Master Kubernetes Interviews: Basic to Advanced Questions
Prepare for your Kubernetes interview with these 30 essential questions and answers. Covering conceptual, practical, and scenario-based topics, this guide progresses from basic to advanced difficulty, helping freshers, candidates with 1-3 years, and those with 3-6 years of experience succeed.
Basic Kubernetes Interview Questions
- What is Kubernetes?
Kubernetes is an open-source platform for automating deployment, scaling, and management of containerized applications across clusters of hosts.
- Why is Kubernetes popular?
Kubernetes is popular due to its features like auto-scaling, self-healing, load balancing, and automated rollouts and rollbacks, enabling reliable application management at scale.
- What are the main components of Kubernetes architecture?
The architecture includes a control plane with API Server, etcd, Scheduler, and Controller Manager, and worker nodes with Kubelet, Container Runtime, and Kube Proxy.
- What is a Pod in Kubernetes?
A Pod is the smallest deployable unit in Kubernetes, consisting of one or more containers that share storage and network resources.
- What is the difference between a Pod and a container?
A container runs a single application instance, while a Pod can contain multiple containers that are scheduled together and communicate via localhost.
- What is a Node in Kubernetes?
A Node is a worker machine in the cluster, either virtual or physical, managed by the control plane, hosting Pods.
- What is etcd in Kubernetes?
etcd is a distributed key-value store that serves as the single source of truth for all cluster data, ensuring consistency.
- What is a Namespace?
A Namespace is a virtual cluster within a physical cluster, used to divide resources for isolation and organization.
- What is a Deployment?
A Deployment manages a set of identical Pods using ReplicaSets, handling updates, scaling, and rollbacks declaratively.
- What are Kubernetes Services?
Services provide a stable IP address and DNS name for accessing a set of Pods, enabling load balancing and service discovery.
Intermediate Kubernetes Interview Questions
- What are the types of Services in Kubernetes?
Types include ClusterIP for internal access, NodePort for external access via node IP, LoadBalancer for cloud provider load balancers, and ExternalName for external service mapping.
- What are Liveness and Readiness Probes?
Liveness probes check if a Pod is running; failure restarts it. Readiness probes check if a Pod is ready for traffic; failure removes it from Service endpoints.
- What is a ConfigMap?
A ConfigMap stores non-confidential configuration data in key-value pairs, injectable into Pods as environment variables or files.
- What is a Secret in Kubernetes?
A Secret stores sensitive data like passwords or tokens in base64-encoded format, mountable as volumes or environment variables.
- What are Resource Requests and Limits?
Requests specify minimum resources a Pod needs for scheduling. Limits cap maximum resources to prevent overconsumption.
- How does the Kubernetes Scheduler work?
The Scheduler filters nodes via predicates (e.g., resources, taints), scores eligible nodes by priorities, and binds the highest-scoring node to the Pod.
- What is Horizontal Pod Autoscaler (HPA)?
HPA automatically scales the number of Pods in a Deployment based on metrics like CPU utilization.
- What are Kubernetes Network Policies?
Network Policies define rules to allow or deny traffic between Pods, enhancing security by restricting pod-to-pod communication.
- What is Role-Based Access Control (RBAC) in Kubernetes?
RBAC manages permissions by defining Roles or ClusterRoles bound to users or service accounts via RoleBindings.
- How do you expose an application externally in Kubernetes?
Use a Service of type LoadBalancer or NodePort, or an Ingress controller for HTTP/HTTPS traffic routing.
Advanced Kubernetes Interview Questions
- What are Taints and Tolerations?
Taints repel Pods from nodes unless Pods have matching Tolerations, used for node scheduling like dedicating nodes for specific workloads at Paytm.
- How do you troubleshoot a Pod stuck in Pending state?
Check events with
kubectl describe pod <pod-name>for issues like insufficient resources, taints, or image pull errors. - What is CrashLoopBackOff, and how do you debug it?
CrashLoopBackOff occurs when a container repeatedly crashes. Debug with
kubectl logs <pod-name>andkubectl describe podto check probe failures or errors. - How do you handle DNS issues in a Kubernetes cluster?
Verify CoreDNS Pods status, check Pod logs, ensure Services have cluster IPs, and test resolution with
nslookupinside a Pod. - A Pod is running but not reachable via Service; what do you check?
Verify Service selectors match Pod labels, check endpoint with
kubectl get endpoints <service>, and inspect network policies. - How do you backup and restore a Kubernetes cluster?
Backup etcd snapshots and Persistent Volumes using tools like Velero, then restore by stopping API server, loading snapshots, and restarting components.
- What are Pod Security Standards (PSS)?
PSS enforce security best practices like running as non-root, preventing privilege escalation, and restricting capabilities.
- How do you ensure high availability in Kubernetes?
Use multi-node control planes, Pod Anti-Affinity, liveness probes, and Horizontal Pod Autoscaler for workloads at companies like Salesforce.
- What is an Admission Controller?
An Admission Controller intercepts requests to the API server for validation or mutation, like enforcing resource limits before Pod creation.
- A Deployment is not scaling; how do you troubleshoot?
Check HPA status with
kubectl describe hpa, verify metrics server, resource metrics, and Pod resource requests/limits.
Practice these Kubernetes questions hands-on with kubectl commands to build confidence for your next interview.
