☸️ Kubernetes Interview Questions and Answers (2025)
Basic Level Questions
What is Kubernetes?▶
Kubernetes is an open-source container orchestration platform designed to automate deployment, scaling, and management of containerized applications.
What are the main components of Kubernetes?▶
Key components include the Master Node (API Server, Controller Manager, Scheduler, etcd), and Worker Nodes with kubelet, kube-proxy, and container runtime.
What is a Pod in Kubernetes?▶
A Pod is the smallest deployable unit in Kubernetes, consisting of one or more containers sharing networking and storage resources.
What is a Node?▶
A Node is a worker machine in Kubernetes cluster that runs pods and is managed by the Master Node.
What is a Cluster in Kubernetes?▶
A Kubernetes Cluster is a set of nodes (master and workers) that run containerized applications managed by Kubernetes.
What is the role of etcd?▶
etcd is a distributed key-value store that stores Kubernetes’ cluster configuration, state, and metadata.
What is a ReplicaSet?▶
ReplicaSet ensures a specified number of pod replicas are running at any time to provide high availability.
What is a Deployment?▶
Deployment manages ReplicaSets and provides declarative updates for Pods and ReplicaSets to enable rolling updates and rollbacks.
What is a Service in Kubernetes?▶
A Service defines a logical set of pods and a policy to access them, providing load balancing and stable network access.
What is kubelet?▶
kubelet is an agent running on each node that communicates with the Master and manages the lifecycle of containers on that node.
Intermediate Level Questions
How does Kubernetes handle networking?▶
Kubernetes uses a flat networking model with overlay or underlay networks. Each Pod gets its own IP, and services use ClusterIP or NodePort for access with kube-proxy managing routing.
What are Namespaces in Kubernetes?▶
Namespaces provide a mechanism to isolate groups of resources within a cluster and are used for multi-tenancy and resource separation.
What is a StatefulSet?▶
StatefulSet manages stateful applications by providing unique network IDs and persistent storage, maintaining the identity of Pods across rescheduling.
What is a DaemonSet?▶
DaemonSet ensures that a copy of a pod runs on all or selected nodes to deploy cluster-wide agents like monitoring or logging.
How is scaling achieved in Kubernetes?▶
Using Horizontal Pod Autoscaler which automatically scales the number of pod replicas based on observed CPU utilization or custom metrics.
What are Persistent Volumes and Persistent Volume Claims?▶
Persistent Volumes are cluster-wide storage resources provisioned by admins; Persistent Volume Claims are requests for storage by users used by pods.
Explain the role of kube-proxy.▶
kube-proxy runs on each node and maintains network rules to allow network communication to Pods from inside or outside the cluster.
What is a ConfigMap?▶
ConfigMap is a Kubernetes API object used to store non-confidential configuration data in key-value pairs to decouple configs from container images.
What is a Secret in Kubernetes?▶
Secret stores sensitive data like passwords, tokens, or keys, which can be mounted as files or environment variables in pods.
How do rolling updates work in Kubernetes?▶
Rolling updates replace pods of an application incrementally without downtime, updating pod templates managed by Deployments.
What are Labels and Selectors?▶
Labels are key/value pairs attached to objects; Selectors query objects based on labels to group and filter resources.
What are Admission Controllers?▶
Admission Controllers are plugins that intercept requests to the API server to validate and mutate resources during creation or update.
How does Kubernetes ensure self-healing?▶
Kubernetes monitors pod and node health and restarts, replaces, or reschedules pods if they fail or nodes become unhealthy.
What is a Network Policy?▶
Network Policies allow fine-grained control over network traffic between pods, namespaces, and external endpoints in the cluster.
What is kube-scheduler?▶
kube-scheduler watches for unscheduled pods and assigns them to nodes based on resource availability and scheduling policies.
How can you secure a Kubernetes cluster?▶
Use RBAC for access control, Network Policies, Secrets management, audit logging, and regularly update Kubernetes components.
