CONTINUAL INTEGRATION – Page 121 – A Technical I.T./DevOps Blog

How Do You Find the Port Number That GitLab’s Web UI Uses from the Back-end of a Linux Server?

Problem scenario
You have an existing GitLab set up on a Linux server. You have access to the back-end. You want to find the port number to connect to. How do you do this?

Solution
First find the external IP address (e.g., curl icanhazip)

Second, install nmap (e.g., sudo yum -y install nmap or sudo apt-get -y install nmap).

Three run this command (but replace x.x.x.x with the IP address found in the first step above):
nmap -Pn x.x.x.x | grep open

Kubernetes Quiz

This is a quiz about containers, Docker, and Kubernetes -- but mostly about Kubernetes. You can test yourself before a job interview. You may also want to see this list of Kubernetes books.

1. cgroups govern which of the following resources (choose all that apply)?

a. CPU
b. Namespaces
c. Memory
d. Disk I/O rates

2. What does the Docker cache do?

a. It makes containers start up and be fully functional from a stopped state more rapidly.
b. It makes pulling an image from a repository happen more rapidly.
c. It makes the creation of an image from a Dockerfile more rapidly.
d. It enables Docker Swarm to integrate with Kubernetes.

3. What type of logging solution underlies Kubernetes default centralized capabilities?

a. LogStash via Elastic Stack
b. The EFK stack (ElasticSearch, FluentD, and Kibana)
c. Open source Splunk
d. Syslog
e. None of the above, Kubernetes has no centralized logging by default.

4. What does the docker inspect command analyze?

a. Containers.
b. Images.
c. Docker networks.
d. All of the above.

5. What are three (of the six) types of resources that are namespaced via a Docker container?

6. Using a kubectl command, can you list individual containers?

Yes
No

7. Which of the following is the primary function of the Kubernetes scheduler?

a. Sets a trigger based on resource utilization for a Kubernetes event to happen.
b. Sets a trigger based on time for a Kubernetes event to happen.
c. To allocate a pod on a given worker node.
d. Prioritizes the maintenance of the controller manager according to the time of day.

8. How does the Kubelet authenticate with Kubernetes to govern the worker node and ensure it is part of the Kubernetes cluster?

a. Using secrets it authenticates with the Controller Manager.
b. etcd must be configured directly without the API server, and etcd must have the node's configuration information for a worker node to work.
c. The Kubelet contacts the control plane and the scheduler will accept or reject the node.
d. Initially the Kubelet registers with the API server to create a "node" resource.

9. What are the two things that the API server in the Kubernetes control plane does (choose one of the following letter options)?

a. Finds nodes with sufficient resources and assigns pods to such nodes.
b. Manages replications of pods by increasing them during a scale out and decreasing them when scaling in.
c. Ensure no resource starvation happens for a given cluster and manages the Deployment API object.
d. Stores resources in etcd and notifies clients about the change.
e. Listens to the Kubernetes service proxy and manages affinity/anti-affinity rules.

10. What is the Kubernetes Service Proxy? Choose two.

a. A distributed key-value data store.
b. kube-proxy, one of three components that comprise a worker node (the others being a container runtime and kubelet).
c. The part of the control plane that performs cluster-level functions such as replication.
d. Something that load-balances network traffic between application components.
e. An HTTP endpoint for Services that do not require a fixed IP address.
f. An HTTP endpoint for Services that do not require port 443.

11. What is the kube-proxy? Choose two.

a. It acts as a proxy-like endpoint for a website that is powered by a Kubernetes cluster to allow for external traffic to be routed to the Pods.
b. It exists on the worker node and routes internal traffic destined for Kubernetes endpoints to one or more Pods on a given worker node.
c. It controls the container runtime on the node.
d. It exists on the control plane and routes internal traffic destined for Kubernetes endpoints to one or more Pods on a given worker node.
e. The Kubernetes Service Proxy.

