Quiz Which command lists all Pods in the current namespace?kubectl get podskubectl list podskubectl podskubectl psSubmit What is the smallest deployable unit in Kubernetes?PodContainerDeploymentJobSubmit Which file format is most commonly used for Kubernetes manifests?YAMLJSONINITOMLSubmit Which object manages stateless replicas and rolling updates?DeploymentStatefulSetDaemonSetServiceSubmit Which component runs on every node and manages containers?kubeletkube-proxyscheduleretcdSubmit What is etcd’s primary role in Kubernetes?Store cluster state and configurationBalance network trafficRun Pods on nodesProvide container runtimeSubmit Which object exposes a set of Pods as a stable network endpoint?ServiceIngressEndpointSliceNetworkPolicySubmit The default Service type is…ClusterIPNodePortLoadBalancerExternalNameSubmit Which command shows detailed info about a specific Pod?kubectl describe pod kubectl info pod kubectl details pod kubectl show pod Submit What does a ConfigMap store?Non-sensitive configuration dataTLS private keysContainer imagesNode credentialsSubmit Which object should store passwords or API keys?SecretConfigMapServiceAccountRoleSubmit A DaemonSet ensures that a Pod…Runs on every (or selected) nodeHas persistent storageScales with CPU usageCan receive external trafficSubmit A StatefulSet primarily provides…Stable network IDs and ordered, persistent PodsAutomatic image updatesNode-level loggingIn-cluster DNS recordsSubmit Which command applies a manifest file?kubectl apply -f file.yamlkubectl use file.yamlkubectl run file.yamlkubectl start -f file.yamlSubmit NodePort Services…Expose the Service on the same port across all nodesExpose only within the clusterRequire an Ingress controllerAlways allocate port 443Submit Which controller ensures a specified number of identical Pods are running?ReplicaSetJobCronJobEndpointSliceSubmit Which object provides HTTP routing and TLS termination at L7?Ingress (with controller)Service ClusterIPEndpointNodePort onlySubmit What does kubectl logs show?Container logs from a PodNode kernel logsAPI server audit logsetcd change logSubmit The Kubernetes scheduler is responsible for…Placing Pods on suitable nodesCreating ReplicaSetsUpgrading the control planePersisting cluster stateSubmit RoleBinding grants permissions…To a subject within a specific namespaceCluster-wide to all usersOnly to nodesOnly to ServiceAccounts in kube-systemSubmit ClusterRole vs. Role difference?ClusterRole can apply cluster-wide; Role is namespace-scopedClusterRole is for nodes onlyRole is immutableClusterRole can only read resourcesSubmit Taints on a node…Repel Pods unless they tolerate the taintForce Pods to co-locateExpose node ports externallyRemove labels from nodesSubmit What’s the counterpart allowing Pods onto tainted nodes?TolerationsAffinitySelectorsAnnotationsSubmit Node selectors on a Pod…Constrain scheduling to nodes with matching labelsConfigure network ACLsSet resource limitsSelect Services by labelSubmit Pod anti-affinity does what?Encourages Pods to avoid co-locating on the same nodeForces Pods to run on the same nodeBlocks scheduling entirelyAuto-scales PodsSubmit Which probe determines if traffic should be sent to a container?readinessProbelivenessProbestartupProbehealthProbeSubmit Liveness vs Readiness - pick the best statement.Liveness checks if the process is alive; Readiness gates trafficBoth gate traffic onlyReadiness restarts the containerLiveness exposes a ServiceSubmit What is a Job used for?Run Pods to completion (once or a set number)Maintain a fixed number of replicasExpose workloads externallyPersist cluster configSubmit CronJob adds which capability?Time-based scheduling for JobsHorizontal scalingPod priorityBlue/green deploymentSubmit What is a LimitRange?Policy to set default/maximum resource requests & limits per objectNode CPU hard capStorage quota per namespaceA Pod anti-affinity ruleSubmit ResourceQuota does what?Caps aggregate resource consumption per namespaceEnforces Pod security policiesManages node pool sizeSchedules critical Pods firstSubmit NetworkPolicy objects can restrict…Ingress and egress traffic to/from PodsService creationNode taintsetcd access control listsSubmit The kube-proxy component primarily…Implements Service virtual IPs and simple load-balancingSchedules PodsStores API objectsMounts volumesSubmit A CustomResourceDefinition (CRD) allows you to…Extend the Kubernetes API with new resource typesReplace the API serverModify kubelet flags on nodesCreate new namespaces automaticallySubmit An Admission Controller can…Intercept/validate/mutate API requests before persistenceAssign Pod IPsBalance traffic across ServicesManage node OS upgradesSubmit Which command shows current resource usage (metrics) for Pods?kubectl top podskubectl htopkubectl metrics podskubectl get metricsSubmit PersistentVolumeClaim (PVC) represents…A user’s request for storage resourcesA node’s local diskA storage class driverA snapshot policySubmit A StorageClass is used to…Dynamically provision volumes with parameters and reclaim policiesLabel nodes for storageEncrypt SecretsExpose storage via NodePortSubmit What does imagePullPolicy: IfNotPresent do?Pulls the image only if it’s not cached on the nodeAlways pulls the imageNever pulls the imagePulls once per namespaceSubmit PodDisruptionBudget (PDB) helps…Limit voluntary disruptions to maintain minimum available PodsLimit CPU throttlingConfigure NetworkPolicy defaultsForce node cordon during updatesSubmit What is kubeadm primarily used for?Bootstrap/upgrade a secure Kubernetes clusterPackage chartsProvide CNI pluginsCollect node logsSubmit Which field ensures Pods start in a defined order in StatefulSets?podManagementPolicy (OrderedReady)runPolicy: SequentialstartupProbe: serialinitOrder: ascendingSubmit Pod priority and preemption allow…Higher-priority Pods to evict lower-priority ones during pressureNodes to share CPUServices to gain public IPs automaticallyCRDs to load earlierSubmit An Init Container runs…Before app containers start, to perform setup tasksAfter all containers exitOnly on the first nodeConcurrently with all containersSubmit What does a Sidecar container commonly provide?Auxiliary features like logging, proxying, or config reloadingStorage provisioningNode health checksetcd clusteringSubmit EndpointSlice improves over Endpoints by…Scaling better for large numbers of endpointsEncrypting all pod-to-pod trafficReplacing Services entirelyForcing sticky sessionsSubmit Which object defines fine-grained pod-to-pod DNS records?Headless ServiceNodePort ServiceIngressNetworkPolicySubmit Which kubectl command lets you run a command inside a running container?kubectl exec -it -- kubectl run -it kubectl attach kubectl shell Submit What label key is commonly used by Services to select Pods?app or app.kubernetes.io/namepodIPcontroller-revision-hashnode-role.kubernetes.io/control-planeSubmit An IngressClass resource…Selects which controller should implement a given IngressAssigns public IPs to ServicesCreates TLS certificatesConfigures kube-proxy modesSubmit