raspberry_pi_cluster:kbs
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| raspberry_pi_cluster:kbs [2025/02/07 11:38] – created 85.219.17.206 | raspberry_pi_cluster:kbs [2025/02/07 11:56] (current) – jmbargallo | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | # Installing K3s | + | |
| - | ## Master node | + | ====== |
| - | We are going to install the K3s version of Kubernetes, that is lightweight enough for out single board computers to handle. Use the following command to download and initialize K3s’ master node. | ||
| - | curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644 --disable servicelb --token some_random_password --node-taint CriticalAddonsOnly=true: | + | Kubernetes has become the de facto standard for container orchestration and management, powering many modern applications and services. As its popularity continues to grow, so does the need for individuals skilled in Kubernetes. In this blog post, we’ll explore the top 75 Kubernetes questions and answers, covering a range of topics from basic concepts to advanced techniques. Whether you’re a beginner or an expert, these questions and answers will help you better understand Kubernetes and hone your skills. |
| - | Some explanations: | + | What is Kubernetes? |
| + | Kubernetes, often abbreviated as K8s, is an open-source platform for automating deployment, scaling, and management of containerized applications. It was originally developed by Google and is now maintained by the Cloud Native Computing Foundation (CNCF). | ||
| - | --write-kubeconfig-mode 644 - This is the mode that we want to use for the kubeconfig file. Its optional, but needed if you want to connect to Rancher | + | What is a container? |
| + | A container is a lightweight, | ||
| + | What are the main components of Kubernetes? | ||
| + | The main components of Kubernetes are the control plane, worker nodes, and the Kubernetes | ||
| + | API. | ||
| + | What is the control plane? | ||
| + | The control plane is the set of components that manage the overall state of the cluster, including the API server, etcd datastore, controller | ||
| + | What are worker nodes? | ||
| + | Worker nodes are the machines that run containers. Each worker node runs the container runtime (such as Docker) and the kubelet agent, which communicates with the control plane. | ||
| + | What is a Pod? | ||
| + | A Pod is the smallest and simplest unit in Kubernetes. It represents a single instance of a running process in a cluster and can contain one or more containers. | ||
| + | What is a ReplicaSet? | ||
| - | --disable servicelb - This is the flag that we want to use to disable the service load balancer. | + | A ReplicaSet is a higher-level abstraction over Pods that ensures a specified number of Pod replicas are running at any given time. |
| + | What is a Deployment? | ||
| - | --token - This is the token that we want to use to connect to the K3s master node. Choose | + | A Deployment |
| + | What is a Service? | ||
| - | --node-taint - This is the flag that we want to use to add a taint to the K3s master node. I'll explain taints later on, but it will mark the node to not run any containers except | + | A Service |
| + | What are ConfigMaps and Secrets? | ||
| - | --bind-address - This is the flag that we want to use to bind the K3s master node to a specific IP address. | + | ConfigMaps and Secrets are Kubernetes objects used to store non-sensitive and sensitive configuration data, respectively. They decouple configuration data from container images, making it easier to update and manage. |
| - | + | What is Ingress? | |
| - | --disable-cloud-controller | + | Ingress is an API object |
| - | + | What are StatefulSets? | |
| - | --disable local-storage - This is the flag that we want to use to disable the K3s local storage (for the moment). | + | StatefulSets are Kubernetes objects used to manage stateful applications, |
| - | + | What are DaemonSets? | |
| - | We can look at Kubernetes | + | DaemonSets are Kubernetes objects that ensure a copy of a specific Pod is running on all (or some) nodes in a cluster, usually for system-level services like log collectors or monitoring agents. |
| - | + | What is the Kubernetes API? | |
| - | | + | The Kubernetes API is the primary interface for communicating with and managing a Kubernetes cluster. It exposes a RESTful interface for creating, updating, and deleting Kubernetes objects. |
| - | | + | What is kubectl? |
| - | | + | Kubectl |
| - | + | What are labels and selectors? | |
| - | ## Workers | + | Labels are key-value pairs attached to Kubernetes objects, used for organizing and selecting subsets of objects. Selectors are queries |
| - | + | What are namespaces? | |
| - | To install the worker nodes, | + | Namespaces are a way to divide cluster resources between multiple users or teams. They provide a scope for names, allowing you to have multiple objects with the same name in different namespaces. |
