Essential Kubernetes Questions

by

1️⃣ How to run Kubernetes locally?

You can run Kubernetes locally using these tools:

  • Minikube: A lightweight tool that spins up a single-node Kubernetes cluster on your machine using virtualization (like VirtualBox) or Docker.
  • Kind (Kubernetes in Docker): Runs Kubernetes clusters in Docker containers. Great for testing Kubernetes versions and CI pipelines.
  • Docker Desktop: Has a built-in Kubernetes option for Mac and Windows.

🧪 These are ideal for local development, learning, and testing Kubernetes configurations without needing a cloud provider.

2️⃣ What is Kubernetes Load Balancing?

Kubernetes uses multiple load balancing mechanisms to distribute traffic evenly across pods:

  • ClusterIP 🔄: Default service type. Internal-only load balancing.
  • NodePort 🌐: Exposes service on a static port on each node.
  • LoadBalancer ☁️: For external traffic; integrates with cloud provider load balancers.
  • Ingress ➡️: Advanced HTTP routing based on host/path.

🎯 Load balancing ensures high availability and scalability.

3️⃣ What does this mean in a deployment config?

spec:
  containers:
    - name: USER_PASSWORD
      valueFrom:
        secretKeyRef:
          name: some-secret
          key: password

This defines an environment variable USER_PASSWORD inside a container. Instead of hardcoding, its value comes securely from a Kubernetes Secret called some-secret, key password. 🔐

4️⃣ Troubleshooting: Pod not getting scheduled?

Some common causes and steps:

  • Insufficient Resources: Check CPU/memory on nodes.
  • 📋 Use kubectl describe pod <pod-name> -n <namespace> to get detailed reasons.
  • 🔄 Check cluster-wide events: kubectl get events --sort-by=.metadata.creationTimestamp
  • 🧠 Common issues include taints, affinity rules, or node selector mismatches.

5️⃣ How to run a Pod on a particular node?

  • 🏷️ nodeName: Hard-assign a pod to a specific node.
  • 🧩 nodeSelector: Match a label like disktype=ssd to schedule a pod on matching nodes.
  • 🎯 Node Affinity:
    • requiredDuringSchedulingIgnoredDuringExecution (hard requirement)
    • preferredDuringSchedulingIgnoredDuringExecution (soft preference)

Example:

spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
          - matchExpressions:
              - key: disktype
                operator: In
                values:
                  - ssd

6️⃣ Make this service external:

spec:
  selector:
    app: some-app
  ports:
    - protocol: UDP
      port: 8080
      targetPort: 8080

Add these fields:

  type: LoadBalancer
  ports:
    - protocol: UDP
      port: 8080
      targetPort: 8080
      nodePort: 32412

✅ Now it’s exposed outside the cluster via the external IP of the node or cloud load balancer.

7️⃣ Test a manifest without applying it?

Use the --dry-run=client flag:

kubectl apply -f my-manifest.yaml --dry-run=client

This checks for syntax or validation errors without making changes. ✅

8️⃣ Roll back an application?

Use:

kubectl rollout undo deployment <deployment-name>

🔁 This reverts to the previous ReplicaSet version. Kubernetes stores deployment revisions automatically.

9️⃣ How to package Kubernetes applications?

Use Helm 🎁

  • Helm charts bundle manifests and values into reusable packages.
  • Supports versioning, templating, and easier upgrades.
  • Great for CI/CD and consistent deployment.

Install chart:

helm install myapp ./my-chart

🔟 Node Affinity vs Pod Affinity?

TypeDescription
Node AffinitySchedule pods based on node labels
Pod AffinitySchedule pods near other specific pods
Anti-affinityAvoid placing pods on same node as others

🧠 Helps with performance, fault tolerance, and locality.

1️⃣1️⃣ Drain traffic from a Pod for maintenance?

  • 🛑 Use kubectl drain <node> to cordon and evict pods.
  • ✅ Readiness probes detect unready pods and stop sending traffic.
  • ⏳ Use preStop hooks for graceful shutdown.

