My top 50 Kubernetes Notes for DevOps Engineers — Detailed Q&A

Rkssh - Devops as a services
0
Top 50 Kubernetes Notes for DevOps Engineers - Detailed Q and A




1. How do you deploy a Kubernetes cluster?

So, deploying a Kubernetes cluster, huh? Honestly, the easiest way is to use a managed service like GKE (Google Kubernetes Engine), EKS (Amazon’s Elastic Kubernetes Service), or AKS (Azure Kubernetes Service). These take care of a lot of the heavy lifting for you. But, if you’re the DIY type, you can also go the kubeadm route. It’s a bit more hands-on. You’d be setting up the control plane (the brain of the operation) and worker nodes (the muscle) manually. And don’t forget about networking — you’re gonna need something like Calico or Flannel to make sure all the pods can talk to each other.


2. How do you manage configuration in Kubernetes?

Okay, so managing configuration in Kubernetes is kind of like organizing your closet. You’ve got ConfigMaps for the non-sensitive stuff (like your t-shirts) and Secrets for the sensitive stuff (like your fancy watches). ConfigMaps hold things like environment settings, while Secrets are for, well, secret things like passwords. You can mount these as volumes or shove them into environment variables in your pods. It’s super clean and keeps your application logic separate from configuration.

apiVersion: v1
kind: ConfigMap
metadata:
  name: my-config
data:
  app.env: "production"
  app.debug: "false"

 

3. What’s a Kubernetes pod, and how’s it different from a container?

So, here’s the deal: a pod is like a wrapper around one or more containers. It’s the smallest thing you can deploy in Kubernetes, but it can contain multiple containers that have to work together. Think of it like a lunchbox (the pod) that might have a sandwich, an apple, and a cookie (the containers) inside. All those containers share the same IP address, storage, and network namespace, so they can communicate with each other easily. But yeah, a pod is ephemeral, so it can disappear and come back. Kubernetes takes care of that for you.


4. How do you scale applications in Kubernetes?

Scaling apps in Kubernetes is like turning up the volume on your stereo — super easy once you know where the knob is. You can manually scale using the kubectl scale command:

kubectl scale deployment my-app --replicas=5

Boom, now you’ve got five replicas of your app running. But if you’re feeling fancy, you can set up the Horizontal Pod Autoscaler (HPA), which adjusts the number of pods based on CPU, memory, or even custom metrics. It’s like cruise control for your apps.

apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: my-app-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-app
  minReplicas: 2
  maxReplicas: 10
  targetCPUUtilizationPercentage: 50

 

5. How do you manage networking in a Kubernetes cluster?

Alright, networking in Kubernetes can get kinda wild. You’ve got a bunch of containers, and they all need to talk to each other somehow. That’s where CNI (Container Network Interface) plugins like Calico, Flannel, or Weave come into play. They handle all the nitty-gritty networking details. And then, you’ve got Services, which are like a big ol’ “Hey, here’s how you reach my app” sign for other pods and external traffic. You can go with ClusterIP for internal traffic, NodePort for external access, or LoadBalancer if you’re running on a cloud platform and want the load to be balanced across multiple nodes.


6. How do you do rolling updates in Kubernetes?

Rolling updates are like swapping out the tires on a moving car — you don’t want the whole thing to stop while you do it. Kubernetes is great at this. You update your deployment with a new image version, and Kubernetes will gradually replace the old pods with new ones, making sure everything stays up and running. Just update your deployment like this:

kubectl set image deployment/my-app my-app-container=my-app:v2

Kubernetes will slowly start rolling out those new pods. If anything goes south, you can always roll back (which is super handy).


7. How do you troubleshoot pod failures in Kubernetes?

Troubleshooting pod failures can feel like detective work. First, you’ll want to check out what’s going on with your pod using kubectl describe pod <pod-name>. This will give you all the juicy details—events, status, conditions, etc. If you need more dirt, kubectl logs <pod-name> will show you what’s been happening inside the container. If that’s not enough, you can even jump into the container with kubectl exec -it <pod-name> -- /bin/sh and poke around.


