Kubernetes
What is a Secret in Kubernetes?
In Kubernetes, a Secret is a resource used to store sensitive data such as passwords, OAuth tokens, SSH keys, and other confidential information. Secrets provide a more secure way to store sensitive data compared to regular ConfigMaps or environment variables.
What is a ConfigMap?
In Kubernetes, a ConfigMap is a key-value store used to store non-confidential data in key-value pairs. ConfigMaps allow you to decouple environment-specific configuration from your container images, so your applications are easily portable.
What is a deployment?
In Kubernetes, a Deployment is a higher-level API object that manages the deployment and scaling of a set of Pods, along with updating them in a declarative way. Deployments are typically used for stateless applications and provide features such as rolling updates, rollbacks, and scaling.
What is a POD?
In Kubernetes, a Pod is the smallest and most basic deployable object. It represents a single instance of a running process in your cluster and serves as the basic building block of Kubernetes applications.
How do does Kubernetes work in all together?
The API Server acts as the hub for all communication, both internal and external. Controllers watch the state of the cluster through the API server and make changes to move the current state towards the desired state. The Scheduler decides which node will run a new pod based on various criteria and communicates this through the API server. Kubelets on each node receive instructions from the API server and manage the pods' containers using the node's container runtime. Kube-proxy handles networking on each node, ensuring that the network is accessible and isolated where appropriate.
How does CCM work?
The CCM runs alongside other master components like the Kubernetes API server, controller manager, and scheduler. It can be run as a Kubernetes deployment or as a separate process, depending on the setup and requirements of the cloud provider. Cloud providers typically offer their own implementations of CCM tailored to work with their specific services and APIs.
What is CCM Cloud Controller Manager?
The Cloud Controller Manager (CCM) is a key component in Kubernetes architecture, designed to abstract and manage cloud-specific functionalities separate from the core Kubernetes codebase. This allows for the integration of Kubernetes with various cloud providers' APIs and services.
Explain the last part of Kubernetes Architecture?
Pods: The smallest deployable units in Kubernetes, which represent a single instance of a running process in the cluster. Each pod contains one or more containers. Services: An abstract way to expose an application running on a set of Pods as a network service. Provides a consistent IP address and DNS name for accessing the pods. Ingress: Manages external access to the services in the cluster, typically HTTP. Provides load balancing, SSL termination, and name-based virtual hosting. Deployments, ReplicaSets, and StatefulSets: Controllers for deploying and managing the lifecycle of pods.
List some popular Ingress Controller
Popular Ingress Controllers include Nginx, HAProxy, Traefik, and cloud-provider-specific solutions like AWS ALB Ingress Controller and GCE Ingress Controller. To use Ingress, you must have an Ingress controller running in the cluster.
What is the difference between ReplicaSet and Replication Controller
ReplicaSet is the next-generation ReplicationController. The main difference is that ReplicaSets support set-based selectors, whereas ReplicationControllers only support equality-based selectors
How do you list and manage namespace?
kubectl get namespaces: Lists all namespaces. kubectl create namespace <namespace-name>: Creates a new namespace.
What are the steps in managing Deployments?
*Create a Deployment: Use kubectl apply -f deployment.yaml to create a Deployment from a YAML file. *Update a Deployment: Modify the Deployment YAML file and reapply it, or use kubectl set image to update the container image. *Rolling Update: When you update a Deployment, Kubernetes performs a rolling update by default. *Rollback: If needed, you can roll back to an earlier Deployment revision. *Scaling: Use kubectl scale deployment to change the number of replicas. *Status Inspection: Use kubectl rollout status to get the status of a Deployment's rollout. Delete a Deployment: Use kubectl delete deployment to delete it.
What are key characteristics of Ingress?
1. HTTP/HTTPS Routing: Ingress allows you to route HTTP and HTTPS traffic to different services based on the request host or path. 2. Host-Based Routing: You can route traffic based on the requested domain name. For example, foo.example.com can route to one service, and bar.example.com can route to a different service. 3. Path-Based Routing: You can route traffic based on the URL path. For example, requests to example.com/foo can be routed to one service, and example.com/bar can be routed to another service. 4. SSL/TLS Termination: Ingress can manage SSL/TLS certificates and terminate SSL/TLS connections, offloading this work from your application. 5. Load Balancing: Ingress provides load balancing to distribute incoming network traffic across multiple backend services.