How do you troubleshoot a failing Pod?▶
Check pod logs, events, describe the pod, verify container images, and network/connectivity.
What is Helm?▶
Helm is a package manager for Kubernetes that simplifies deployment and management of complex applications using charts.
What is a Job and CronJob in Kubernetes?▶
Job creates one or more pods that run to completion; CronJob creates Jobs on a schedule similar to cron in Linux.
What is the difference between Deployment and DaemonSet?▶
Deployment manages stateless replicas and scales; DaemonSet runs one pod per node for cluster-wide services.
Advanced Level Questions
What is etcd and how does it work?▶
etcd is a distributed, reliable key-value store used to store all Kubernetes cluster data, configuration, and state, providing consistent and fault-tolerant storage.
Explain Kubernetes Control Plane components.▶
The Control Plane consists of the API Server, Scheduler, Controller Manager, and etcd. It manages the overall cluster state and makes scheduling decisions.
What is RBAC and how is it used?▶
Role-Based Access Control (RBAC) restricts access to Kubernetes resources based on user roles and permissions, securing the cluster.
How does Cluster Autoscaler work?▶
Cluster Autoscaler automatically adjusts the size of the Kubernetes cluster based on resource demands, scaling up nodes when needed and scaling down idle nodes.
Explain Custom Resource Definitions (CRDs) and Operators.▶
CRDs allow extension of Kubernetes with custom resource types; Operators are software extensions that use CRDs to manage applications and automate tasks.
What is the difference between Kubernetes Ingress and Service?▶
A Service exposes pods internally or externally; Ingress manages external HTTP/HTTPS access, routing requests to Services with rules and load balancing.
How do you secure Secrets in Kubernetes?▶
By enabling encryption at rest, restricting RBAC permissions, and integrating with external secret management tools.
How does networking work in a multi-cluster Kubernetes environment?▶
Multi-cluster networking involves federation, service mesh, or VPN-based connectivity to enable communication across clusters.
Explain Pod Disruption Budgets.▶
PDBs specify the minimum number of replicas that must be available during voluntary disruptions to maintain application availability.
Describe the mechanism of health checks and probes in Kubernetes.▶
Kubernetes uses liveness, readiness, and startup probes to check container state and decide restarting or routing traffic.
What are Operators and why are they important?▶
Operators automate management of complex applications on Kubernetes, extending Kubernetes APIs to handle lifecycle management.
How do you approach monitoring and logging in Kubernetes?▶
Use tools like Prometheus for metrics, Fluentd/Elasticsearch for logs, and Grafana for dashboards to monitor cluster and app health.
Explain the role of Admission Controllers.▶
Admission Controllers intercept API requests and can enforce policies, mutate objects, and validate resource creation and updates.
What security features does Kubernetes offer?▶
RBAC, Network Policies, Pod Security Policies, Secrets management, Audit Logging, and TLS for secure communication.
How does Horizontal Pod Autoscaling work?▶
HPA adjusts the number of pod replicas automatically based on observed CPU utilization or custom metrics.
Explain the concept of Service Mesh in Kubernetes.▶
Service Mesh provides fine-grained control over service-to-service communication, with features like traffic control, retries, security, and observability.
Describe etcd backup and recovery.▶
Regular backup of etcd data ensures cluster recovery in disasters. Recovery involves restoring etcd snapshots to restore cluster state.
How do you handle storage in Kubernetes clusters?▶
Kubernetes uses Persistent Volumes, Persistent Volume Claims, Storage Classes, and dynamic provisioning to manage storage abstractly.
What are Webhooks and how are they used?▶
Webhooks are HTTP callbacks invoked by the Kubernetes API server to the Admission Controllers or external services to extend cluster behavior.
How do you upgrade a Kubernetes cluster?▶
Upgrading involves sequentially upgrading master and worker nodes using kubeadm or managed services ensuring zero downtime with compatibility checks.