8. What’s a Kubernetes Service, and how does it work?

A Kubernetes Service is like a friendly neighborhood traffic cop directing traffic to your pods. It gives you a stable IP address and DNS name, so no matter if your pods come and go, the service will always know how to reach them. There are different types: ClusterIP (stays within the cluster), NodePort (exposes the service on a specific port on each node), and LoadBalancer (routes external traffic to the service). This abstraction layer makes it super easy to scale and manage your services without worrying about individual pod IPs.

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080
  type: LoadBalancer

 

9. How do you secure a Kubernetes cluster?

Securing a Kubernetes cluster is a bit like locking down your house — there are a lot of doors and windows to check. Start with Role-Based Access Control (RBAC) to make sure people and services only have the permissions they need. Then, use Network Policies to control who can talk to who within the cluster. Encrypt traffic between components with TLS, keep your Kubernetes and node software up to date, and definitely enable auditing so you can see what’s going on under the hood.


10. How do you implement persistent storage in Kubernetes?

Persistent storage in Kubernetes is your go-to when your apps need to hang on to data between pod restarts. You’d define a PersistentVolume (PV), which is a piece of storage in your cluster, and then create a PersistentVolumeClaim (PVC) that a pod uses to request that storage. Once you’ve got your PVC, your pod can mount it and store data that’ll stick around even if the pod goes down. If you’re on the cloud, you can use something like AWS EBS or Google Persistent Disks for your PVs.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

 

11. What’s a StatefulSet, and when would you use it?

Alright, so a StatefulSet is kinda like a Deployment, but it’s designed for stateful applications — think databases, or anything that needs to remember stuff between restarts. The cool thing about StatefulSets is they give each pod a stable, unique network identity and persistent storage that sticks around, even if the pod is killed and recreated. This makes them perfect for apps that can’t just spin up and down willy-nilly like your average stateless microservice.

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: my-stateful-app
spec:
  serviceName: "my-service"
  replicas: 3
  selector:
    matchLabels:
      app: my-stateful-app
  template:
    metadata:
      labels:
        app: my-stateful-app
    spec:
      containers:
      - name: my-container
        image: my-image
        volumeMounts:
        - name: data
          mountPath: /data
  volumeClaimTemplates:
  - metadata:
      name: data
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 10Gi

 

12. How do you implement service discovery in Kubernetes?

Service discovery in Kubernetes is pretty much automatic and, honestly, a lifesaver. When you create a Service, Kubernetes automatically sets up DNS records for it. Other pods can simply use the service name to communicate with it. No need to hardcode IP addresses or mess around with environment variables. If you’re running multiple replicas, the service will load balance between them, making sure your app stays healthy and responsive.


13. How do you manage Kubernetes manifests?

Managing Kubernetes manifests is all about organization and keeping things DRY (Don’t Repeat Yourself). You’ll write out your manifests in YAML files — things like Deployments, Services, ConfigMaps, etc. You stick those in version control (Git’s your friend here), so you’ve got a history of changes. For more complex setups, you might use Helm charts or Kustomize to template and customize your configurations, which makes it easier to manage different environments (like dev, staging, prod).


14. What’s a DaemonSet, and when would you use it?

So, a DaemonSet makes sure that a particular pod runs on every (or some specific) node in your Kubernetes cluster. It’s perfect for things like logging agents, monitoring tools, or any background service that needs to run on all nodes. Say you want to deploy a Fluentd pod on every node to collect logs — DaemonSet’s got your back.

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: my-daemonset
spec:
  selector:
    matchLabels:
      name: my-daemonset
  template:
    metadata:
      labels:
        name: my-daemonset
    spec:
      containers:
      - name: fluentd
        image: fluent/fluentd

 

15. How do you implement logging and monitoring in Kubernetes?

Logging and monitoring in Kubernetes is like having a dashboard in your car — you need to know what’s going on under the hood. For logging, you’d probably aggregate logs with something like Fluentd or Logstash, then stash them in Elasticsearch or Google’s Stackdriver. For monitoring, Prometheus is your go-to. It’ll scrape metrics from your apps and nodes, and then you can visualize everything with Grafana. And don’t forget alerts — Prometheus Alertmanager will make sure you know if something’s going sideways.


