Breaking Down Kubernetes Interviews – One Pod at a Time!
Introduction: Why Container Orchestration? Problem Statement:As microservices-based applications scale, managing containers across multiple environments manually becomes inefficient and error-prone. Solution:Container orchestration automates the deployment, scaling, networking, and lifecycle management of containers. Key Benefits of Kubernetes Orchestration: Virtual Machines vs Containers vs Kubernetes Virtual Machines Docker Containers Kubernetes Hardware-level virtualization OS-level virtualization Container orchestration Heavyweight Lightweight and fast Automates container ops Boot time: Minutes Boot time: Seconds Self-healing, scalable Key Insight:Containers solve the portability problem. Kubernetes solves the scalability and reliability problem of containers in production. Storage in Kubernetes (Dynamic & CSI) Problem Statement:How do we abstract and dynamically provision storage in Kubernetes without being tied to a specific cloud or on-premise provider? Solution: Flow:App → PVC → StorageClass + CSI → PV Reference: https://kubernetes.io/blog/2019/01/15/container-storage-interface-ga/ Kubernetes Architecture Control Plane (Master Node): Together, these components form the master control plane, which acts as the brain and command center of the Kubernetes cluster. Worker Node (Data Plane): Worker nodes, also known as worker machines or worker servers, are the heart of a Kubernetes cluster. They are responsible for running containers and executing the actual workloads of your applications. Architecture Flow Example: Triggers → API Server → Scheduler → Etcd → Node → Kubelet → Container Runtime Instruction Flow (From YAML to Running Pod) PODS Pods are fundamental building blocks in Kubernetes that group one or more containers together and provide a shared environment for them to run within the same network and storage context. Allows you to colocate containers that need to work closely together within the same network namespace. They can communicate using localhost and share the same IP address and port space. Containers within a Pod share the same storage volumes, which allows them to easily exchange data and files. Volumes are attached to the Pod and can be used by any of the containers within it. Kubernetes schedules Pods as the smallest deployable unit. If you want to scale or manage your application, you work with Pod replicas, not individual containers. A Pod can include init containers, which are containers that run before the main application containers. Kubernetes High Availability & Failure Scenarios Component Failure Impact Recovery API Server Cluster becomes unmanageable Restart or HA deployment Etcd State loss, no new scheduling Restore from backup, use HA etcd Scheduler No new pods scheduled Restart scheduler Controller Manager Auto-scaling and replication broken Restart or recover HA Kubelet Node disconnected, unmonitored pods Restart kubelet or reboot node Kube-Proxy Service communication broken Restart kube-proxy CoreDNS DNS lookup failure for services Restart CoreDNS Reference: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ Kubernetes Services In Kubernetes, Services are a fundamental concept that enables communication and load balancing between different sets of Pods, making your applications easily discover able and resilient. Why Do We Need Kubernetes Services? Types of Services: Cluster IP: The default service type. It provides internal access within the cluster. NodePort: Opens a port (30000–32767) on each node, allowing external access to services. Make sure to configure security groups accordingly. LoadBalancer: Distributes incoming traffic across multiple pods, ensuring high availability and better performance. Ingress: HTTP routing with host/path rules Network Policies (Ingress & Egress) Problem Statement:How do we secure communication between microservices in a Kubernetes cluster? Use Case: 3-Tier Microservice Architecture Ingress Policy: Egress Policy: Secrets & ConfigMaps Resource Purpose Security Level Config Map Store non-sensitive config Plain text in etcd Secret Store Sensitive Data Base-64 encoded, more secure Practical Use Case: Kubernetes CI/CD Integration (Brief Outline) Problem Statement: How do we automate builds, tests, and deployments on Kubernetes? Approach: How to handle CrashLoopBackOff Error ? Error Message: kubectl get podsNAME READY STATUS RESTARTS AGEmy-app-5c78f8d6f5-xyz12 0/1 CrashLoopBackOff 5 3m Cause: Application inside the container is crashing repeatedly.Missing dependencies, incorrect configuration, or resource limitations.Fix: Check logs for error messages: kubectl logs my-app-5c78f8d6f5-xyz12 Describe the pod for more details: kubectl describe pod my-app-5c78f8d6f5-xyz12 Fix application errors or adjust resource limits. How to fix ImagePullBackOff Error ? Error Message: kubectl get podsNAME READY STATUS RESTARTS AGEmy-app-5c78f8d6f5-xyz12 0/1 ImagePullBackOff 0 3m Cause: Fix: kubectl describe pod my-app-5c78f8d6f5-xyz12 containers: – name: my-app image: myregistry.com/my-app:latest kubectl create secret docker-registry regcred \ –docker-server=myregistry.com \ –docker-username=myuser \ –docker-password=mypassword How to fix Pod Stuck in “Pending” State ? Error Message: kubectl get podsNAME READY STATUS RESTARTS AGEmy-app-5c78f8d6f5-xyz12 0/1 Pending 0 5m Cause: Fix: kubectl describe pod my-app-5c78f8d6f5-xyz12 kubectl get nodes kubectl get pvc How to fix Node Not Ready ? Error Message: kubectl get nodesNAME STATUS ROLES AGE VERSIONnode-1 NotReady <none> 50m v1.27.2 Cause: Fix: kubectl describe node node-1 journalctl -u kubelet -n 100 systemctl restart kubelet df -h How to fix Service Not Accessible error? Error Message: curl: (7) Failed to connect to my-service port 80: Connection refused Cause: Fix: kubectl get svc my-service kubectl describe svc my-servic kubectl get pods -o wide How to fix “OOMKilled” (Out of Memory) ? Error Message: kubectl get pod my-app-xyz12 -o jsonpath='{.status.containerStatuses[0].state.terminated.reason}’OOMKilled Cause: Fix: resources: limits: memory: “512Mi” requests: memory: “256Mi” kubectl top pod my-app-xyz12 What do you know about kubeconfig file in Kubernetes ? A file used to configure access to a cluster is called a kubeconfig file. This is the generic way of referring to a configuration file. This doesn’t mean the file name is kubeconfig. K8s components like kubectl, kubelet, or kube-controller-manager use the kubeconfig file to interact with the K8s API. The default location of the kubeconfig file is ~/.kube/config. There are other ways to specify the kubeconfig location, such as the KUBECONFIG environment variable or the kubectl —kubeconfig parameter. The kubeconfig file a YAML file contains groups of clusters, users, and contexts. The clusters section lists all clusters that you already connected. The users section lists all users already used to connect to a cluster. There are some possible keys for the user: The context section links a user and a cluster and can set a default namespace. The context name is arbitrary, but the user and cluster must be predefined in the kubeconfig file. If the namespace doesn’t exist, commands will fail with an error. What are Selectors & Labels in Kubernetes? Services use selectors and labels to identify the Pods they should target.
