contains master components — like controller manager server, API server, and etcd — and controls all worker nodes and containers present in a cluster.
These containers are packages within pods, depending on their common configurations and other related files. Whenever you deploy a pod, you do it either via GUI or command-line commands. We schedule pods on nodes, depending on the available resources on nodes. Then the kube-apiserver makes sure that the connection is established between the Kubernetes node and master components.
27. What is a headless service?
These services are almost similar to normal services but do not have the cluster IP. The headless service allows you to reach pods directly without the requirement for accessing them via a proxy.
28. What are nodes in Kubernetes?
A node in a Kubernetes cluster is the main worker machine, also known as minions. Nodes can run on a physical machine or a VM, and they consist of all the services required for running a container or pods. The master in Kubernetes is responsible for managing the nodes on Kubernetes.
29. What is Helm?
Helm is available as an application package management registry for Kubernetes, maintained by CNF. You can download and deploy the pre-configured Helm charts in your Kubernetes environment.
It is one of the preferred package management tools available for the Kubernetes environment. These charts help DevOps teams accelerate the process of managing applications. DevOps teams can use the existing charts for charting, versioning, and deploying applications into the production and development environment.
30. What are labels in Kubernetes?
Labels are specified as the key-value pair assigned to pods and other objects available in Kubernetes. It helps the operators of Kubernetes organize and select subsets of objects.
Consider this example: whenever you monitor objects of Kubernetes, labels help you easily and quickly access the required information you are looking for.
31. What is the kube-apiserver in Kubernetes?
The kube-apiserver allows the master to interact with the rest of the cluster by providing the main access point to the control plane.
For example, the kube-apiserver helps ensure that the configurations in etcd match the configurations for containers deployed in a cluster.
32. What is etcd in Kubernetes?
Etcd is a persistent and distributed key-value-based data store responsible for storing all the configuration data for an entire cluster by the master. Each node can access this etcd data store, and it helps nodes learn to maintain the configurations of running containers. If you want to run etcd, run it on Kubernetes master or in the standalone configurations.
33. What is the ingress network and how does it work?
Ingress network specifies the rules that act as an entry point to a cluster within Kubernetes. This helps in allowing connections which provide services externally via reachable URLs, load balance traffic, or using the name-based virtual hosting. It is an API object that helps in managing external access to services in a cluster.
Suppose two nodes have pod and root network namespaces with the Linux bridge. Furthermore, we also have a new virtual ethernet device called flannel0 added to the network.
Then, we move the packet from pod1 to pod4 as shown in the image below:
- Firstly, the package moves from the network of pod1 at eth0 and arrives at the root network at veth0
- The packet then moves to cbr0, where the request is made to find the desired destination, and finds that there is nothing on the node with the destination IP address
- Later, the packet routes to flannel0 since the route table for the node has been configured with flannel0
- The flannel daemon tells the API server of Kubernetes to check the IP of all the pods and create mappings for each pod IPs to node IPs
- Later, the network plugin wraps the packet in a UDP packet with extra headers, changing the source and the destination IPs
- Now, the route table knows how it can route the traffic between nodes. Therefore, it moves the packet to node2.
- The packet then arrives at eth0 of node2 and goes back to flannel0 for decapsulating and emitting the packet back to the root network namespace
- Later, it gets forwarded to the Linux bridge for making an ARP request, helping find the IP belonging to veth1
- Finally, the packet crosses the root network and reaches its destination, pod4
34. What are masters in Kubernetes?
Master is considered the central control point, providing the unified view of a cluster. A single master node is responsible for controlling multiple minions. Master servers work together to accept user requests, specify the best possible way for scheduling workload containers, and authenticate clients and nodes. Also, the master can adjust cluster-wide networking and manage scaling and health checks of clusters.
35. What are minions in Kubernetes?
A node is considered a worker machine in Kubernetes, but earlier, it was recognized as a minion. It can be a physical machine or VM, depending on a cluster. Each node contains services required for running pods and is managed by master components of Kubernetes. The services present on the node come with the container runtime, kubelet, and kube-proxy.
36. What are the roles of services in the Kubernetes components?
A service acts as an abstraction for pods, as it provides the virtual IP address. It helps users connect to containers running within pods with the help of the virtual IP address. It is a component based on which containers are grouped together within pods.
If you want to get the details of all services running under Kubernetes, run the following command:
$kubectl get services
37. What happens when a worker and the master fail?
If the master fails within Kubernetes, the container remains in the operational mode without impacting the creation of pods and change in the service member. But if the worker node fails, the master stops working and receives updates from the worker node.
38. How do you rollback a deployment in Kubernetes?
Using the “-- record “ flag, you can easily apply the desired changes to the deployment process using the “--record” flag. Then, by default, Kubernetes will save the previous deployment activities in the history.