What are some components of Ingress?
1. Ingress Resource: The Ingress resource defines the rules for traffic routing, including the host, path, and the backend service to route to. 2. Ingress Controller: To implement the Ingress, you need an Ingress Controller, a load balancer or reverse proxy that watches the Kubernetes API server for updates to the Ingress resource and updates its configuration accordingly.
How do you install KOPS on Ec2? Explain steps 1 - 4.
1. Install Kops On your local machine (not on EC2), install Kops. This can be done in various ways depending on your operating system. For example, on a Unix system, you might wget https://github.com/kubernetes/kops/releases/download/v1.22.0/kops-linux-amd64 chmod +x kops-linux-amd64 sudo mv kops-linux-amd64 /usr/local/bin/kops 2. Install kubectl You also need kubectl, the command line tool for Kubernetes. You can install it similarly to Kops. 3. Configure AWS CLI Set up the AWS CLI with credentials that have the necessary permissions:bashCopy codeaws configure Input your AWS Access Key ID, Secret Access Key, and default region. 4. Create an S3 Bucket Kops requires an S3 bucket to store the state of your Kubernetes cluster:bashCopy codeaws s3 mb s3://<your-kops-state-store> Remember to replace <your-kops-state-store> with your desired bucket name
What are key characteristics of Deployments?
1. Pod Management: A Deployment manages a ReplicaSet which in turn manages the Pods. It ensures that a specified number of Pods are running and available at all times. 2. Declarative Updates: You describe the desired state in a Deployment configuration, and Kubernetes changes the actual state to the desired state at a controlled rate. This includes updating the Pods with new container images, resource limits, or other configurations. 3. Rolling Updates and Rollbacks: Deployments support rolling updates to Pods. When you update the Deployment's configuration, it incrementally updates the Pods with new configurations while maintaining application availability. If something goes wrong, Kubernetes provides the ability to roll back to a previous deployment state. 4. Scaling: Deployments can be easily scaled up or down. Scaling a Deployment changes the desired number of replica Pods, which the underlying ReplicaSet then manages. 5. Self-healing: Similar to ReplicaSets, if a Pod in a Deployment fails, the Deployment will replace it to maintain the desired number of replicas.
What are four characteristics of ReplicaSet?
1. Pod Replication: The primary purpose of a ReplicaSet is to replicate a certain number of Pods. This is defined in the ReplicaSet's specification. 2. Self-Healing: If a Pod in the ReplicaSet fails, the ReplicaSet will replace it to ensure the desired number of replicas is maintained. This provides fault tolerance and high availability. 3. Scaling: ReplicaSets can be scaled up or down manually or automatically by a Horizontal Pod Autoscaler to adjust to changes in load. 4. Label Selector: ReplicaSets use a label selector to identify the Pods they should manage. This is specified in the ReplicaSet's definition.
What are key characteristics of Secrets?
1. Sensitive Data Storage: Secrets are used to store and manage sensitive information, preventing it from being exposed in your application code, Pod specification, or in the container runtime. 2. Encryption at Rest: Secrets are, by default, stored as plain text in etcd, but they can be encrypted at rest in etcd to provide additional security. 3. Limited Exposure: Secrets can be mounted as data volumes or exposed as environment variables to be used by containers in a Pod. They are stored in tmpfs (RAM-backed filesystem) on a node to avoid being written to non-volatile storage. 4.Access Control: Access to Secrets can be controlled using Kubernetes RBAC (Role-Based Access Control) policies, ensuring that only authorized Pods and users can access them.
What are Key Characteristics of ConfigMaps
1. Store Configuration Data: ConfigMaps are ideal for storing configuration files, command-line arguments, environment variables, port numbers, and other configuration data. 2. Dynamic Configuration: They provide a way to change the configuration settings of your application without the need to rebuild your application images. This makes your applications more dynamic and easily configurable. 3. Environment Agnostic: By using ConfigMaps, you can run the same application in different environments with different configurations, making your deployments more consistent and manageable. 4. Easy Integration: ConfigMaps can be used by Pods at runtime. A common pattern is to use ConfigMaps to hold configuration files and mount them into Pods using a volume.
