Hello folks, and you’re listening to the Cognixia podcast. We are back with a fresh new episode of our podcast. We hope you have been enjoying listening to our podcast so far and all your feedback is pushing us to bring to you even more interesting and useful content.
In one of our previous episodes, we had discussed some common cloud computing interview questions and we received a lot of positive feedback for the same. We are very glad it helped you in preparing for your interviews. So, this week, we are back with one more interview questions and answers episode. In today’s episode, we will discuss some common questions you may encounter in a Kubernetes technical interview.
Before we begin, let us quickly take a look at what is Kubernetes. Kubernetes is an open-source distributed technology that is used for scheduling and executing containers in and across clusters. It is the go-to tool for container orchestration and is considered to be the de-facto standard for the same. The way the market stands, if you are building containerized applications, you would be using Kubernetes for sure.
You can use this simple definition if you get asked about it in your interview, though most interviewers would be more interested in getting an understanding of your technical expertise around using Kubernetes and not such basic definitions, per se. However, this still gets asked sometimes, so better go prepared, right?
So, now let us look at some commonly asked Kubernetes interview questions. We have a candidate X and the interviewing manager Y.
Y: Hi X! How are you doing today?
X: Hi sir, I am doing good. How are you?
Y: Good, good. Call me, Y, no sir, please.
X: Sure, sir, I mean, Y.
Y: Let’s get started then.
X: Sure, Y. I am excited about this, this is a very good opportunity for me.
Y: Good, good. How would you carry out maintenance activities on a Kubernetes node?
X: There are two commands which are commonly used for carrying out maintenance activities on Kubernetes nodes. First, the kubectl cordon followed by the kubectl drain – ignore-daemon set. The first command would move the node to a maintenance node or make the node unavailable, after which it would carry out a kubectl drain which would effectively discard the pods from the node. Once the drain command has been successfully executed, maintenance activities can be safely performed.
Y: And what if I need to carry out the maintenance activities on only a single pod?
X: In that case, I would use two other commands – kubectl get nodes for listing the nodes, followed by kubectl drain <node name> to drain the particular node.
Y: And why is this maintenance activity required in Kubernetes?
X: Whenever security patches become available, the Kubernetes administrator would need to perform the maintenance activity to apply this security patch to the running container so that it can be protected against the vulnerabilities. This is an unavoidable part of the Kubernetes administration.
Y: Hmmmmm…. Tell me, how would you control the resource usage of a pod?
X: I would use limits and requests for controlling the resource usage of the pod. By using the request function, I would fix the number of resources that can be requested by the pod, the moment this number is exceeded, it would be throttled back down to its request. Using the limit function, I would set an upper limit on the resources that a container is allowed to use. If the container tries to exceed this limit, the container can be terminated if Kubernetes would feel that there is another container that would need these resources instead.
Y: And what if the situation at hand is restart-sensitive?
X: In that case, I would recommend the sum of all container resource limits to be equal to or less than the total resource capacity for the cluster.
Y: Good. That makes sense. So, tell me, what is a init container and when can I use it?
X: An init container helps set the stage for a user before they get to running the actual pod. If you plan to use the init container, then I would suggest waiting for some time before you start the application container using a command like, say sleep 60. I would also recommend cloning a git repository into a volume.
Y: Good, good. You seem to know your concepts well. Could you tell me the role of load balancing in Kubernetes?
X: Sure, Y. Load balancing is a way to distribute the incoming traffic into multiple back-end servers. Load balancing is useful to ensure that the application is available to other users, thus, as the name suggests, balancing the load.
Y: What are your suggestions on how to increase the security in Kubernetes?
X: I have four main recommendations for increasing Kubernetes security. This would involve limiting the communication between pods and setting up appropriate network policies. I would recommend role-based access control to narrow down the permissions to the users. I would recommend using namespaces to establish security boundaries. I would also suggest setting the admission control policies for avoiding running the privileged containers, and finally, I would recommend turning on audit logging.
Y: So, X, would you know what is Prometheus?
X: Sure, Y. Prometheus is an essential tool for Kubernetes monitoring. The Prometheus server scrapes and stores the time-series data. It contains client libraries for instrumenting application code, a push gateway for supporting the short-lived jobs, some special-purpose exporters for special services like StatsD, HAProxy, Graphite, etc., and most importantly, an alert manager for handling the support tools.
Y: That’s very good. You mentioned namespaces. Why would you use namespaces? And, what about using the default namespace?
X: Namespaces are useful for managing blue/green environments where each namespace can include a different version of an application while also sharing resources that would be present in other namespaces. Moreover, namespaces are especially useful when multiple teams are using the same cluster without stepping on each other’s toes. The problem with the default namespace being used alone is that it would become challenging over time to get a complete overview of all the applications that are being managed in the cluster. Overall, namespaces make it easier to organize the applications into groups that make sense. So, I do recommend using namespaces.
Y: Interesting ideas. Tell me, why do you think we need operators?
X: Managing applications in Kubernetes isn’t always as easy and straightforward as managing the stateless applications, as one might think. In stateful applications, different handling techniques would be needed for upgrading every replica, as every replica would be in a different status. This raises the need for a human operator – the Kubernetes operator who would manage these stateful applications. The Kubernetes operator also helps automate a standard process on multiple Kubernetes clusters.
Y: Good, good. One last question then. How would you run Kubernetes locally?
X: I would use a Minikube tool for this. The tool runs a single-node bunch in a virtual machine on the computer.
Y: That’s good. That’s all I have for now. I think I have a good idea of where you stand with Kubernetes. The recruiter will get back to you with the next steps.
X: Thank you for your time today, Y. I am looking forward to hearing from the recruiter.
And, folks, those were some of the important questions that commonly get asked in a Kubernetes technical interview. So, now, what would you do if you wanted to sharpen your Kubernetes skills and be all set for the next step in your career? You come to us, Cognixia! Cognixia – the world’s leading digital talent transformation company offers a top-notch Docker and Kubernetes training and certification program which would help you learn all the important concepts and skills to ace a career in Kubernetes. The program is 100% live virtual instructor-led, making sure you can attend the program from anywhere. From the fundamentals of Docker and Kubernetes to running Kubernetes instances on Minikube, working with Kubernetes clusters, modifying workloads, working with the Kubernetes API specialized workloads, scaling deployments and application security, and understanding the complete container ecosystem, Cognixia’s Docker and Kubernetes online training covers everything. So, get started today!
Reach out to us to know more about the course.
With that, we come to the end of this week’s podcast episode. Until next week then! Stay safe and happy learning, folks!
