Kubernetes Part 2: Managing Namespaces

Questions and Answers

What is the purpose of Namespaces in Kubernetes?

To partition a single Kubernetes cluster into multiple virtual clusters. (correct)

To restrict resource usage for each application.

To increase the number of available nodes in a cluster.

To improve the performance of individual pods.

How can you deploy resources to a specific Namespace imperatively?

By using the 'create' command with an exclusive flag.

By defining the Namespace as an environment variable.

By specifying the workload type in the configuration file.

By adding the –n or --namespace flag to the commands. (correct)

Which command would you use to view the existing Namespaces in your Kubernetes cluster?

kubectl list all namespaces

kubectl show namespaces

kubectl print namespaces

kubectl get namespaces (correct)

What is the default Namespace where resources are deployed if no specific Namespace is stated?

default

What is the relationship between a Service and its Pods?

The Service decouples the lifecycle from that of the Pods.

What does each Pod in Kubernetes uniquely receive?

An individual IP address.

Which of the following is not a valid way to manage Namespaces?

Deploying resources directly without a Namespace.

What does Ingress provide in the context of services in Kubernetes?

A way to expose services with a stable IP address.

What is the main feature of the ClusterIP type of Kubernetes Service?

Only accessible from inside the cluster.

What does the NodePort type of Kubernetes Service provide?

Access via a dedicated port on cluster nodes.

The Ingress resource in Kubernetes is primarily used to:

Handle SSL termination and routing of HTTP traffic.

Which of the following is a limitation of the NodePort type?

Requires knowledge of node names for access.

What happens when a Pod fails while using a Service in Kubernetes?

The Service dynamically removes the failed Pod from its healthy list.

What is true about the LoadBalancer type of Kubernetes Service?

Integrates with an internet-facing load-balancer.

If a database URL is hard-coded in an application, what should be done to change it?

Re-build the container image and push it to the repo.

How does the Service interact with Pods in Kubernetes?

Through selectors that match the Pods based on labels.

What is the primary use of a ConfigMap in Kubernetes?

Storing non-sensitive configuration data

How can containers access data stored in a ConfigMap?

Via mounted volumes and environment variables

Which of the following is NOT a typical use case for ConfigMaps?

Storing user credentials

What is the key difference between ConfigMaps and Secrets in Kubernetes?

ConfigMaps store non-sensitive data, while Secrets store sensitive data

Which of the following is a valid format for an entry in a ConfigMap?

db-port:13306

What must be done to use a ConfigMap as a volume in a Pod?

Create the ConfigMap and mount it into the container

Which of the following statements about Secrets is true?

Secrets are designed for sensitive data like certificates and tokens

What does the term 'key/value pair' refer to in the context of ConfigMaps?

An entry format consisting of a key and a corresponding value

Study Notes

Kubernetes - Part 2

• Kubernetes clusters can be partitioned into virtual clusters using namespaces
• By default, deployments are placed in the default namespace
• Namespaces help share a single cluster among different departments and environments
• Examples of namespaces include Dev, Test, and QA
• Each namespace can have its own set of users and permissions
• Every Kubernetes cluster has pre-created namespaces
• Use the kubectl get namespaces command to list namespaces in your cluster

Inspect Namespaces

• The command kubectl get namespaces lists namespaces in your cluster, including their status and age
• Example output includes kube-system, default, kube-public, and kube-node-lease, all with an Active status and a 3d age

Create and Manage Namespace

• Create a new namespace named "hydra" using the command kubectl create ns hydra
• Creating a new namespace using YAML is also possible
• The command kubectl delete ns hydra deletes the "hydra" namespace

Deploying to Namespaces

• Deploy objects to a specific namespace using either imperative or declarative methods
• Imperative involves using the -n or --namespace flag in commands
• Declarative involves specifying the namespace in the YAML manifest file.

Pod

• The smallest unit in Kubernetes is a Pod
• Pods abstract containers
• Usually, a single application resides in one pod.
• A pod gets its own IP address
• The IP address changes if the pod is recreated

Service & Ingress

• Services provide permanent IP addresses
• The lifecycle of a pod and a service are decoupled
• Choose the service type (e.g., Internal Service, External Service) during creation
• An Internal Service is the default
• Accessing pods externally is possible through an Ingress. An external service exposes the pod for accessing outside the cluster

Service

• Services act as a front end for Pods
• They provide stable IP addresses, DNS names, and ports
• Services load-balance traffic to pods with matching labels.
• Pods in a service can independently scale, fail, update, and be rolled back without adversely affecting the service

Loosely Coupled with Pods via Labels and Selectors

• Services are loosely coupled with pods via labels and selectors
• Services select pods based on matching labels
• This decoupling allows pods to be added or removed without affecting the service

Example of Service Selecting on Pods

• The svc.yml file defines the service, selecting pods with labels app: hello-world and env: tkb
• The deploy.yml file describes the deployment, giving associated pods the same labels

ClusterIP

• ClusterIP is a Kubernetes service type for internal access only
• A service of this type is only accessible inside the cluster network
• Creating a new service dynamically assigns a stable ClusterIP

NodePort

• NodePort builds on ClusterIP for external access
• It enables external access via a dedicated port on a cluster node
• This requires knowledge of node names and high port numbers

LoadBalancer

• LoadBalancer makes external access easier
• It integrates with external load balancers
• Allows access using public IP addresses and registering friendly DNS names

Ingress

• Overrides NodePort and Loadbalancer limitations
• Exposes multiple services via a single load-balancer
• Simplifies external access by abstracting away the need to know node names and port numbers

ConfigMap

• ConfigMaps store non-sensitive application configuration
• Includes environment variables, configuration files, hostnames, and service ports
• ConfigMaps can be stored as key-value pairs, also known as entries.

How Containers Connect to ConfigMap

• Containers can connect to ConfigMaps through environment variables
• Arguments in the startup command
• Files in a volume

Environment Variables

• Environment variables in containers can point to ConfigMap data

Arguments to Container's Startup Command

• An alternative method of accessing ConfigMap data
• Add the ConfigMap data to container startups

Use ConfigMaps with Volumes

• ConfigMap data can be mounted as volumes in containers
• This makes ConfigMap data persist during application restarts

Secrets

• Used for sensitive data
• Data stored as secrets include passwords, certificates, and Oauth tokens
• Similar structure and function to ConfigMaps

Description

This quiz covers the management of namespaces in Kubernetes. Learn how to create, list, and delete namespaces within your Kubernetes cluster. Understanding namespaces is crucial for sharing resources efficiently across different environments.