16. How do you deploy an application across multiple Kubernetes clusters?

Deploying an app across multiple Kubernetes clusters can be a bit tricky, but it’s super handy for high availability and disaster recovery. You’ve got options like Kubernetes Federation, which lets you manage multiple clusters as one, but honestly, it’s not super mature yet. Most people end up managing deployments across clusters with a CI/CD pipeline that applies the manifests to each cluster. You just have to make sure your configurations (like DNS, networking, storage) are consistent across clusters.


17. How do you roll back a deployment in Kubernetes?

Rolling back in Kubernetes is like hitting the undo button. If you push an update and something breaks, you can easily roll back to the previous version. Kubernetes keeps a history of your deployments, so you can use:

kubectl rollout undo deployment/my-app

to go back to the last good version. Super useful when you accidentally deploy something that nukes your app.


18. How do you handle secrets in Kubernetes?

Handling secrets in Kubernetes is all about keeping your sensitive info safe. You store secrets in Kubernetes as — you guessed it — Secrets. These are base64-encoded and can be used as environment variables or mounted as volumes in your pods. For even more security, you can use something like HashiCorp Vault to manage and inject secrets dynamically, so they’re not just sitting around in your cluster.

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  username: bXlVc2VybmFtZQ==
  password: c2VjcmV0UGFzc3dvcmQ=

 

19. What’s an Ingress controller, and how does it work in Kubernetes?

An Ingress controller is like your friendly doorman, managing who gets in and where they go. It handles incoming HTTP/HTTPS traffic and routes it to the correct service based on rules you define in an Ingress resource. This is super useful when you’re running multiple services on the same domain and need to direct traffic to different endpoints. Popular Ingress controllers include NGINX, Traefik, and HAProxy.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

 

20. How do you implement blue-green deployments in Kubernetes?

Blue-green deployments are all about minimizing downtime and risk. You run two versions of your app — blue (current) and green (new). Once the green version is up and running, you switch the traffic over, and boom, your users are now hitting the new version. In Kubernetes, you can do this by having two separate deployments (or using Ingress/Services to manage traffic), then just swap the service or DNS entry to point to the green deployment when you’re ready.


21. How do you manage resource limits in Kubernetes?

Resource limits are your way of keeping the peace in Kubernetes, making sure one greedy app doesn’t hog all the CPU or memory. You set resource requests (what the app needs) and limits (what it can’t go over) in your pod specs. This helps Kubernetes schedule your pods efficiently and ensures no one app crashes your node.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: my-image
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"

 

22. What’s a Kubernetes namespace, and how do you use it?

Think of namespaces as separate rooms in a big house. They’re used to divide your Kubernetes cluster into smaller, more manageable parts. Each namespace can have its own resources, and you can use them to separate different environments (like dev, staging, prod) or teams. You can apply resource quotas, RBAC rules, and network policies at the namespace level to keep everything organized and secure.

kubectl create namespace dev-environment

 

23. How do you implement autoscaling in Kubernetes?

Autoscaling in Kubernetes is like having an automatic thermostat for your app. The Horizontal Pod Autoscaler (HPA) scales the number of pod replicas up or down based on metrics like CPU or memory usage. You can even set it up to use custom metrics if you’re feeling adventurous. And then there’s the Cluster Autoscaler, which adds or removes nodes based on the overall resource demand. With these two working together, your app stays responsive no matter what’s thrown at it.

apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: my-app-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-app
  minReplicas: 2
  maxReplicas: 10
  targetCPUUtilizationPercentage: 50

 

24. How do you manage blue-green deployments with Kubernetes Services?

Managing blue-green deployments with Kubernetes Services is all about smooth transitions. You’d have two deployments — blue and green — and each gets its own set of pods. Your Service will point to the blue pods (current version) by default. When you’re ready to switch to green, you just update the Service to point to the green pods. It’s super seamless for your users because there’s no downtime — they just get magically switched to the new version.