If you want to see all prior deployments, run the following command:
kubectl rollout history deployment <deployment>
If you want to restore the last deployment, run the following command:
kubectl rollout undo deployment <deployment>
You can even pause and resume deployments in progress. Whenever a new deployment is done, a new ReplicaSet object is created that is scaled up slowly while the old replica set is scaled down. You can get the ReplicaSet that has been rolled out using the following command:
kubectl get replicaset
39. What are node components in Kubernetes?
Node components run on each node where they manage pods and provide the runtime environment to Kubernetes. The following are the node components:
- Kubelet: Makes sure that the containers are running in a pod
- Kube-proxy: Maintains the desired network rules on nodes. These rules allow the network communication from sessions inside or outside of your Kubernetes cluster to your pods.
- Container runtime: This software runs containers. Kubernetes supports various container runtimes, such as Containerd, CRI-O, Docker, or any Kubernetes Container Runtime Interface (CRI) implementation.
40. What are control plane components?
These components are responsible for making the global decisions that will affect the cluster, responding to the cluster events such as starting a new pod. Below are some components.
- Kube-apiserver: Acts as the front end of the control plane
- Etcd: Consistent key-value store that stores all the data of the Kubernetes
- Kube-scheduler: Looks for newly created pods having no assigned nodes and chooses the desired nodes for them to run on with the right available resources
- Kube-controller-manager: Runs the controller process, including the node controllers, endpoints controllers, replication controllers, service accounts, and token controllers
- Cloud-controller-manager: Links your cluster into your cloud provider's API. It will separate the components interacting with the cloud platform from those that only interact with your cluster.
41. What are the commands for pods and container introspection?
The following are the commands for pods and container introspection:
Function |
Command |
List all current pods in the cluster |
Kubectl get pods |
Describe the names of the pod |
Kubectl describe pod<name> |
List all replication controllers |
Kubectl get rc |
List replication controllers in a namespace |
Kubectl get rc –namespace=”namespace” |
Display the name of the replication controller |
Kubectl describe rc <name> |
List all the services |
Kubectl get cvc |
Display the service name |
Kubectl describe svc<name> |
Delete a pod |
Kubectl delete pod<name> |
Watch the nodes continuously |
Kubectl get nodes -w |
42. What are the commands for debugging?
The following are the commands for debugging:
Function |
Command |
Execute the command on service by providing the specific container |
Kubectl exec<service><commands>[-c< $container>] |
Provide the logs from the service for a container |
Kubectl logs -f<name>>[-c< $container>] |
Display the metrics for a node |
Kubectl top node |
Display the metrics for a pod |
Kubectl top pod |
43. What are the commands for cluster introspection?
The following are the commands for cluster introspection:
Function |
Command |
Get the information regarding the version. |
Kubectl version |
Get the information regarding the cluster. |
Kubectl cluster-info |
Get details of the configuration. |
Kubectl config g view |
Get information about a node. |
Kubectl describe node<node> |
44. What are some frequently used Kubernetes commands?
The following are the frequently used Kubernetes commands:
Function |
Command |
Launch a pod with a specific name and image |
Kubectl run<name> — image=<image-name> |
Create a service mentioned in <manifest.yaml> |
Kubectl create -f <manifest.yaml> |
Scale the replication counter, counting the number of instances |
Kubectl scale –replicas=<count>rc<name> |
Map the external port to the internal replication port |
Expose rc<name> –port=<external>–target-port=<internal> |
Stop all pods in <n>. |
Kubectl drain<n>– delete-local-data–force–ignore-daemonset |
Create a namespace |
Kubectl create namespace <namespace> |
Let the master node run pods. |
Kubectltaintnodes –all-node-role.kuernetes.io/master- |
45. What are federated clusters in Kubernetes?
These are multiple clusters managed as a single cluster.
46. What are secrets in Kubernetes?
Secrets are the objects in Kubernetes responsible for storing sensitive information after encrypting data. This could be such things as user credentials.
47. What are the types of pods available in Kubernetes?
There are two different types of pods, single container pods and multi-container pods.
48. What are the tools for container orchestration?
The following are the tools for container orchestration:
- Docker Swarm
- Apache mesos
- Kubernetes
49. What are the important components of node status?
The following are the components for node status:
- Condition
- Capacity
- Information
- Address
50. What are some tools for container monitoring?
The following are tools for container monitoring:
- Grafana.
- Heapster
- InfluxDB
- Prometheus
- cAdvisor
These Kubernetes Interview Questions Should Prepare You Well
That’s all for Kubernetes interview questions and answers. Kubernetes is the emerging technology that has made the management of running thousands of containers possible, so of course there’s more to learn, but this is a robust starting point.
These significant and frequently asked questions in Kubernetes interviews should prepare you well. Whether you have prior knowledge of Kubernetes or not, once you read through the questions mentioned above, you will gain a basic understanding of Kubernetes, its working, major components, services, and their functions.
Want To Learn Kubernetes Fast? Take This Course!
Kubernetes for the Absolute Beginners - Hands-on