Part 3 – Kubernetes Interview Questions & Answers (Q.11 to Q.15)

Question 11. What is the difference between a Kubernetes deployment and a Kubernetes pod?

Pods: The smallest deployable units in Kubernetes. They encapsulate one or more tightly coupled containers, along with shared storage and network resources. Pods are often ephemeral.

Deployments: Higher-level constructs that manage the desired state of replicated Pods. Deployments handle updates, rollbacks, and scaling of Pods.

Use Cases:

• Pods: Ideal for tightly coupled components of an application that must work in tandem.
• Deployments: Best for most applications. Offer declarative updates, versioning, and rollbacks.

Example: A Deployment might define a desired state of 3 replicas of a web server Pod. Kubernetes ensures 3 instances of the Pod are always running.

Question 12: How do you expose a Kubernetes service externally?

Kubernetes services offer internal service discovery. For external access, there are methods:

• NodePort: Opens a specific port on every node in the cluster, forwarding traffic to the service.
• LoadBalancer: Provisions a cloud-provider load balancer to direct traffic to the service.
• Ingress: Flexible Layer 7 (HTTP/HTTPS) routing, acting as an entry point for the cluster, forwarding traffic based on rules.

Use Cases:

• NodePort: Simple exposure for testing or internal-only services.
• LoadBalancer: Production scenarios when a single external IP and automated load balancing are needed.
• Ingress: Complex traffic routing requirements (e.g., path-based routing, TLS termination).

Question 13: What are liveness and readiness probes in Kubernetes, and why are they important?

Liveness Probes: Tell Kubernetes if a container is alive. Failed probes result in container restarts.

Readiness Probes: Tell Kubernetes if a container is ready to accept traffic. Failed probes prevent serving traffic.

Use Cases:

• Liveness Probes:  Catch deadlocks or crashed applications to enable self-healing.
• Readiness Probes: Prevent Pods from receiving traffic during initialization or when under heavy load.

Example:

Question 14: Describe the concept of a Kubernetes secret and its use cases.

Secrets: Kubernetes objects designed to store small pieces of sensitive data like passwords, API keys, or tokens. They are base64 encoded for better management within Kubernetes.

Use Cases:

• Storing database credentials: Avoid embedding passwords in application manifests.
• Providing SSH keys: Allow secure access to Pods.
• Managing TLS certificates: Store private keys needed for secure communication.

Example:

Create a secret containing your database username and password for injection into a web application through environment variables.

kubectl create secret generic my-secret --from-literal=username=admin --from-literal=password=strongpassword

Question 15: How can you upgrade a Kubernetes cluster to a new version?

The process is complex and varies depending upon your infrastructure provider. Key considerations:

• Control Plane Upgrades: Upgrade master nodes with care (using tools like kubeadm)
• Worker Node Upgrades: Strategies include cordoning and draining nodes or a rolling-update approach.
• Data Backups: Backup etcd (Kubernetes datastore) before upgrades.

Use Cases:

• Security Fixes: Apply critical patches.
• New Features: Utilize new capabilities in Kubernetes releases.

Example (Conceptual):

• Back up etcd
• Upgrade the control plane components gradually to the new version.
• Use a rolling update to update worker nodes one by one.

Part 1- Kubernetes Interview Q & A (Q1-Q5)

Part 2- Kubernetes Interview Q & A (Q6-Q10)

Hope you find this post helpful.

Telegram: https://t.me/LearnDevOpsForFree

Twitter: https://twitter.com/techyoutbe

Youtube: https://www.youtube.com/@T3Ptech