Kubernetes isn’t a tool but is more like an ecosystem. And, that’s what makes Kubernetes interviews difficult to ace without preparation.
We have collected the 26 most common Kubernetes interview questions to ensure that you know what to expect from a technical interview.
These interview questions are broken down into:
Practice all of them and confidently ace your interview!
Question: Why do companies use Kubernetes? Companies use Kubernetes to manage orchestration and IT workloads with high efficiency.
Question: Explain the top features of Kubernetes Top features of Kubernetes include:
Question: Explain Kubernetes clusters. Kubernetes clusters are a set of node machines that run containerized applications.
Questions: Explain the role of Kubernetes Network Policy Kubernetes network policy defines how pods within a namespace would communicate with other pods and with the network.
Question: What is Kubectl? Kubectl is a command line tool (CLI) that you can use to interact with Kubernetes API servers from a terminal. Kubectl = Kube Control CLI.
Question: Explain what a node is in Kubernetes. Nodes are a collection of resources within Kubernetes that support container(s). Depending upon the Kubernetes cluster, a node can be a physical machine or a virtual machine.
Question: How do you check the status of a Kubernetes deployment? To check the status of a deployed K8, run the following command:
kubectl rollout status
Once you run this, you should see the following in your command prompt: NAME READY UP-TO-DATE AVAILABLE AGE name-of-deployment 0/3 0 0 6s
Question: How do you run Kubernetes locally? To run Kubernetes locally, we can use Minikube.
Question: What are the different types of controller managers in Kubernetes? Different types of controller managers in Kubernetes are:
Question: Explain what Kube-proxy does. Kube-proxy allows you to implement and maintain network rules on Kubernetes nodes.
These are some questions that anyone with a basic understanding of Kubernetes is supposed to be able to answer during an interview without fail.
But, in addition to those, beginners are expected to be able to answer these questions too.
Question: List all the objects used to define workloads in Kubernetes. To define workloads in Kubernetes, we use the following objects:
Question: Explain the Difference between secret and config map. Configmap in Kubernetes is a key-value pair that is used to store data that isn’t of any sensitive nature (e.g. API keys, secrets, passwords, etc).
Kubernetes secret on the other hand store sensitive data (e.g.
Question: Write the specification for creating a persistent volume. Here’s a specification for a persistent volume for “visualcv-main”: apiVersion: v2.01 kind: PersistentVolume metadata: name: visualcv-main spec: capacity: storage: 5Gi volumeMode: Filesystem accessModes:
Question: How do you check the status of jobs and pods? To check the status of a pod, run this command: kubectl get pods NAME READY STATUS RESTARTS AGE visualcv-main 1/1 Running 0 59s
To check the status of a job, run this command instead: kubectl get job NAME DESIRED SUCCESSFUL AGE visualcv-main 1 0 19s
Question: How do you manage permissions for Kubernetes cluster connections? The permissions for connecting with a Kubernetes cluster is managed by a set of rules that are defined by the Ingress network.
Question: What does Kubernetes Controller Manager do? Kubernetes controller manager is responsible for garbage collection, creation of namespaces, and control loops.
Question: Explain how to perform zero downtime rollout on Kubernetes. To ensure a zero downtime Kubernetes rollout, we use rolling updates strategy. With Rolling Updates strategy, our deployments are pushed incrementally without incurring any downtime on production.
The way Rolling Update strategy works is that an update is pushed to a pod incrementally. The maximum number of pods unavailable = 1 and the maximum number of pods created = 1 as conditions. When the rolling update is in process, traffic is only routed to available pods.
Question: Explain Multi-container pod patterns. There are three main multi-container pod patterns that we use:
With adapter multi-container pod pattern - restructuring of the application’s file is performed by the adapter container.
With ambassador multi-container pod pattern we leverage a proxy to connect other containers with a port on localhost.
With sidecar multi-container pod pattern, a helper container isn’t required to ensure that the main container work.
Question: If you have already tainted the master nodes while setting up Kubernetes - how would you define the tolerance for a service? To define tolerance for a service use taints, tolerations and NodeSelectors. The way to use them would be:
To apply taint, run the following command
kubectl taint nodes node9 key=value:NoSchedule
To apply toleration to a pod, add the following: spec: tolerations:
operator: "Equal" effect: "NoSchedule"
Question: What should readiness and liveness probes be used for? Both readiness and liveness probes are used to check for the overall heal of the application.
Question: How do you use liveness probes to monitor pods that are always running? Add these to your specs to ensure that an app in a pod is not down and is running:
spec: containers: - name: liveness ports: - containerPort: 80 livenessProbe: initialDelaySeconds: 3 periodSeconds: 4 timeoutSeconds: 1 successThreshold: 1 failureThreshold: 1 httpGet: host: scheme: HTTP path: /path httpHeaders: - name: Host value: visualcv.com
Question: Explain the use of labels in Kubernetes Labels are used in Kubernetes to tie a service to an individual pod or a group of pods. Add the following parameters to your spec.
Selector: app: vcv-app
By doing so, your service will be tied to pods containing “vcv-app”.
Question: Tell us an instance where you would use a ReplicaSet over a Replication Controller. Replication controllers are great for pods that live longer. We rely on replication controller to launch pods whenever a host restarts
However, if there are multiple hosts, a replication controller can be rescheduled to the other host. To deal with this issue of unreliability from replication controller, we use ReplicaSet.
Question: We have a certain number of pods that process data and push the process information back to the connecting client. Assume each pod is capable of handling a large number of clients. We want to make sure that the data is processed based on 3 different specifications. How would you achieve this?
To implement this, you need to deploy 3 pods with those 3 data processing configurations. The config and app will be able to handle whenever a queue is called by a pod. To make sure they are accessible, leverage load balancing and a discovery mechanism.
Question: Export your secrets for an app inside Kubernetes as an environment variable. Do it without saving inside Kubernetes secret. To achieve this, use vault. With this, we use sidecar injector for secrets through configmaps, environment variables or can dump the secret to the volume.
However, this isn’t very secure. Storing plain text secret as an environment variable is insecure. When asked, make sure you inform your interviewer about the potential harm of storing secrets using these methods.