12. What is a label selector in Kubernetes?

a. a pod label selector
b. a node label selector
c. Something used by kubectl to list a subset of pods.
d. Something used by Kubernetes internally to list a subset of pods.
e. It is something that is defined in a .yaml file (e.g., for use in a command such as "kubectl create -f foobar.yaml").
f. Something the can be combined for composite criteria (e.g., type1=alpha,type2=financialapp) when selecting pods.
g. All of the above
h. none of the above

13. What creates the pods on the nodes when a Deployment Controller attempts to converge system resources toward a desired state?

a. Deployment Manager
b. The Kubelet
c. The Replication Manager
d. The Node Controller
e. The Scheduler
f. None of the above

14. Stateful containers and the StatefulSet Controller deal with which of the following?

a. Stateful containers and StatefulSet Controller do not exist; containers are ephemeral.
b. Ensuring each atomic process of a container is related to the previous process (e.g., to prevent a container breakout).
c. Instantiating, managing, mounting, and/or writing to a persistent volume.
d. None of the above.

15. What is a pod in Kubernetes?

a. A container
b. A container and etcd
c. A group of one or more closely related containers
d. The Docker host (the server that hosts containers)
e. None of the above

16. What command in Kubernetes will list the pods (associated with the kubeconfig) on your server with kubectl?

a. kubectl describe pods
b. kubectl explain pods
c. kubectl get pods
d. kubectl list-cluster
e. kubectl list pods

17. What is the equivalent of the "man" page for Kubernetes services?

a. kubectl describe svc
b. kubectl help svc
c. kubectl man svc
d. kubectl explain svc

18. How do you find out the IP address, the TCP/IP port and age of a given service that is running on your Kubernetes cluster?

a. kubectl describe svc
b. kubectl get resources
c. kubectl get rs
d. kubectl get svc
e. kubectl explain svc

19. When a Kubernetes cluster supports a web application, how is routing done? ____________________________________________

20. What component of the Kubernetes control plane sends out the liveness probes to the pods?

a. The API server
b. The Controller Manager
c. etcd
d. The Scheduler
e. None of the above.

21. What component of the Kubernetes control plane ultimately responds to failed liveness probes of containers?

a. The API server
b. The Controller Manager
c. etcd
d. The Scheduler
e. None of the above.

22. Which of the following are true in Kubernetes? Choose all that apply.

a. Taints are for nodes.
b. Taints are for pods.
c. Tolerations are for nodes.
d. Tolerations are for pods.

23. From which of the following can you create a Docker image?

a. a Dockerfile
b. a container
c. a .tar file
d. all of the above
e. none of the above

24. How many Schedulers in the control plane can run in a working Kubernetes cluster? Choose the most accurate answer.

a. You must have exactly one Scheduler.
b. You can have no Schedulers or at most one Scheduler.
c. You can have one or two Schedulers for every master node.
d. You can have no Schedulers or several.

25. Is there a difference between a pod specification and a manifest?

Yes or No?

26. Describe the lifecycle of a container.

______________________________________

27. How does Kubernetes do Service Discovery?

a. Via environment variables for the socket of the service.
b. Via DNS.
c. Both of the above.
d. Via kube-proxy
e. None of the above.

28. Which of the following is the most recommended way to make the Kubernetes control plane highly available?

a. Have multiple masters with at least three Schedulers configured as the "--leader-elect" option.
b. Have multiple Controller Managers and one API server, one etcd instance and one scheduler.
c. Introduce a load balancer between the Kubelets and the API servers that serve multiple masters.
d. Currently you cannot because etcd needs to be one instance to serve the control plane.

29. In multi-master Kubernetes control planes, list the components (one or more) that do nothing until they are designated as a --leader-elect? Choose the most correct answer.

a. API Server
b. Controller Manager
c. etcd
d. Scheduler
e. a and b
f. b and c
g. a and c
h. b and d
i. None of the above.

30. What namespace(s) is (or are) there by default with Kubernetes?

a. default
b. docker
c. kube-system
d. kube-public
e. kube-proxy
f. a and b
g. a and e
h. a, c, and d
i. a through e

31. What is a Kubernetes operator?

a. A Kubernetes systems administrator.
b. A given application running in Kubernetes that is using container services.
c. The underlying server(s) of a Kubernetes cluster.
d. A user permission in the Kubernetes control plane.
e. A method or pattern in the form of a program that automates Kubernetes procedures that are normally handled by a human.

32. What is a difference between a readiness probe and a liveness probe?

a. A readiness probe is sent from the kubelet telling the control plane what affinity it should have for sending pods to the worker node. A liveness probe is sent from the kubelet telling the control plane it is merely available. The readiness probe provides more information.
b. A readiness probe is for deployment sets whereas a liveness probe is for the controller manager.
c. A liveness probe is for deployment sets whereas a readiness probe is for the controller manager.
d. Liveness probes are for potentially restarting containers whereas readiness probes are for signaling that a pod is ready for traffic.
e. Readiness probes are from pods and liveness pods are from nodes.
f. Liveness probes are from pods and readiness pods are from nodes.
g. Liveness probes are from the control plane and readiness probes are from the nodes.