Name four services in Kubernetes?
1.ClusterIP: Exposes the service on an internal IP in the cluster. This type makes the service only reachable within the cluster. 2.NodePort: Exposes the service on the same port of each selected Node in the cluster using NAT. It makes the service accessible from outside the cluster using <NodeIP>:<NodePort>. 3.LoadBalancer: Exposes the service externally using a cloud provider's load balancer. NodePort and ClusterIP services, to which the external load balancer routes, are automatically created. 4.ExternalName: Maps the service to the contents of the externalName field (e.g., foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is set up.
What are the key concepts of Kubernetes?
1.Containers and Pods: Kubernetes operates on containers, primarily using Docker, but it also supports other container runtimes. The basic deployable unit in Kubernetes is a Pod, which is a group of one or more containers with shared storage/network and a specification for how to run the containers. 2.Cluster Architecture: A Kubernetes cluster consists of at least one master node and multiple worker nodes. The master node hosts the Kubernetes Control Plane which manages the state of the cluster, while worker nodes run the actual applications. 3.Control Plane: The Control Plane includes various components like the Kubernetes API Server, Scheduler, Controller Manager, and etcd (a key-value store for cluster data). It is responsible for making global decisions about the cluster (like scheduling), 4.Worker Nodes: These nodes run the applications and workloads. Each worker node has a Kubelet, which is an agent for managing the node and communicating with the Kubernetes control plane, and a container runtime (like Docker) for running containers. 5..Deployment and Services: Kubernetes uses Deployments to manage the creation and scaling of pods. Services in Kubernetes provide a static IP address and DNS name by which pods can be accessed, usually serving as load balancers. 6.Scaling and Load Balancing: Kubernetes can automatically scale the number of pods based on CPU usage or other select metrics. It also supports load balancing traffic to ensure that the application is accessible and can handle the workload. 7.Self-Healing: Kubernetes has the ability to restart containers that fail, replace and reschedule containers when nodes die, kill containers that don't respond to user-defined health checks, and doesn't advertise them to clients until they are ready to serve.
How do you expose an application as a Service?
1.Ensure Your Pods are Running: First, make sure that your application is running on a set of Pods in your Kubernetes cluster. The Pods should be labeled with an identifying key-value pair. 2.Create a Service Definition: Write a YAML file for your service. Here's an example of a NodePort service: apiVersion: v1 kind: Service metadata: name: my-service spec: type: NodePort selector: app: MyApp ports: - protocol: TCP port: 80 targetPort: 9376 nodePort: 30007 In this example, my-service will route traffic to Pods labeled with app: MyApp. It listens on port 80, routes to targetPort 9376 (the port your app is running on within the Pods), and is available externally at port 30007 on each node. 3. Create the Service: Apply the service definition using kubectl: kubectl apply -f my-service.yaml 4. Access the Service: For a ClusterIP service, it's accessible within the cluster at the ClusterIP. For a NodePort service, it's accessible externally using <NodeIP>:<NodePort>. For a LoadBalancer service, it's accessible through the load balancer's external IP. 5. Verify the Service: You can check the status of your service using: kubectl get service my-service
How do you install KOPS on Ec2? Explain steps 5-9
5. Set KOPS_STATE_STORE Environment Variable Set an environment variable to tell Kops where to store cluster state:bashCopy codeexport KOPS_STATE_STORE=s3://<your-kops-state-store> 6. Create Cluster Configuration Use Kops to create cluster configuration. You'll need to specify the DNS zone which should already be set up in Route53 and the name of your cluster:bashCopy codekops create cluster --zones=us-west-2a --name=<your-cluster-name>.<your-dns-zone> 7. Build the Cluster After creating the configuration, build the cluster with:bashCopy codekops update cluster <your-cluster-name>.<your-dns-zone> --yes This step actually provisions the EC2 instances and sets up the Kubernetes cluster. 8. Validate the Cluster Once the cluster is created, ensure it's up and running:bashCopy codekops validate cluster 9. Accessing the Cluster After the cluster is validated, you can start using kubectl to interact with your cluster. 10. Deleting the Cluster When you no longer need the cluster, you can delete it with:bashCopy codekops delete cluster <your-cluster-name>.<your-dns-zone> --yes
What is a PVC?