kubectl set image deployment/my-app my-app-container=my-app:v2 –record

 

25. How do you troubleshoot network issues in Kubernetes?

Troubleshooting network issues in Kubernetes is kinda like being a detective — lots of clues, and you’ve gotta piece them together. Start by checking the obvious stuff like security groups, Network Policies, and whether your pods have the right IPs with kubectl get pods -o wide. Then, use kubectl logs to see if there’s any network-related chatter, and maybe even jump into a pod with kubectl exec to test connectivity directly. Tools like ping, traceroute, or curl are your friends here.


26. How do you manage external storage in Kubernetes?

External storage in Kubernetes is all about keeping your data safe and persistent. You set up a Persistent Volume (PV) backed by something like AWS EBS or Google Persistent Disk, and then your pods can request storage by creating a Persistent Volume Claim (PVC). It’s like reserving a parking spot for your app’s data, making sure it sticks around even if the pod restarts.

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  gcePersistentDisk:
    pdName: my-disk
    fsType: ext4

 

27. What’s a Kubernetes Job, and when would you use it?

A Kubernetes Job is like a task list that needs to be completed once, and then it’s done. You’d use it for things like batch processing, data migrations, or any task that needs to run to completion. Unlike Deployments that keep things running forever, a Job just does its thing and then exits. If you need something to run on a schedule, you’d use a CronJob, which is just a Job with a fancy alarm clock.

apiVersion: batch/v1
kind: Job
metadata:
  name: my-job
spec:
  template:
    spec:
      containers:
      - name: my-container
        image: my-image
      restartPolicy: OnFailure

 

28. How do you use Helm in Kubernetes?

Helm is like the package manager for Kubernetes. Instead of manually creating and managing all your Kubernetes resources, you can use Helm charts, which package everything together — Deployments, Services, ConfigMaps, you name it. You can install a Helm chart with a simple helm install command, and it’ll spin up all the resources for you. It’s especially great for managing complex applications with lots of moving parts.

helm install my-release my-chart

 

29. How do you manage application secrets in Kubernetes?

Managing secrets in Kubernetes is all about keeping sensitive information — like API keys and passwords — safe. You’d use Kubernetes Secrets, which are base64-encoded blobs of data. You can inject these into your pods as environment variables or mounted files. For extra security, you might use something like HashiCorp Vault to dynamically manage and inject secrets, so they’re not just sitting around in your cluster.

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  username: bXlVc2VybmFtZQ==
  password: c2VjcmV0UGFzc3dvcmQ=

 

30. How do you implement high availability in Kubernetes?

High availability in Kubernetes is like having backup singers who can jump in if the lead singer goes down. You’d deploy multiple replicas of your application across different nodes and availability zones. The Kubernetes control plane itself should be highly available too — think multiple API servers and etcd clusters. Then you’ve got load balancers and autoscalers making sure traffic gets where it needs to go, and if anything goes wrong, it’s all handled automatically.


31. How do you manage Kubernetes RBAC (Role-Based Access Control)?

RBAC in Kubernetes is your way of controlling who can do what. You create Roles and ClusterRoles, which define permissions (like “can create pods” or “can delete namespaces”). Then, you bind those roles to users, groups, or service accounts with RoleBindings or ClusterRoleBindings. This way, you can make sure only the right people and services have access to specific resources in your cluster.

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

 

32. How do you perform canary deployments in Kubernetes?

Canary deployments are like dipping your toes in the water before jumping in. You gradually roll out a new version of your app to a small subset of users or pods. If everything looks good, you slowly increase the rollout. You’d typically use an Ingress or Service with traffic splitting to direct a small percentage of traffic to the new version. It’s a great way to catch any issues before they hit all your users.


