Are you looking for somewhere to learn more about Kubernetes interview questions? You’re in the right place! We publish a Kubernetes question every day on our social media channels, LinkedIn, Telegram, and YouTube, and at the end of the week, we provide the correct answers with details here. If you want to test your Kubernetes knowledge or prepare yourself for Kubernetes role interviews, follow our social media.
Follow our social media:
https://www.linkedin.com/in/ssbostan
https://www.linkedin.com/company/kubedemy
https://www.youtube.com/@kubedemy
Kubernetes Interview Questions:
13 November 2023:
What is the best way to create an immutable ConfigMap?
- A) By adding “immutable” option to the ConfigMap spec
- B) By installing an additional controller to lock ConfigMap resources
- C) By adding locks in the etcd database
- D) By denying update access
Kubernetes natively provides a way to create an immutable ConfigMap so that when you create a ConfigMap, after the creation, no one can change its manifest, and to change it, the only way is to delete the current one and create a new one. This option also works for Secrets, and we can create immutable Secrets as well.
Kubernetes Hacks and Tricks – #1 Immutable ConfigMaps and Secrets
14 November 2023:
How can we create a Service that points to a service outside the cluster?
- A) Create a ClusterIP Service resource
- B) Create an ExternalName service resource
- C) Create a ClusterIP Service without selectors and create Endpoints manually
- D) Create an Ingress resource and use the Rewrite rule
To do so, we must create a Service without any Selectors so the Service controller doesn’t create an Endpoints for that Service; after that, we must create an Endpoints resource with the same name as the Service resource and provide our external service IP addresses in Endpoints subsets. By creating such a configuration, if a Pod tries to resolve the Service DNS name, it gets the external service IP addresses.
15 November 2023:
What happens when you provide a Headless service to StatefulSet?
- A) It’s just a definition to clarify this Service is related to this StatefulSet
- B) The StatefulSet controller automatically adds subdomains to that Service
- C) The StatefulSet identifies StatefulSet Pods with that Service
- D) The StatefulSet uses that Service to find the Pods’ order
Normally, when you create a Service, the service can be resolved using this DNS pattern <service_name>.<namespace_name>.svc.<cluster_address>
for example, nginx.default.svc.cluster.local
. Headless services do the same thing, but instead of resolving the ClusterIP address, they return Pods’ IP addresses. When it comes to StatefulSet, and you provide a Headless service to a StatefulSet resource, the StatefulSet Controller adds subdomains to this service so that the service can be resolved with <statefulset_pod_name>.<service_name>.<namespace_name>.svc.<cluster_address>
for example, if you deploy Redis with StatefulSet with 3 replicas with the name redis
and assign a Headless service with the name of redis
then StatefulSet deploys redis-0
redis-1
redis-2
and the Headless service can also be resolved using redis-0.redis.default.svc.cluster.local
.
16 November 2023:
How does Kubernetes handle sticky sessions for Pods?
- A) It is automatically implemented by the StatefulSet resource
- B) It can be implemented using Ingress resource
- C) It needs to be implemented from the Application side
- D) It can be implemented by sessionAffinity in Service
Kubernetes supports ClientIP-based session affinity to help you implement session stickiness for applications. All you need is to create a Service and provide sessionAffinity
and sessionAffinityConfig
to implement this option. Note that the client will be bound to a specific Pod for a specific duration configured by timeout.
17 November 2023:
What is the auth-delegator role good for?
- A) To authenticate another Pod with TokenReview resource
- B) To provide a token to another Pod with TokenRequest resource
- C) To provide identity to External applications
- D) To provide identity to Pods
The system:auth-delegator
role is a Cluster Role that helps deployed applications to check the identity and authenticate another Pod before providing them access to resources. Kubernetes natively provides a way for microservices to authenticate each other by using TokenReview
and SubjectAccessReview
resources.
Conclusion:
Kubernetes itself is wild. Man vs. Wild in interviews needs deep knowledge, hands-on experience and additional skills to pass. If you want to pass Kubernetes role interviews, read more and do many more with Kubernetes. Our goal in Kubedemy is to help you understand and solve Kubernetes difficulties in all situations.
If you like this series of articles, please share them and write your thoughts as comments here. Your feedback encourages me to complete this massively planned program.
Follow my LinkedIn https://www.linkedin.com/in/ssbostan
Follow Kubedemy LinkedIn https://www.linkedin.com/company/kubedemy
Follow Kubedemy Telegram https://telegram.me/kubedemy