A Persistent Volume Claim is a request for and claim to a Persistent Volume (PV). While Volumes are directly declared and included in the Pod's configuration, PVCs are a way to abstract the details of how the storage is provided and how it's consumed. Persistent Volumes (PVs): These are cluster-wide resources that are provisioned by an administrator or dynamically provisioned using Storage Classes. They represent a piece of storage in the cluster that has been provisioned and made available for use. PVC to PV Binding: When you create a PVC, Kubernetes finds an available PV that matches the request and binds the PVC to it. This binding is exclusive, and as long as the PVC exists, the PV belongs to the PVC.
What is a volume in Kubernetes?
A Volume in Kubernetes is a storage unit attached to a Pod that containers in the Pod can access. Unlike the temporary storage that is associated with each container, a Volume in Kubernetes outlives the lifecycle of individual containers and is used for purposes such as: Storing Application Data: Ensuring that data persists across container restarts. Sharing Data: Sharing files between containers running within the same Pod. Data Persistence: Maintaining data even when the Pod is rescheduled on a different node. Kubernetes supports several types of Volumes, such as emptyDir (a temporary directory that shares a Pod's lifetime), hostPath (mounts a file or directory from the host node's filesystem), and cloud storage options like AWS Elastic Block Store, Azure Disk, or Google Persistent Disk.
Explain the Basic Structure of a Pod Definition File
A definition file for a Pod in Kubernetes is typically written in YAML (or JSON) and outlines the desired state and characteristics of the Pod. Here are the key components typically found in a Pod definition file: Basic Structure of a Pod Definition File apiVersion: Specifies the version of the Kubernetes API you're using to create the object. Example: apiVersion: v1 kind: Identifies the type of Kubernetes object the definition is creating. For a Pod, this is always Pod. Example: kind: Pod metadata: Provides data that helps uniquely identify the object, including its name and namespace. It can also include labels and annotations for additional organization and configuration. Example:yamlCopy codemetadata: name: my-pod labels: app: my-application spec (Specification): Describes the desired state of the object and its characteristics. For a Pod, this includes details about the containers to be run. Example:yamlCopy codespec: containers: - name: my-container image: nginx ports: - containerPort: 80
Explain security with Etcd?
Access Control: Direct access to etcd is restricted. Typically, only the Kubernetes API Server interacts directly with etcd. Encryption and Authentication: Communication with etcd is often secured using TLS encryption. Additionally, etcd supports client certificate authentication for enhanced security.
How do you apply, delete or port forward in kubectl?
Apply Changes: kubectl apply -f <file.yaml>: Applies changes specified in a YAML file. Delete Resources: kubectl delete -f <file.yaml>: Deletes resources defined in a YAML file. Port Forwarding: kubectl port-forward <pod-name> <local-port>:<pod-port>: Forwards one or more local ports to a pod.
What is the role of Cloud controller manager
Cloud-Specific Operations: CCM interfaces with cloud provider-specific APIs to manage resources that are provided by the cloud. This includes managing networking, storage, and compute resources that are specific to each cloud platform. Node Controller: It checks with the cloud provider to determine if a node has been deleted or terminated after it stops responding. If the node is no longer present in the cloud, Kubernetes deletes the Node object from its API server. Route Controller: Responsible for setting up network routes in the cloud infrastructure, which is necessary for Kubernetes networking to function properly. Service Controller: Manages cloud provider-specific load balancers and routing rules, ensuring that services of type LoadBalancer are properly implemented within the cloud environment. Volume Controller: Manages volume-related functionalities provided by the cloud, such as creating, attaching, and mounting storage volumes.
List the key components of the Kubeconfig file?
Clusters: Lists the Kubernetes clusters you have access to, including the name of each cluster and connection details like the API server address. Users: Contains user credentials used to authenticate to the Kubernetes API server. This can include a name, client key and certificate, bearer token, or other authentication mechanisms. Contexts: A context is a combination of a cluster, a user, and a namespace. It specifies which cluster you're accessing, how you authenticate, and which namespace your operations default to. Current Context: Specifies the current active context from the list of defined contexts.
How do you create a namespace?