| - | + | What is a horizontal pod autoscaler (HPA)? | |
| - | + | A horizontal pod autoscaler (HPA) is a Kubernetes component that automatically scales the number of Pods in a Deployment or ReplicaSet based on observed CPU or custom metric utilization. | |
| - | | + | What is a vertical pod autoscaler (VPA)? |
| - | | + | A vertical pod autoscaler (VPA) is a Kubernetes |
| - | + | What is Helm? | |
| - | | + | Helm is a package manager for Kubernetes, allowing you to define, install, and manage Kubernetes applications using Helm charts, which are versioned, pre-configured application packages. |
| - | | + | |
| - | + | A Custom Resource Definition (CRD) allows you to define and manage custom resources in Kubernetes, extending its functionality with new API objects tailored to your specific use case. | |
| - | We need to join some workers | + | |
| - | + | A Kubernetes Operator is a method for extending Kubernetes functionality using custom resources and custom controllers. Operators define custom resources and include the logic to manage their lifecycle, often encoding domain-specific knowledge about applications. | |
| - | | + | |
| - | + | RBAC is a security feature in Kubernetes that allows you to define and enforce access policies for resources based on user roles. It uses Role and ClusterRole objects to define permissions and RoleBinding and ClusterRoleBinding objects to grant those permissions to users or groups. | |
| - | The IP and the token were the ones in the master node, it´s necessary | + | What is a persistent volume (PV) and a persistent volume claim (PVC)? |
| - | + | A persistent volume (PV) is a Kubernetes abstraction for storage resources in a cluster, while a persistent volume claim (PVC) is a request for storage resources by a user. PVs and PVCs allow you to manage storage resources independently of Pods and their lifecycle. | |
| - | Now give it few moments to join the cluster. | + | What is a Kubernetes network policy? |
| - | + | A Kubernetes network policy is a security feature that allows you to define and enforce rules for Pod communication within a cluster. It enables you to control ingress and egress traffic for individual Pods or groups of Pods based on labels and selectors. | |
| - | | + | What is a Kubernetes Cluster? |
| - | + | A Kubernetes cluster is a set of machines, or nodes, that work together to manage and run containerized applications. It consists of control plane components and worker nodes, | |
| - | To quit watch use Ctrl+c | + | What is a node affinity and anti-affinity? |
| - | + | Node affinity and anti-affinity are rules that influence how Pods are scheduled onto nodes in a cluster. Affinity rules encourage Pods to be scheduled on nodes with specific characteristics, | |
| - | In the end, it should look something like this: | + | What is a taint and a toleration? |
| - | + | Taints are attributes applied to nodes that express that the node should not accept certain Pods, while tolerations are attributes applied to Pods that allow them to be scheduled on tainted nodes. This mechanism ensures that Pods are not scheduled on inappropriate nodes. | |
| - | | + | What is a readiness probe? |
| - | | + | A readiness probe is a diagnostic check that determines if a container is ready to serve traffic. If a container fails the readiness probe, the Pod will not receive traffic from a Service until it passes the check. |
| - | | + | What is a liveness probe? |
| - | | + | A liveness probe is a diagnostic check that determines if a container is running properly. If a container fails the liveness probe, Kubernetes will restart the container, attempting to resolve the issue. |
| - | | + | |
| - | | + | A CronJob is a Kubernetes object that allows you to run a specific job on a scheduled basis, based on a cron expression. It is useful for tasks like backups, report generation, or other periodic tasks. |
| - | + | | |
| - | # Setting role/labels | + | A Job is a Kubernetes object that represents a finite task that runs one or more Pods to completion. Jobs are useful for running batch processes or other tasks that need to run to completion, rather than continuously running services. |
| - | + | | |
| - | We can tag our cluster nodes to give them labels. | + | A rolling update is a deployment strategy that incrementally updates the Pods of a Deployment or StatefulSet with minimal impact on application availability. It replaces old Pods with new ones gradually, ensuring that a specified number of replicas are always available during the update process. |
| - | + | | |
| - | Let's add this tag key:value: kubernetes.io/ | + | A canary deployment is a deployment strategy that involves deploying a new version of an application alongside the stable version, directing a small percentage of traffic |