33. What is a startup probe in Kubernetes?

a. It is sent from the control plane to start a container application.
b. It is sent from the pod to the control plane to initiate a scale out process.
c. It is a configurable setting to signal that a container application has started running and will prevent liveness and readiness probes from working until the container has started.
d. None of the above.

34. The Scheduler in the control plane governs future or current pod allocations in the worker nodes?

a. Current
b. Future
c. Both
d. Neither

35. What are Kubernetes Admission Controllers?

a. A component of the control plane to authenticate a worker node to join a Kubernetes cluster.
b. An optional component of the kubelet to authenticate a worker node to be part of a Kubernetes cluster.
c. They are synonymous with Admission Control plugins, and they enforce sophisticated security.
d. A feature of the controller manager to authorize users to connect to the Kubernetes cluster.

36. How do you bypass admission control plugins?

a. Run a command like this: kube-apiserver --disable-admission-plugins=PodNodeSelector,AlwaysDeny …
b. Use read-only client/HTTP requests to the API server (as opposed to creating pods, pulling images, or modifying a cluster)
c. a and b
d. None of the above, but it is possible.
e. None of the above; it is not possible to bypass admission control plugins.

37. How many ServiceAccounts can a pod be associated with?

a. None, pods do not use ServiceAccounts.
b. Zero or one.
c. One.
d. Two.
e. An infinite number

38. What is a ServiceAccount?

a. An account that lives solely in the control plane to maintain cluster-level resources.
b. A non-user account that runs in the Kubelet to authenticate to the Scheduler.
c. A non-user account that runs in the Kubelet to authenticate to the Controller Manager.
d. A way for an application running inside a pod to authenticate with the API server.

39. Which of the following types of services can help make a service externally accessible? Choose all that apply.

a. ClusterIP
b. LoadBalancer
c. NodePort
d. Ingress
e. None of the above.

40. Every controller does which of the following?

a. Communicates with other controllers
b. Wait for the API server to indicate a change must be made
c. Manipulates pod API objects to make changes
d. All of the above
e. Both a and b
f. Both b and c
g. None of the above

41. What are some discrete components that the API server interacts with directly? Choose all that apply.

a. kube-proxy
b. The kubelet on worker notes
c. The ReplicaSet controller
d. The DaemonSet Controller
e. etcd
f. Scheduler
g. The Endpoints controller
h. The Persistent Volume controller
i. A server with the kubectl command

42. RoleBindings and ClusterRoleBindings bind Roles and ClusterRoles for which of the following?

a. Users
b. Groups
c. ServiceAccounts
d. All of the above
e. None of the above

43. True or False? The API server does nothing but store resources in etcd and inform clients about this process after it happens.

True
False

44. Which are valid types of readiness probes? Choose three.

a. a service probe
b. an HTTP GET probe
c. a TCP Socket probe
d. a liveness probe
e. an ICMP probe
f. a process listening probe
g. an Exec probe

45. In open source Kubernetes, a namespace, a cluster, and a user are associated with each other with which of the following?

a. project
b. context
c. etcd
d. kubelet
e. kube-proxy
f. none of the above

46. Network communication between Pods happens because of which of the following?

a. Container Network Interface plugin
b. NAT
c. the kubelet
d. all of the above
e. none of the above

47. How is the PodDisruptionBudget different from the maxUnavailable setting?

a. The PodDisruptionBudget is a setting in GKE associated with a low cost tier whereas the maxUnavailable is a GKE setting associated with a fixed service level agreement with GCP.
b. The PodDisruptionBudget is a setting in EKS associated with a low cost tier whereas the maxUnavailable is a EKS setting associated with a fixed service level agreement with AWS.
c. The PodDisruptionBudget setting is a subsetting parameter for a deployment "strategy" to keep available old pods during the deployment whereas the maxUnavailable involves pods remaining available when pods are evacuating nodes.
d. The maxUnavailable setting is a subsetting parameter for a deployment "strategy" to keep available old pods during the deployment whereas the PodDisruptionBudget involves pods remaining available when pods are evacuating nodes.