Creating a Namespace: You can create a new namespace using the kubectl create namespace command. For example: kubectl create namespace my-namespace Working with Namespaces: When you interact with Kubernetes (using kubectl), you specify the namespace in the command to work with resources in that namespace. If no namespace is specified, the default namespace is used. Example of Specifying Namespace in a Resource File: apiVersion: v1 kind: Pod metadata: name: mypod namespace: my-namespace
List of common cluster kubectl commands?
Get Cluster Info: kubectl cluster-info: Displays endpoint information about master and services. List Nodes: kubectl get nodes: Lists all nodes in the cluster.
What is a namespace?
In Kubernetes, a namespace is a way to divide cluster resources between multiple users or to logically separate distinct parts of a single cluster. It's like a virtual cluster inside your Kubernetes cluster, providing a scope for names and a mechanism to attach authorization and policy to a subsection of the cluster.
What is Ingress in Kubernetes?
In Kubernetes, an Ingress is a resource that manages external access to services within a cluster, typically HTTP and HTTPS traffic. It provides an HTTP routing layer to services and can be configured to give services externally-reachable URLs, load balance traffic, terminate SSL/TLS, and offer name-based virtual hosting.
How does etcd work with Kubernetes components?
Kubernetes API Server: The API Server is the primary component that interacts with etcd. When you create, update, or delete Kubernetes objects like pods, services, or deployments, these changes are reflected in etcd. Read and Write Operations: When a change is made in the cluster (like deploying a new pod), the API Server writes this information to etcd. When information about the state of the cluster is required (like listing pods), the API Server reads this data from etcd. Data Recovery and Raft Algorithm: etcd uses the Raft consensus algorithm to replicate data across multiple nodes. This ensures data availability and integrity, even if some of the nodes fail. This replication allows for fault tolerance and data recovery in case of hardware failure or network partitions.
How do you expose an application running on a set Pods as a network service?
Kubernetes Service.
What is kubernetes?
Kubernetes, often abbreviated as K8s, is an open-source platform designed to automate the deployment, scaling, and operation of application containers across clusters of hosts. It was originally developed by Google and is now maintained by the Cloud Native Computing Foundation. Microservices Orchestration: Managing, scaling, and deploying small, independent, and loosely coupled segments of an application. Automated Rollouts and Rollbacks: Handling application updates and rollbacks automatically without downtime. DevOps Practices: Enhancing the collaboration between development and operations teams through continuous integration and continuous deployment (CI/CD) practices.
Explain Kubernetes architecture part 1?
Master Node Components The master node (or control plane) manages the state of the Kubernetes cluster, making global decisions, and reacting to cluster events. API Server (kube-apiserver): Serves as the front end of the Kubernetes control plane. Handles internal and external requests and operations on the cluster. Cluster Store (etcd): A consistent and highly-available key-value store used to store all cluster data. It acts as the "source of truth" for the cluster. Controller Manager (kube-controller-manager): Manages a series of controllers that regulate the state of the cluster, handle node failures, replicate components, and more. Scheduler (kube-scheduler): Responsible for assigning work, typically in the form of pods, to the appropriate worker nodes. It considers resource availability, constraints, and load balancing while scheduling.
What are some scenarios of using namespaces?
Multi-Tenancy: Separate resources between different teams or projects. Environment Segregation: Manage environments such as development, staging, and production within the same cluster. Resource Allocation: Enforce different resource limits for different projects or teams.
What are some Limitiations of Consideratiosn of a config map?
Not for Sensitive Data: ConfigMaps are not designed to hold sensitive information. Use Secrets for that purpose. Immutability: Once a ConfigMap is being used in a volume, the contents are not automatically updated when the ConfigMap is updated. You need to recreate the Pods to see the latest changes.
What are some key characteristics of namespaces?
Resource Isolation: Namespaces are intended to be used in environments with many users spread across multiple teams or projects. Resources in one namespace are hidden from other namespaces, providing a level of isolation. Resource Management: You can assign resource quotas to namespaces, limiting the amount of CPU and memory that the combined resources in the namespace can consume. This prevents one team or project from using more than its fair share of cluster resources. Naming: Namespaces allow you to create resources with the same name but in different namespaces. This is useful when multiple teams or projects are using the same cluster but need to maintain separate environments, like development, staging, and production. Access Control: Kubernetes access control policies can be applied to a namespace, allowing you to restrict who can create and modify resources in that namespace.
