Question 1

What are the core components of Kubernetes, and how do the control plane and worker nodes interact?

Accepted Answer

Complete guide to Kubernetes architecture: API server, etcd, scheduler, controllers, kubelet, and container runtime components. Read the full deep-dive here.

Question 2

K8s architecture

Accepted Answer

Learn Kubernetes cluster topologies for production: HA control plane, worker node placement, and network architecture patterns. Read the full deep-dive here.

Question 3

What is etcd, what data does it store, and why is it so critical to cluster reliability and consistency?

Accepted Answer

Complete guide to etcd in Kubernetes: distributed consensus, backup strategies, disaster recovery, and troubleshooting common failures. Read the full deep-dive here.

Question 4

What is a Controller

Accepted Answer

A Kubernetes controller watches cluster state and continuously reconciles actual state toward desired state using a control loop — here Read the full deep-dive here.

Question 5

Kube Controller Manager

Accepted Answer

Deep dive into kube-controller-manager: deployment, replicaset, node, service, and cloud controller responsibilities. Read the full deep-dive here.

Question 6

How do controllers use reconciliation loops to enforce desired state?

Accepted Answer

Learn Kubernetes reconciliation mechanics: watch loops, informers, listers, and how controllers continuously sync actual to desired state. Read the full deep-dive here.

Question 7

How does the kube-scheduler work internally, and what factors influence Pod placement decisions?

Accepted Answer

Master kube-scheduler: filtering, scoring, node affinity, taints, tolerations, and advanced pod placement strategies. Read the full deep-dive here.

Question 8

How does Kubernetes handle desired state management, and what role do controllers play in maintaining it?

Accepted Answer

Comprehensive reference for Kubernetes desired state configuration: manifests, specs, and declarative infrastructure patterns. Read the full deep-dive here.

Question 9

Mapping HTTP Methods to API Verbs

Accepted Answer

Learn how kubectl commands map to Kubernetes API HTTP verbs: GET, POST, PUT, PATCH, DELETE with practical examples. Read the full deep-dive here.

Question 10

Types of API Requests in Kubernetes

Accepted Answer

Understand Kubernetes API request types: declarative vs imperative, JSON patch, strategic merge patch, and server-side apply. Read the full deep-dive here.

Question 11

How do Custom Resource Definitions differ from built-in controllers

Accepted Answer

Compare Custom Resource Definitions and Controllers in Kubernetes: use cases, implementation patterns, and operator frameworks. Read the full deep-dive here.

Question 12

What is the End-to-End Pod Creation Lifecycle

Accepted Answer

Step-by-step guide to pod creation: admission controllers, scheduler, kubelet, container runtime, and image pull process. Read the full deep-dive here.

Question 13

What is the Lifecycle of kubectl apply command?

Accepted Answer

Deep dive into kubectl apply: three-way merge, last-applied-configuration annotation, and declarative configuration management. Read the full deep-dive here.

Question 14

What is the exact journey of a request through the API Server pipeline?

Accepted Answer

An end-to-end deep dive into the Kubernetes API Server pipeline: Authentication, Authorization, Mutating & Validating Admission Control, and etcd persistence. Read the full deep-dive here.

Question 15

How does kube-scheduler score nodes, and how do NodeAffinity, PodAffinity, and PodAntiAffinity differ in the Filter and Score phases?

Accepted Answer

A mathematical deep dive into kube-scheduler scoring, NodeAffinity vs PodAffinity, and how Taints and Tolerations trigger evictions at the API level. Read the full deep-dive here.

Question 16

How do Taints and Tolerations work at the API level, and what triggers a NoExecute eviction?

Accepted Answer

A detailed breakdown of how taints and tolerations work at the API level, the differences between NoSchedule, PreferNoSchedule, and NoExecute, and what triggers evictions. Read the full deep-dive here.

Question 17

Cgroups & Namespaces

Accepted Answer

Understand Linux kernel foundations of Kubernetes: namespaces for isolation, cgroups for resource limits, and container runtimes. Read the full deep-dive here.

Question 18

Deep Dive: Cgroups Architecture & v2 Evolution

Accepted Answer

Master cgroups in Kubernetes: CPU, memory, I/O limits, cgroup v1 vs v2, and troubleshooting resource constraints. Read the full deep-dive here.

Question 19

Origins of Kubernetes

Accepted Answer

Learn Kubernetes origins: Google Read the full deep-dive here.

Question 20

Why Kubernetes?

Accepted Answer

Understand when to use Kubernetes: scalability benefits, self-healing, declarative config, and production deployment patterns. Read the full deep-dive here.

Question 21

The Anatomy of Kubernetes YAML

Accepted Answer

Master Kubernetes YAML: apiVersion, kind, metadata, spec structure, and best practices for manifest organization. Read the full deep-dive here.

Question 22

What are the interconnected ideas surrounding the core k8s concept?

Accepted Answer

Explore the implications, assumptions, and dependencies that make the Kubernetes Object Model work. Read the full deep-dive here.

Question 23

How do Linux and virtualization concepts map to Kubernetes?

