KCNA Flashcards

Question

Workload Objects in K8s

Answer 1

ReplicaSet - controller Object that makes sure a desired number of pods are running at any given time - used to scale applications and improve their availability - they do this by starting multiple copies of a pod definition Deployment - most feature-rich object in K8s - can be used to describe complete application lifecycle - perfect to run stateless applications in K8s StatefulSet - can be used to run stateful applications like databases in K8s - try to retain IP addresses of pods and give them a stable name, persistent storage and more graceful handling of scaling DaemonSet - ensures that a copy of a Pod runs on all (or some) nodes of your cluster - perfect to run infrastructure-related workload like monitoring or logging Job - creates one or more pods that execute a specific task and terminate afterwards - perfect to run one-shot skripts like database migrations or administrative tasks CronJob - add a time-based configuration to jobs, that allows Jobs to run periodically like every hour

Answer 2

Services - can be used to expose a set of pods as a network service - there are 4 Service Types: ClusterIP - most common service type - is a virtual IP inside K8s that can be used as a single endpoint for a set of pods - can be used as a round-robin load balancer NodePort - extens the ClusterIP by adding simple routing rules - opens a port between 30000-32767 on every node in the cluster and maps it to the ClusterIP - allows routing external traffic to the cluster LoadBalancer - extends the NodePort by deploying an external LoadBalancer instance - will only work if your environment has an API to configure a LoadBalancer instance (f.e. on Hetzner, AWS…) ExternalName - special service type that has no routing - uses k8s internal DNS server to create a DNS alias - useful if you want to reach external resources from your Kubernetes cluster Ingress Object - exposes HTTP and HTTPs routes from outside the cluster for a service inside the cluster - configures routing rules a user can set and implement with an ingress controller

Answer 3

- k8s made volumes part of a pod - volumes allow sharing data between multiple containers in the same pod - prevents data loss when Pod crashes and is restarted on the same node - only data stored to a volume will be saved PersistentVolumes (PV): - abstract description for a slice of storage - object configuration holds type of volume, volume size, access mode and information on how to mount it PersistentVolumeClaims (PVC): - request for storage by a user - if cluster has multiple volumes, user can create PVC which will reserve a PV according to his needs

Answer 4

- applications often have config files or need connections strings to other services - in K8s the configuration from the pods is decoupled with a ConfigMap - ConfigMaps can be used to store whole configuration files or variables as key-value pairs - you can mount a ConfigMap as volume in a pod or map variables from the ConfigMap to environment variables of a Pod - secrets for sensitive data

Answer 5

Horizontal Pod Autoscaler (HPA) - most used autoscaler in K8s - watches Deployments or ReplicaSets and increases number of Replicas is threshold is reached Cluster Autoscaler - can add new worker nodes to the cluster if the demand increases - works great in tandem with the HPA Vertical Pod Autoscaler - relatively new - allows Pods to increase resource requests and limits dynamically - is limited by the node capacity

Answer 6

- every applications lifecycle starts with code that is written - best way to manage source code is a version control system (Git) - next step is building the application (this includes docker images) - last step is delivering the application to the platform it should run on

Answer 7

Continuous Integration - first part of the process - described permanent building and testing of the written code Continuous Delivery - second part of the process - automates deployment of the pre-built software - software is often deployed to Development or Staging environments before it gets released Pipelines are used for whole automation of this workflow: - build code - run tests - deploy to servers - perform security and compliance checks

Answer 8

- Infrastructure as Code - merge requests to manage infrastructure changes Push-based: - pipeline runs tools that make changes in the platform - changes can be triggered by commit or merge requested Pull-based - agent watches git repository for changes and compares it to the actual running state - applies changes to the infrastructure when changes were detected - K8s is well suited for GitOps because of its API

Answer 9

- often used synonymously with monitoring - is the system stable? - is the system sensitive to change? - do certain metrics exceed their limits? - why does a request to the system fail? - are there any bottlenecks?

Answer 10

- distance (tele) measuring (metry) - each and every application should have build in tools that generate information data - information data should be collected and transferred in a centralized system Logs - messages emitted from an application when errors, warnings or debug information should be represented Metrics - quantitive measurments taken over time - f.e. a number of requests or an error rate Traces - track progression of a request while it’s passing through the system - provides information of when a request was processed by which service and how long it took

Answer 11

- many frameworks come with logging tools built-in Linux programs provide three I/O streams: - standard input (stdin): Input to a program e.g. via keyboard - standard output (stdout): The output of a program - standard error (stderr): Errors of a program Node-level logging - most efficient way to collect logs - admin configures a log shipping tool that collects logs and ships them to a central system Logging via sidecar container - application has a sidecar container that collects and ships logs Application-level logging - the application itself pushes the logs directly to the central store

Answer 12

- open source monitoring system collects four core metrics: - Counter: value that increases, like request or error count - Gauge: values that increase or decrease, like memory size - Histogram: sample of observations, like request duration or response size - Summary: similar to histogram, but also provides total count of observations To expose those metrics, applications can expose an HTTP endpoint under /metrics.

Answer 13

- used to understand how a request is processed in a microservice architecture - consists of multiple units of work - each application can contribute a span to a trace which can include start and finish time, name, tags or a log message

Answer 14

- cloud providers don’t offer “pro-bono” - analyze what is really needed and automate the scheduling of resources needed Identify wasted and unused resources - with good monitoring its easy to find unused resources - autoscaling helps to shut down instances that are not needed Right-Sizing - when starting out, it can be a good idea to choose servers with lot more power than actually needed - good monitoring give good indications over time how much actually is needed - ongoing process to always adapt to the load you actually need Reserved Instances - On-demand pricing models are great if you really need resources on-demand - if not, you’re paying a lot for “on-demand” service - you can reserve resources and pay them upfront if you can estimate the resources you will need Spot Instances - use spot instances for heavy batch of jobs or load for a short amount of time - you get unused resources that have been over-provisioned by the cloud vendor for very low prices - spot instances can be terminated since these are not reserved for you but for the one who paid the full price

KCNA Flashcards

(38 cards)