1️⃣2️⃣ Two containers in one Pod (Nginx + WordPress), access them?

  • Use a headless service or localhost:<port> if exposed internally.
  • For browser access, expose via NodePort or Ingress.

Example:

ports:
  - containerPort: 80 # Nginx
  - containerPort: 8080 # WordPress

📦 Then expose with a service or Ingress.

1️⃣3️⃣ Wait for one container to start before another?

  • Use Init Containers ⌛: Ensures order of execution.
  • Or script logic in app to poll readiness endpoint.

1️⃣4️⃣ What happens if kubelet is upgraded without draining?

  • ❌ All running pods may restart.
  • 🔄 Kubelet stops processing API calls, disrupting the node.

💡 Best Practice: Always kubectl drain <node> before upgrade.

1️⃣5️⃣ Service with externalIP and label selector?

spec:
  selector:
    app: myapp
  externalIPs:
    - 192.168.1.100
  ports:
    - port: 80
      targetPort: 8080

🔗 Routes traffic from externalIP to matching pods.

1️⃣6️⃣ Does applying secret update restart pods?

No ❌, applying secret does not restart pods.

To reflect changes:

  • 🔄 Manually restart the pod.
  • 🛠️ Or mount secret as volume with subPath and use a controller to reload changes.

1️⃣7️⃣ Connect app pod with database pod?

  • 🧭 Create a Service for the DB pod.
  • 📝 App uses the service name (e.g. postgres.default.svc.cluster.local).
  • ✅ Ensure port and protocol match DB.

1️⃣8️⃣ Set default ImagePullSecret for deployments?

kubectl patch serviceaccount default -p '{"imagePullSecrets":[{"name":"mysecret"}]}'

📦 Now all pods in the namespace will use that secret for pulling private images.

1️⃣9️⃣ Updated ConfigMap — how to apply changes?

🔁 Restart the pod:

kubectl rollout restart deployment my-app

Changes in ConfigMap don’t reflect automatically unless the app watches for changes in mounted files.

2️⃣0️⃣ How Kubernetes handles CPU & memory?

  • Requests 📦: Minimum guaranteed resources.
  • Limits 🚫: Maximum a container can use.

Set in pod spec:

resources:
  requests:
    cpu: "200m"
    memory: "512Mi"
  limits:
    cpu: "500m"
    memory: "1Gi"

💡 Prevents noisy neighbor problems and supports autoscaling.

2️⃣1️⃣ Troubleshoot pod failing to start or resource issues?

Checklist ✅:

  1. kubectl get pods – Check pod status
  2. kubectl describe pod – Events and scheduling issues
  3. kubectl logs <pod> – Application errors
  4. kubectl top nodes – Node resource usage
  5. Pod affinity, tolerations, security policies
  6. 🔄 Restart pod if needed
  7. 🕵️ Check network, DNS, or image pull issues

2️⃣2️⃣ Roll out a new deployment with minimal downtime?

  • 🛠️ Update image/tag in manifest
  • ✅ Use rolling update strategy (default in Deployments)
  • 🧪 Add readiness probes
  • 📈 Monitor with kubectl rollout status
  • 🔙 Rollback if needed: kubectl rollout undo deployment
  • 🔁 Use multiple replicas for zero downtime

2️⃣3️⃣ What is Ingress in Kubernetes?

🚪 Ingress = Entry point for HTTP/S traffic into your cluster

  • 🌐 Define routing rules based on URL paths or hostnames
  • 🔒 Supports TLS (HTTPS)
  • 📦 Acts as reverse proxy + load balancer
  • 🧰 Requires an Ingress Controller (like NGINX, Traefik, AWS ALB)

Example:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-ingress
spec:
  rules:
    - host: example.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: my-service
                port:
                  number: 80

🎯 Perfect for managing multiple services under one domain.

Leave a Comment