Kubernetes

Kubernetes is an open-source container orchestrator that automates tasks such as management, monitoring, scaling, and deployment of containerized applications.

Docker is an open-source software platform. Its biggest benefit is the packaging of settings and dependencies of an application on a container which allows for portability.

Kubernetes allows for the linking of several containers running on multiple hosts.

What is Helm?

Helm is a tool for automating the creation, packaging, configuration, and deployment of applications into Kubernetes clusters.

What is the advantage of deploying in containers instead of hosts?

Deploying in containers offers better isolation from other applications.

What are the features of Kubernetes?

  • Kubernetes controls how to launch the containers, replacing manual processes
  • Manages various clusters at the same time
  • Provides additional services like security, networking, and storage
  • Self-monitors the health of nodes and containers
  • Resources can be scaled not just vertically but horizontally as well

What are the main concepts of Kubernetes architecture?

There are two main components, the master node and the worker node. Each has individual components.

What is the role of the master node?

The master node is the node that manages a set of worker nodes.

What is the role of the kube-apiserver?

It validates and provides configuration data for API objects, such as pods, services, replication controllers, etc

What is a node in Kubernetes?

A node is a unit of computing, it represents a single machine in the cluster. It can be a physical machine or a virtual machine on a cloud provider.

What does the node status contain?

The main components of node status are address, condition, capacity, and info.

What processes run on a Kubernetes master node?

The kube-api server process serves to scale the deployment to more instances

What is a pod in Kubernetes?

A pod is a high-level structure, it can contain one or more containers. Containers that are on the same pod share resources that enable them to easily communicate with each other.

What does the kube-scheduler do?

The kube-scheduler assigns nodes to newly created pods.

What are Daemon sets?

Daemon sets are pods that run only once on a host, they are used for attributes like monitoring and network.

What is Heapster in Kubernetes?

Heapster is a performance monitoring and metric collection system that is natively supported in Kubernetes.

What is Minibube?

Minikube is a tool that enables users to run Kubernetes locally in Docker.

What are the initial namespaces in Kubernetes?

  • Default
  • Kube – system
  • Kube – public

What is the Kubernetes controller manager?

The Kubernetes controller manager is a daemon that is used to embed control loops for things like garbage collection and namespace creation. It enables multiple processes to run on the controller node even though they are compiled as a single process.

What are the types of controller managers?

  • Endpoints controller
  • Service accounts controller
  • Namespace controller
  • Node controller
  • Token controller
  • Replication controller

Describe some Kubernetes objects

  • Pod: Simplest compute unit in Kubernetes, represents a process running in the cluster
  • ReplicaSet: A set of horizontally scaled running pods; not recommended to be created directly but instead managed via Deployments
  • Deployment: A higher level object to support stateless Pods and ReplicaSets
  • Service: A logical abstraction for a set of Pods in a cluster, providing load balancing and policies for access
  • Ingress: Provides routing to manage external users’ access to services running in a cluster
  • DaemonSet: Ensures that nodes run a copy of a Pod
  • StatefulSet: Manages stateful applications
  • Job: Creates Pods and tracks its completion process. Are retried until completed. A CronJob can be used to run jobs on a cluster

What is the difference between Ingress Objects and the Ingress Controller?

They are separate elements that work collaboratively. Ingress manages the routing of HTTP and HTTPS traffic, and ingress controllers implement these rules on the cluster.

What are some common Kubernetes antipatterns?

  • Avoid baking configuration in container images
  • Separate application from infrastructure deployment
  • Eliminate specific order in deployment
  • Establishing resource limits for applications
  • Avoid pulling the latest tag in production
  • Segregate production from non-production workloads
  • Refrain from ad-hoc deployments with kubectl to patch problems
  • Don’t neglect health checks with liveness and readiness probes
  • Prioritize secret handling
  • Avoid using Pods directly in production, leverage resources like Deployment, Job or Stateful set instead for reliability and scalability

What is the kubectl command structure?

kubectl [command] [type] [name] [flags]

  • Command: the operation to be performed (create, get, apply, delete)
  • Type: the resource type (pod, deployment, replicaset)
  • Name: the resource name (if applicable)
  • Flags: special operations of modifiers that override default values

What are the 2 different planes in a Kubernetes cluster?