33. What’s Kubernetes Federation, and when would you use it?

Kubernetes Federation is like a superpower that lets you manage multiple clusters as if they were one. You can deploy apps, manage configurations, and handle networking across clusters, even if they’re in different regions or cloud providers. You’d use Federation when you need global consistency — say you’ve got clusters all over the world and want to deploy the same app to all of them with a single command. But fair warning, Federation can be tricky and isn’t as mature as some other Kubernetes features.


34. How do you manage multi-tenant environments in Kubernetes?

Managing multi-tenant environments in Kubernetes is all about isolation and security. You’d use namespaces to separate resources for different tenants, then apply RBAC to control who can access what. Network Policies help you keep traffic from crossing tenant boundaries, and resource quotas ensure no one tenant can hog all the cluster’s resources. If you need extra tools, OpenShift or Rancher offer more advanced multi-tenancy features.


35. How do you secure Kubernetes API access?

Securing Kubernetes API access is like putting a big, heavy lock on the front door. Start with RBAC to control who can do what. Then, secure communication with TLS certificates, enable audit logging to track who’s accessing the API, and use authentication methods like OAuth or client certificates. And don’t forget to restrict access with network policies and firewalls so only trusted sources can hit the API.


36. How do you set up cluster monitoring in Kubernetes?

Cluster monitoring in Kubernetes is like having a dashboard that shows you how your whole cluster is doing. Prometheus is the go-to tool for collecting metrics from your applications and Kubernetes itself. You can pair it with Grafana for some slick visualizations. And don’t forget Alertmanager — set up alerts to get notified if something goes wrong, like if a node goes down or a pod’s using way more CPU than it should.


37. How do you implement disaster recovery in Kubernetes?

Disaster recovery in Kubernetes is all about being ready for the worst. You’d start by regularly backing up etcd, the brains of your cluster that stores all the config and state. Velero is a great tool for backing up and restoring Kubernetes resources and persistent volumes. You’d also want to think about multi-region deployments and failover strategies so your app can keep running even if one region goes down.


38. How do you manage Kubernetes ingress with SSL/TLS termination?

Managing Ingress with SSL/TLS termination in Kubernetes is like setting up a secure front door for your app. You’d configure an Ingress controller, like NGINX, to handle incoming HTTPS traffic. You create a TLS secret in Kubernetes with your SSL certificate and private key, and then link that secret to your Ingress resource. Now, the Ingress controller will terminate the SSL/TLS connection, decrypt the traffic, and pass it on to your services.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  tls:
  - hosts:
    - myapp.example.com
    secretName: my-tls-secret
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

 

39. How do you optimize resource utilization in a Kubernetes cluster?

Optimizing resource utilization in Kubernetes is like making sure everyone’s getting their fair share at a dinner party. Set resource requests and limits in your pod specs so Kubernetes knows how much CPU and memory each pod needs and how much it can use. Use the Cluster Autoscaler to add or remove nodes based on demand, and the Horizontal Pod Autoscaler (HPA) to adjust the number of pods. Keep an eye on metrics with Prometheus and Grafana to spot any inefficiencies.


 40. What’s a Kubernetes operator, and when should you use it?

A Kubernetes Operator is like a super-smart assistant that knows how to manage a specific application. It’s a custom controller that can handle complex, stateful apps like databases or message queues. The Operator knows the ins and outs of your app — how to scale it, back it up, and recover from failures. You’d use an Operator when you’ve got an app that needs more than just “set it and forget it” management — like when there’s a lot of custom logic involved in running it.


41. How do you manage multi-cluster networking in Kubernetes?

Managing multi-cluster networking in Kubernetes is like connecting a bunch of islands with bridges. You can use service meshes like Istio to handle cross-cluster communication, or tools like Submariner to connect clusters across different networks. The key is to make sure your clusters can talk to each other securely and reliably, with consistent network policies and DNS-based service discovery to keep everything running smoothly.


42. How do you implement network policies in Kubernetes?

Network policies in Kubernetes are like setting up security rules for who can talk to who. You’d define NetworkPolicy resources that control the traffic flow between pods, namespaces, and IP ranges. You can say things like, “Only pods with label X can talk to pods with label Y,” or “This pod can only receive traffic from this specific IP range.” It’s all about locking down your network so only the right traffic gets through.