| - | + | What is a blue-green deployment? | |
| - | | + | A blue-green deployment is a deployment strategy that involves running two separate environments, |
| - | | + | |
| - | | + | A headless service is a Service without a ClusterIP, used for stateful applications managed by a StatefulSet. It allows each Pod to have its own DNS hostname, enabling direct Pod-to-Pod communication without relying on a single ClusterIP. |
| - | | + | What is Kubernetes Federation? |
| - | | + | Kubernetes Federation is a feature that allows you to synchronize and manage resources across multiple Kubernetes clusters. It enables you to create a single, unified control plane for managing applications deployed in multiple clusters. |
| - | | + | What is a Kubernetes StorageClass? |
| - | | + | A StorageClass is a Kubernetes object that defines the types of storage available in a cluster. It allows administrators to define different classes of storage with varying performance and cost characteristics, |
| - | | + | What is a Kubernetes Volume? |
| + | A Kubernetes volume is a directory accessible to containers within a Pod. Volumes enable data to be shared between containers or to persist data beyond the lifetime of a container. | ||
| + | What is container resource management in Kubernetes? | ||
| + | Container resource management in Kubernetes refers to the process of managing the allocation of CPU, memory, | ||
| + | What are init containers? | ||
| + | Init containers are special-purpose containers that run before | ||
| + | What is a Kubernetes Service Account? | ||
| + | A Service Account is a Kubernetes object that represents an identity for processes running within a Pod. Service Accounts can be used to provide authentication and authorization | ||
| + | What is a Kubernetes Ingress Controller? | ||
| + | A Kubernetes Ingress Controller is a component that manages | ||
| + | What is a Pod Disruption Budget (PDB)? | ||
| + | A Pod Disruption Budget (PDB) is a Kubernetes object that limits the number of Pods that can be voluntarily evicted from a ReplicaSet, Deployment, or StatefulSet, | ||
| + | What is kube-proxy? | ||
| + | Kube-proxy is a network proxy that runs on each node in a Kubernetes cluster, responsible for maintaining network rules and facilitating service discovery and load balancing for Services. | ||
| + | What is kubelet? | ||
| + | Kubelet is an agent that runs on each worker node in a Kubernetes cluster, responsible for ensuring that the containers within Pods are running and healthy, and communicating with the control plane. | ||
| + | What is etcd? | ||
| + | Etcd is a distributed, | ||
| + | What are Kubernetes Annotations? | ||
| + | Kubernetes Annotations are key-value pairs attached to objects that can be used to store arbitrary, non-identifying metadata. Unlike labels, annotations are not used for selecting objects but can be useful for storing additional information about an object, such as a description or a timestamp. | ||
| + | | ||
| + | A Kubernetes self-healing system refers to the built-in mechanisms that automatically detect and resolve issues within the cluster, such as restarting failed containers, rescheduling Pods on failed | ||
| + | What is a Kubernetes Persistent Storage? | ||
| + | Kubernetes persistent storage refers to the various storage solutions available for storing data that needs to persist beyond the lifetime of a container or Pod. This includes Persistent Volumes, Persistent Volume Claims, and Storage Classes, which allow you to manage and provision storage resources in a consistent and efficient manner. | ||
| + | What is a Kubernetes Admission Controller? | ||
| + | A Kubernetes Admission Controller is a component that intercepts requests to the Kubernetes API server before the object persistence phase, enabling you to validate or modify the object based on custom policies or business logic. | ||
| + | | ||
| + | Kubernetes Autoscaling refers to the process of automatically adjusting the number of Pods, nodes, or resources based on application demands or cluster utilization. This includes Horizontal Pod Autoscaler (HPA), Vertical Pod Autoscaler (VPA), and Cluster Autoscaler (CA). | ||
| + | | ||
| + | A Kubernetes API Group is a collection of related API resources that are versioned together. API groups help organize and evolve the Kubernetes API by allowing new resources or versions to be added without affecting existing resources. | ||
| + | | ||
| + | A Kubernetes API Resource is an object that represents a part of the Kubernetes system, such as a Pod, Service, or Deployment. These resources can be created, updated, and deleted through the Kubernetes API. | ||
| + | | ||
| + | A Kubernetes API Version is a specific version of the API for a group of related resources. It indicates the stability and support level of the API, with alpha, beta, and stable versions representing different levels of maturity. | ||