How does etcd work far as deployment and management?
Running etcd: In most Kubernetes setups, etcd runs on the master node(s) of the cluster. In highly-available clusters, it runs on multiple master nodes to ensure data is consistently replicated. Backup and Restore: Regular backups of etcd data are crucial for disaster recovery. Kubernetes administrators often set up procedures to backup etcd data periodically.
What is a service in Kubernetes?
Service in Kubernetes is an abstract way to expose an application running on a set of Pods as a network service. It defines a logical set of Pods and a policy by which to access them, often via a network port
What is the role of etcd?
Store Cluster State: etcd stores the most critical data of a Kubernetes cluster, which includes information such as the cluster configuration, secrets, pods, and service states. It acts as the single source of truth for the entire cluster. High Availability and Consistency: As a distributed key-value store, etcd is designed to be highly available and consistent, which is crucial for the stable operation of the Kubernetes cluster. It uses the Raft consensus algorithm to manage a highly-available replicated log. Data Synchronization: etcd helps in keeping the cluster state synchronized across all nodes. Any change in cluster state is written to etcd, ensuring that the state remains consistent across the cluster. Watch Changes: Kubernetes components like the Controller Manager and Scheduler watch for changes in etcd to react to cluster events (like creating a new pod when a deployment's replicas field is unsatisfied).
Where is the kubeconfig file located?
The kubeconfig file is often located at ~/.kube/config on your local machine, but you can specify a different path by setting the KUBECONFIG environment variable or using the --kubeconfig flag with kubectl.
What are some use cases of Ingress?
Web Applications: Routing to different web applications based on URL paths or hostnames. API Gateway: Serving as an entry point to a set of related backend services, providing an API Gateway. SSL Termination: Centralizing SSL termination at the Ingress level instead of on each service.
Explain the second part of Kubernetes Architecture?
Worker Node Components Worker nodes are responsible for running the actual applications and workloads. Kubelet: An agent running on each worker node, responsible for managing the state of pods and containers on that node as directed by the control plane. Communicates with the API server to report or receive instructions. Kube-Proxy (kube-proxy): Network proxy running on each worker node that handles network communication inside or outside of the cluster. Implements part of the Kubernetes Service concept. Container Runtime: The software responsible for running containers. Kubernetes is agnostic to the container runtime, with support for Docker, containerd, CRI-O, and others.
How do you create a POD?
Write a Pod Definition File: First, you need to create a YAML (or JSON) file that defines the Pod. Here's a simple example of a Pod definition file named mypod.yaml: 2.Create the Pod Using kubectl: Use the kubectl create command to create the Pod from your definition file: 3.
What is a replicaSet?
a ReplicaSet is a fundamental workload API that ensures a specified number of pod replicas are running at any given time. It's designed to maintain a stable set of replica Pods running at any given time and is often used to guarantee the availability of a specified number of identical Pods.
Give an example of a Deployment definition file.
apiVersion: apps/v1 kind: Deployment metadata: name: my-deployment spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: nginx image: nginx:1.16
Give an example replicaset yaml file?
apiVersion: apps/v1 kind: ReplicaSet metadata: name: my-replicaset spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: nginx image: nginx
How do you write an Ingress definition file?
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: example-ingress spec: rules: - host: foo.example.com http: paths: - path: /foo pathType: Prefix backend: service: name: foo-service port: number: 8080 - host: bar.example.com http: paths: - path: /bar pathType: Prefix backend: service: name: bar-service port: number: 8080
How do write a PVC definition file?