Accepted Answer

Map your existing Linux and virtualization knowledge directly to Kubernetes primitives. Read the full deep-dive here.

Question 24

Init (The Mental Model)

Accepted Answer

Kubernetes introduction: container orchestration concepts, architecture overview, and getting started guide. Read the full deep-dive here.

Question 25

What is a CNI plugin in Kubernetes and how does it actually work?

Accepted Answer

A deep dive into the Container Network Interface (CNI) delegation model, overlay vs. underlay routing, IPAM subnets, and the physical veth wiring of a Pod. Read the full deep-dive here.

Question 26

Trace the sequence of events when a Pod is scheduled and the veth pair is physically created and attached.

Accepted Answer

Trace the exact sequence of events when a Pod is scheduled: how the container runtime invokes the CNI plugin, loopback creation, and the physical veth pair wiring. Read the full deep-dive here.

Question 27

Explain how IP Address Management (IPAM) assigns CIDRs to Nodes and delegates individual Pod IPs.

Accepted Answer

How Kubernetes delegates IP Address Management (IPAM) to individual nodes via the Node IPAM Controller, ensuring an independent `host-local` O(1) allocation with zero overlap. Read the full deep-dive here.

Question 28

Detail the crucial CNI file locations on the worker nodes.

Accepted Answer

A reference guide detailing crucial CNI file locations and useful operational commands to inspect, trace, and troubleshoot Kubernetes networking. Read the full deep-dive here.

Question 29

What are the Linux networking primitives that underpin Kubernetes?

Accepted Answer

Understand the underlying Linux kernel mechanisms that power Kubernetes networking: veth pairs, bridges, iptables, routing, and DNS resolution. Read the full deep-dive here.

Question 30

Explain the packet traversal difference between kube-proxy iptables mode versus IPVS mode, and when mathmatically iptables begins to degrade.

Accepted Answer

A deep dive into kube-proxy packet traversal, comparing the linear O(N) degradation of iptables against the optimized O(1) hash table lookups of IPVS and ipset. Read the full deep-dive here.

Question 31

Does Kubernetes use ipset? If yes, how is it different from iptables and IPVS, and when is it utilized?

Accepted Answer

Understanding the architectural role of ipset, how it achieves O(1) hash table lookups compared to iptables, and its utilization by advanced CNIs and kube-proxy. Read the full deep-dive here.

Question 32

How does Kubernetes networking work at a high level (Pod-to-Pod, Pod-to-Service, external traffic)?

Accepted Answer

Master Kubernetes networking: CNI plugins, pod-to-pod communication, services, DNS, and network policy implementation. Read the full deep-dive here.

Question 33

How does DNS work inside a Kubernetes cluster, and how do applications discover each other?

Accepted Answer

Learn Kubernetes DNS: CoreDNS setup, service discovery patterns, headless services, and DNS troubleshooting. Read the full deep-dive here.

Question 34

What problem do Services solve, and how do ClusterIP, NodePort, and LoadBalancer differ in real-world usage?

Accepted Answer

Understand Kubernetes service types: ClusterIP for internal traffic, NodePort, LoadBalancer, and ExternalName configurations. Read the full deep-dive here.

Question 35

What is a Service

Accepted Answer

Advanced Kubernetes services: endpoint objects, kube-proxy modes (iptables, ipvs), session affinity, and load balancing. Read the full deep-dive here.

Question 36

What is an Ingress, how does it differ from a Service, and how is external traffic routed into the cluster?

Accepted Answer

Master Kubernetes Ingress: NGINX, Traefik controllers, path-based routing, TLS certificates, and SSL termination. Read the full deep-dive here.

Question 37

Difference between Ingress and Gateway API

Accepted Answer

Compare Kubernetes Ingress and Gateway API: features, use cases, migration strategies, and future of API gateways. Read the full deep-dive here.

Question 38

Why Gateway API instead of Ingress?

Accepted Answer

Why did the Kubernetes maintainers create the Gateway API when Ingress already exists? Breaking down the architectural split between GatewayClass, Gateway, and HTTPRoute. Read the full deep-dive here.

Question 39

What is GatewayApi

Accepted Answer

Learn Kubernetes Gateway API: GatewayClass, Gateway, HTTPRoute resources, and role-based configuration model. Read the full deep-dive here.

Question 40

What are the Advantages of using GRPCRoute for services

Accepted Answer

Implement gRPC routing with Kubernetes Gateway API: protocol support, service mesh integration, and advanced routing. Read the full deep-dive here.

Question 41

Network Policy

Accepted Answer

How CNIs enforce NetworkPolicy and a link to the detailed Security rules. Read the full deep-dive here.

Question 42

How does Cilium use eBPF to completely bypass kube-proxy and route a packet without touching iptables?

Accepted Answer

How Cilium uses eBPF to completely bypass kube-proxy, leveraging O(1) hash tables and socket-level load balancing to eliminate iptables latency. Read the full deep-dive here.

Question 43

Bootstraping - Deploying K8S cluster

Accepted Answer

Bootstrap production Kubernetes clusters: kubeadm init, worker node joins, HA control plane, and cluster configuration. Read the full deep-dive here.