  • Control plane, which includes controllers, an API server, a scheduler, and an etcd.
  • Worker plane, which includes nodes, a kubelet, container runtime, and kube-proxy

What is the function of a ClusterIP Service in Kubernetes?

It’s the default type of service that provides a stable internal IP address and DNS name for a set of Pods. It provides inter-service communication within a cluster.

What does “automated bin packing” stand for in Kubernetes?

Automated bin packing refers to the intelligent scheduling and placement of Pods onto Nodes within a Kubernetes cluster.

What are the components of a Kubernetes worker node?

  • Kubelet: Ensures that containers are running as desired
  • Container runtime: Responsible for pulling container images from a registry and running containers
  • Kube-proxy: Maintains network rules on de nodes and enables the communication between Pods and Services in the cluster
  • cAdvisor (container advisor): An agent that monitors resource usage and performance metrics for containers

What are the 3 types of Kubernetes autoscaling?

  • Horizontal Pod Autoscaler (HPA): Adjusts the number of replicas of an application by increasing or decreasing the number of pods
  • Vertical Pod Autoscaler (VPA): Adjusts the limits of a container by increasing or decreasing the resource size or speed of the pods
  • Cluster Autoscaler (CA): Adjusts the number of nodes in the cluster

Describe some Kubernetes deployment strategies

  • Recreate: Shuts down all the live version running Pods and replaces them with Pods running the new version
    • Pros: Simplest setup
    • Cons: Downtime between shutdown and new deployment
  • Rolling: Pods are updated one at a time, replacing V1 with V2
    • Pros: Simple setup, suitable for stateless applications
    • Cons: No control over traffic distribution
  • Blue/Green: If blue is the running version, green will create a new deployment with the new version with the same number of Pods so that the traffic can be switched over after testing
    • Pros: Instant rollout and rollback
    • Cons: Expensive (double resources), difficult to handle stateful applications
  • Canary: The new version of the application is tested using a small number of Pods and a subset of users.
    • Pros: Convenient for reliability, error and performance monitoring. Fast rollback
    • Cons: Slow rollout, gradual user access
  • A/B Testing: Evaluates different versions of the application against different sets of users
    • Pros: Multiple versions can be run in parallel. Full control over traffic distribution
    • Cons: Requires an intelligent load balancer. Can be difficult to troubleshoot errors on a session.
  • Shadow: The new version is deployed alongside the live version, requests are sent to both versions but the shadow version does not send responses back,
    • Pros: Performance testing with real traffic. No downtime
    • Cons: Expensive (double resources). Complex setup

What is a ConfigMap in Kubernetes?

A ConfigMap provides variables to be used in an application. It can be created via a string literal, a properties file, or by using YAML. To provide sensitive information secrets should instead be used.

What is a Service Binding?

Binds an external Service to a Deployment and automatically provides credentials to use the Service inside the code. Credentials are stored using volumeMounts and volumes.

What is a Kubernetes operator?

Operators automate cluster tasks and act as a custom controller to extend the Kubernetes API.

Some common tasks include packaging, deploying, and managing Kubernetes apps. They run on a Pod and interact with the API server so they can manage the cluster via continuous real-time decisions.

Some of the advantages of using operators include:

  • Repeatable installs and upgrades
  • Regular full system health checks
  • Over-the-air upgrades
  • Communication tools
  • Integration

What is a Custom Resource Definition?

A Custom Resource Definition (CRD) stores and retrieves objects from the Kubernetes API. They extend Kubernetes by making it more modular and flexible.

What are Custom Controllers?

Controllers reconcile the cluster state with its desired state. Custom Controllers perform the same reconciliation for Custom Resources. The combination of Custom Controllers and CRDs is called the “operator pattern”.