| + | | ||
| + | The Kubernetes Control Loop is the fundamental mechanism that continuously ensures the desired state of the system is maintained. Controllers watch the current state and make changes as needed to achieve the desired state, such as creating, updating, or deleting resources. | ||
| + | | ||
| + | Kube-scheduler is a control | ||
| + | What is the Kubernetes API Server? | ||
| + | The Kubernetes API Server is the central component of the Kubernetes control plane that exposes the Kubernetes API. It processes RESTful API requests, validates them, and updates the corresponding objects in etcd. | ||
| + | What is the Kubernetes Controller Manager? | ||
| + | The Kubernetes Controller Manager is a control plane component that manages the core control loops, including the replication controller, endpoint controller, and namespace controller. | ||
| + | What is the Container Network Interface (CNI)? | ||
| + | The Container Network Interface (CNI) is a specification and set of libraries for configuring network interfaces in Linux containers. Kubernetes uses CNI-compatible plugins | ||
| + | What is a Kubernetes Sidecar pattern? | ||
| + | The Kubernetes Sidecar pattern involves deploying an additional container alongside the main container within a Pod. The sidecar container typically extends or enhances the functionality of the main container, such as log forwarding, monitoring, or data processing. | ||
| + | What is a Kubernetes Ambassador pattern? | ||
| + | The Kubernetes Ambassador pattern involves deploying a container that acts as a proxy or adapter for the main container within a Pod. This pattern simplifies communication with external systems or provides a unified interface for accessing different services. | ||
| + | What is a Kubernetes Adapter pattern? | ||
| + | The Kubernetes Adapter pattern involves deploying a container that translates or modifies the interface of the main container within a Pod. This pattern enables the main container | ||
| + | What is the Downward API? | ||
| + | The Downward API is a mechanism that allows Pods to expose information about themselves, such as their Pod name, namespace, and labels, as environment variables or files. | ||
| + | | ||
| + | A NodeSelector is a field in a Pod specification that allows you to specify the desired characteristics of the node where the Pod should be scheduled, based on the node’s labels. | ||
| + | | ||
| + | The Kubernetes Container Runtime Interface (CRI) is a plugin interface that allows Kubernetes to use different container runtimes, such as Docker, containerd, or CRI-O, without modifying the kubelet code. | ||
| + | | ||
| + | A Kubernetes DaemonSet is a higher-level abstraction that ensures a specific Pod runs on all or a subset of nodes in the cluster. DaemonSets are commonly used for deploying system-level services, such as log collectors, monitoring agents, or network proxies. | ||
| + | | ||
| + | A Kubernetes ConfigMap is an object that allows you to store non-sensitive configuration data in key-value pairs, which can be consumed by Pods as environment variables, command-line arguments, or mounted as files in a volume. | ||
| + | What is a Kubernetes Secret? | ||
| + | A Kubernetes Secret is an object that allows you to store sensitive data, such as credentials, | ||
| + | | ||
| + | The Kubernetes Object Management model is a declarative approach | ||
| + | | ||
| + | Kubernetes Garbage Collection is a mechanism that automatically removes unused or orphaned resources, such as terminated Pods, unused ConfigMaps, or completed Jobs, to free up system resources and maintain a clean cluster. | ||
| + | What is the Kubernetes Audit Log? | ||
| + | The Kubernetes Audit Log is a record of events that occur in the Kubernetes API server, providing detailed information about requests, responses, and metadata. It can be used for security monitoring, troubleshooting, | ||
| + | | ||
| + | The Kubernetes Cloud Controller Manager is a control plane component that embeds cloud-specific control logic, such as managing | ||
| + | What is a Kubernetes ReplicaSet? | ||
| + | A Kubernetes ReplicaSet is a higher-level abstraction that ensures a specified number of replicas of a Pod are running at any given time. It replaces the older replication controller and is used by Deployments to manage Pod scaling and updates. | ||
| + | | ||
| + | A Kubernetes PodSecurityPolicy is a cluster-level resource that defines the security constraints for creating and updating Pods. It allows you to enforce best practices, such as disallowing privileged containers, restricting host access, or limiting the use of specific volume types. | ||
raspberry_pi_cluster/kbs.1738928327.txt.gz · Last modified: 2025/02/07 11:38 by 85.219.17.206