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-specific-traffic
  namespace: default
spec:
  podSelector:
    matchLabels:
      app: my-app
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: trusted-app
  egress:
  - to:
    - ipBlock:
        cidr: 10.0.0.0/24

 

43. How do you manage Kubernetes version upgrades?

Upgrading Kubernetes is like updating your phone’s OS — important, but you gotta be careful. Start by upgrading the control plane components (like the API server) first. If you’re using a managed service like GKE, EKS, or AKS, they’ll handle a lot of the heavy lifting. For self-managed clusters, tools like kubeadm can help. Always test the upgrade in a staging environment before you hit production, and check compatibility for all your critical components like CNI plugins, storage classes, and custom resources.


44. How do you handle pod scheduling in Kubernetes?

Pod scheduling in Kubernetes is like assigning seats at a wedding — there’s a lot to consider to make sure everything goes smoothly. Kubernetes’ scheduler automatically decides where pods go based on resource availability, but you can influence this with things like node selectors, taints, and tolerations. You can also use affinity and anti-affinity rules to keep certain pods together or apart. This lets you optimize performance, manage resources, and ensure high availability.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: my-image
  nodeSelector:
    disktype: ssd

 

45. How do you manage Kubernetes certificates?

Managing certificates in Kubernetes is like making sure everyone has a valid ID card. Kubernetes uses certificates for securing communication between components. You can manage these with the built-in certificate management tools or use something like cert-manager to automate certificate issuance and renewal for your applications. Regularly rotate certificates to keep things secure and make sure everything is up to date with your security policies.


46. What’s Kubernetes ConfigMap, and how do you use it?

A Kubernetes ConfigMap is like a sticky note with all your app’s non-sensitive configuration data. You use ConfigMaps to store things like environment variables, config files, or command-line arguments. They keep your app’s configuration separate from the code, which is great for flexibility. You can mount ConfigMaps as volumes or inject them into environment variables, making it easy to change settings without rebuilding your container images.

apiVersion: v1
kind: ConfigMap
metadata:
  name: my-config
data:
  app.env: "production"
  app.debug: "false"

 

47. How do you implement Kubernetes audit logging?

Audit logging in Kubernetes is like keeping a detailed diary of who did what in your cluster. You’d enable audit logs in the API server configuration and set up audit policies to specify what gets logged. Logs can be stored in a file or sent to a logging backend for analysis. Audit logs are super important for security and compliance, letting you track down suspicious activity or just see what’s going on.


48. How do you manage Kubernetes node failures?

Managing node failures in Kubernetes is like having a safety net — things can go wrong, but you’ve got it covered. Kubernetes can automatically detect when a node fails and will reschedule the affected pods on healthy nodes. Enable node auto-repair, set up high availability for critical components, and use Pod Disruption Budgets (PDBs) to control how many pods can be down at once during maintenance or unexpected outages.


49. How do you use Kubernetes taints and tolerations?

Taints and tolerations in Kubernetes are like saying, “Hey, this seat’s reserved.” You use taints to mark a node with something like “Don’t schedule here unless you have a good reason,” and then use tolerations on pods to say, “Yeah, I’m cool with that, I can handle it.” This is great for isolating certain workloads, like running high-priority jobs on dedicated nodes or keeping noisy neighbors away from sensitive applications.


50. How do you manage Kubernetes namespaces in a multi-tenant environment?

Namespaces in Kubernetes are like separate apartments in the same building — each tenant (or team, or environment) gets their own space. You’d use namespaces to isolate resources for different tenants, and then apply RBAC rules to control access. Network Policies help you keep the traffic separated, and Resource Quotas make sure no one tenant uses more than their share of the resources. It’s all about making sure everyone gets along without stepping on each other’s toes.


👉 Click here to buy me a coffee, and don’t forget to follow me on Medium!

DevSecOps,Database,DevOps

Post a Comment

0Comments
Post a Comment (0)