Question 44

How does the kubelet start, and how do you troubleshoot node initialization failures?

Accepted Answer

Understand the Kubernetes node boot sequence: systemd dependencies, kubelet startup, swap constraints, and cgroup driver troubleshooting. Read the full deep-dive here.

Question 45

What are important Log and Binary files location in k8s?

Accepted Answer

Find Kubernetes component logs, binary locations, systemd services, and debugging production cluster issues. Read the full deep-dive here.

Question 46

What are some useful Commands?

Accepted Answer

Complete kubectl command reference: pod management, debugging, resource inspection, and CKA exam-focused shortcuts. Read the full deep-dive here.

Question 47

How should Kubernetes clusters be upgraded and operated in production to minimize downtime and risk?

Accepted Answer

Safely upgrade Kubernetes clusters: version compatibility, kubeadm upgrade process, node maintenance, and rollback procedures. Read the full deep-dive here.

Question 48

How do you observe and troubleshoot Kubernetes clusters (logs, metrics, events, probes, debugging patterns)?

Accepted Answer

Implement Kubernetes observability: Prometheus metrics, EFK logging stack, distributed tracing, and monitoring best practices. Read the full deep-dive here.

Question 49

Q : What is the process for running Kubelet in standalone mode?

Accepted Answer

Run kubelet in standalone mode: static pod manifests, local container management without API server, and edge deployments. Read the full deep-dive here.

Question 50

What happens when a Pod or Node fails, and how does Kubernetes detect and recover from failures?

Accepted Answer

Kubernetes disaster recovery strategies: etcd backup/restore, cluster state recovery, and production incident response. Read the full deep-dive here.

Question 51

Common commands for finding pods with high resource use

Accepted Answer

Debug Kubernetes resource problems: OOMKilled errors, CPU throttling, resource limits, requests, and performance tuning. Read the full deep-dive here.

Question 52

Kubernetes Cluster Discovery & Storage Investigation

Accepted Answer

A practical field guide for when you land on an unfamiliar Kubernetes cluster: map workloads, audit security, and recover storage. Read the full deep-dive here.

Question 53

Understanding Kubernetes Contexts

Accepted Answer

A deep dive into kubeconfig contexts: what they are, why you need them, and how to seamlessly switch between multiple Kubernetes clusters and namespaces. Read the full deep-dive here.

Question 54

What is a Kubernetes Context?

Accepted Answer

A deep dive into Kubernetes Contexts: binding clusters, users, and namespaces together for safer, more efficient operational workflows. Read the full deep-dive here.

Question 55

How do I create a new context?

Accepted Answer

How to define clusters, set user credentials, and bind them together into a new kubeconfig context. Read the full deep-dive here.

Question 56

How do I add a default namespace to a context?

Accepted Answer

How to add a default namespace to an existing kubeconfig context to streamline workflows. Read the full deep-dive here.

Question 57

What happens to the cluster if the etcd storage quota is exceeded, and how do we manage it?

Accepted Answer

Understand etcd storage quotas, the catastrophic risks of unmanaged database fragmentation, and how to automate defragmentation via CronJobs. Read the full deep-dive here.

Question 58

How should I handle etcd restores when API servers are active?

Accepted Answer

Why restoring etcd with active API servers causes data corruption, and the exact 5-step operational workflow for restoring from snapshots via etcdutl. Read the full deep-dive here.

Question 59

How do I monitor etcd latency in a production cluster?

Accepted Answer

Understand the Raft consensus algorithm, how etcd uses mTLS, and how to spot disk I/O bottlenecks using Prometheus latency metrics. Read the full deep-dive here.

Question 60

Why is the Kubelet managed by Systemd, and how do they interact?

Accepted Answer

Understand why systemd manages the Kubelet, how to configure cgroup drivers, and how to debug the node agent using journalctl. Read the full deep-dive here.

Question 61

What is the difference between stacked and external etcd topologies?

Accepted Answer

Understanding the architectural differences, benefits, and tradeoffs of deploying etcd in a Stacked vs. External Highly Available (HA) configuration. Read the full deep-dive here.

Question 62

How do I trace container logs to their source on the node filesystem?

Accepted Answer

A breakdown of where Kubernetes logs live on disk and how to access them using Linux primitives like journalctl and dmesg. Read the full deep-dive here.

Question 63

How do I discover the state of an unfamiliar cluster and its storage?

Accepted Answer

A command-line field guide for discovering, investigating, and extracting data from an unfamiliar Kubernetes cluster. Read the full deep-dive here.

Question 64

How do Kubernetes resource limits translate to Linux kernel primitives?

Accepted Answer

A detailed explanation of performance and resource management in Kubernetes, focusing on how abstract API concepts translate to Linux kernel primitives. Read the full deep-dive here.

Frequently Asked Questions

Foundations

Architecture

Workloads

Networking

Storage

Security

Runtime

Operations

Troubleshooting

Tooling

Reference

Init

Frequently Asked Questions ​

Foundations ​

Architecture ​

Workloads ​

Networking ​

Storage ​

Security ​

Runtime ​

Operations ​

Troubleshooting ​

Tooling ​

Reference ​

Init ​