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mypvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi
How do you write definition file for a config map in a pod?
apiVersion: v1 kind: Pod metadata: name: mypod spec: containers: - name: mycontainer image: myimage envFrom: - configMapRef: name: my-config
Give a detailed breakdown of the spec section in pod yaml file.
containers: Lists the containers to be included in the Pod. Each container is defined with its own set of properties. Container Properties: name: A unique name for the container. image: The Docker image to use for the container. ports: List of ports to expose from the container. env: Environment variables to set inside the container. volumeMounts: Mount points for volumes attached to the Pod. command and args: Override the default command and arguments of the container. Other properties can control resource limits, liveness probes, readiness probes, etc. volumes (Optional): Defines storage volumes that can be shared with containers in the Pod. Example:yamlCopy codevolumes: - name: my-volume hostPath: path: /data type: Directory
What are some default namespaces?
default: The namespace for objects with no other namespace. It's for resources that aren't specific to any other namespace. kube-system: The namespace for objects created by the Kubernetes system, primarily the internal components like control plane components. kube-public: This namespace is automatically created and is readable by all users (including those not authenticated). It's often used for resources that should be publicly accessible throughout the whole cluster. kube-node-lease: This namespace holds lease objects associated with each node which improves the performance of the node heartbeats as the cluster scales.
How do you create a secret in a POD by definition file exposed as environmental variable?
env: - name: MY_PASSWORD valueFrom: secretKeyRef: name: my-secret key: password
What is ectd?
etcd plays a crucial role in Kubernetes as the primary datastore for the cluster's state and configuration data. It's a distributed key-value store that provides a reliable way to store data across a cluster of machines. Here's how etcd works in Kubernetes:
What is kubeconfig file?
he kubeconfig file in Kubernetes is a configuration file that contains information about clusters, users, namespaces, and authentication mechanisms. This file is used by kubectl (the Kubernetes command-line tool) and other Kubernetes clients to connect and interact with Kubernetes clusters.
How do you create and manage deployments?
kubectl create -f <deployment-file.yaml>: Creates a deployment from a YAML file. kubectl get deployments: Lists all deployments. kubectl rollout status deployment/<deployment-name>: Checks the rollout status of a deployment. kubectl set image deployment/<deployment-name> <container-name>=<new-image>: Updates the deployment with a new image. kubectl delete deployment <deployment-name>: Deletes a specified deployment.
How do you create and use ConfiMaps and Secrets?
kubectl create configmap <map-name> --from-file=<path-to-file>: Creates a ConfigMap from a file. kubectl create secret generic <secret-name> --from-literal=<key>=<value>: Creates a secret from a literal value.
How do you create a ConfigMap?
kubectl create configmap my-config --from-literal=key1=value1 --from-literal=key2=value2 from a file: kubectl create configmap my-config --from-file=path/to/configfile
what is the command line to create a secret
kubectl create secret generic my-secret --from-literal=password=my-password
what is the command line to create a secret from a file?
kubectl create secret generic my-ssh-key --from-file=ssh-key=path/to/.ssh/id_rsa
How do you describe pods?
kubectl describe pod <pod-name>: Shows detailed information about a specific pod.
What command is ran to get POD info?
kubectl get pods To see more detailed information, add the -o wide option: kubectl get pods -o wide Describe the Pod: For more detailed information about the Pod, including its configuration and events related to the Pod, kubectl describe pod mypod Check Pod Logs: If your Pod is running a service that outputs logs, you can view these logs with: kubectl logs mypod
How do you list pods
kubectl get pods: Lists all pods in the default namespace. kubectl get pods --all-namespaces: Lists all pods in all namespaces. kubectl get pods -o wide: Lists all pods in the default namespace, with more details.
How do you list and manage services?
kubectl get svc: Lists all services in the default namespace. kubectl expose deployment <deployment-name> --type=<type> --port=<port>: Exposes a deployment as a new Kubernetes service. kubectl delete svc <service-name>: Deletes a specified service.
How do you log and debugg pods?
kubectl logs <pod-name>: Fetches logs from a specific pod. kubectl exec -it <pod-name> -- /bin/bash: Executes an interactive bash shell in the specified pod.
How do you create and delete pods?
kubectl run <pod-name> --image=<image-name>: Creates a pod with specified name and image. kubectl delete pod <pod-name>: Deletes a specified pod.
How do you scale deployments?
kubectl scale deployment <deployment-name> --replicas=<num-replicas>: Scales a deployment to the specified number of replicas.
How do you write file for PVC in a POD?
volumes: - name: my-storage persistentVolumeClaim: claimName: mypvc containers: - name: my-container volumeMounts: - mountPath: "/data" name: my-storage
How do you create a secret in a POD by definition file?
volumes: - name: my-secret-volume secret: secretName: my-secret