48. How do you backout of a Kubernetes deployment named "foobar"?

a. Run "kubectl rollout undo deployment foobar"
b. Run "kubectl rollback deployment foobar"
c. Run "kubeadm revert foobar"
d. Run "kubectl backout foobar"
e. There is no supported way to do this.

49. What is Kubernetes Cluster Federation?

a. A configuration that brings EKS, AKS, and GKE together to be seen as one Kubernetes cluster
b. A way of attaching multiple Kubernetes clusters in a coherent way
c. A cluster of Kubernetes clusters
d. A proprietary distribution of Kubernetes
e. a, b, c
f. none of the above

50. What pair of components handle DNS resolution in Kubernetes pods?

a. The kubelet and the Container Network Interface plugin
b. The kubelet and etcd
c. Label selectors and the Endpoint Controller
d. A pod's /etc/resolv.conf file and the kube-dns pod
e. None of the above.

51. What is Envoy?

a. Environment-specific configuration immutably placed into a container.
b. A communication bus and platform-agnostic data plane.
c. A container that adapts at run-time to specific configuration requests.
d. A container that has Quality-of-Service options unavailable in open source Kubernetes.
e. A sidecar container designed to have cached authentication with another service.

52. Which of the following are Quality of Service class designations for a Pod? Choose all that apply.

a. Available
b. BestEffort
c. NonPreemptive
d. Reserved
e. Shared
f. Guaranteed
g. Minimal
h. HighAvailable
i. Burstable
j. HighPriority

53. On Kubernetes 1.11 or higher, when an existing PVC's size is requested to be enlarged, what happens by default (assuming there is space available)?

a. A new volume is created and the pre-existing one is destroyed.
b. A new volume is created and the pre-existing one remains.
c. The pre-existing one's size is expanded.
d. The request fails.

54. What kubectl command would you use to remove pods from a node before maintenance without making the node unschedulable?

a. kubectl evict
b. kubectl cordon
c. kubectl uncordon
d. kubectl drain
e. kubectl taint
f. kubectl taint all

55. Name three verbs that the Kubernetes API server supports (e.g., /v1/api/dosomething).
________
________
________

56. Name three different distributions of Kubernetes.
_______________
_______________
_______________

57. What is a service mesh?
______________________________________________

58. Name three different service meshes for K8S.
________________________
________________________
________________________

59. What is Ambassador in Kubernetes?

a. A type of sidecar container designed to facilitate connectivity to services outside the Kubernetes cluster
b. A type of sidecar container designed to facilitate connectivity to services inside Kubernetes cluster
c. An ingress controller based on Swarm
d. An ingress controller based on Envoy
e. A technology that facilitates sending traffic directly to pods and bypassing kube-proxy
f. a and c
g. a and d
h. b and c
i. b and d
j. a, c and e
k. a, d and e
l. b, c and e
m. b, d and e
n. None of the above.

60. The concept of standing up the new pods simultaneously while all of the old pods are still running (and later dissolve the old pods) describes which pattern?

a. Rolling update
b. Blue/Green release
c. Canary release
d. Recreate strategy
e. Stand-up release
f. Fixed deployment
g. Standard update

61. Which of the following were influenced from the the Gang of Four Design Patterns book?

a. Kubernetes design patterns
b. Apache Camel's architecture and features
c. Both of the above
d. None of the above

62. Which of the following is ideal for a kube-proxy or some cluster-wide operator such as a log collector?

a. DaemonSet
b. ReplicaSet
c. CronJob
d. Deployment

63. Which of the following is a way that will cause Kubernetes to scale out? Chose the most accurate response.

a. A "kubectl scale" command
b. A "kubectl create" command with .yaml that includes a properly configured YAML file (that uses a resource kind such as a deployment or replicaset to utilize more pods).
c. Automatically based on resource utilization
d. All of the above
e. a and b
f. a and c
g. b and c
h. none of the above

64. Which component of Kubernetes is responsible for deleting the persistent volumes so they can be recycled after a StatefulSet has been discarded?

a. the API server
b. the Kubelet
c. the Controller Manager
d. the Scheduler
e. None of the above

65. What is the rule syntax in a YAML file to prevent a Pod from running as root?

a. NoAllowPrivilegeEscalation
b. RootNotAllowed
c. MustRunAsNonRoot
d. RunAsNonRoot

66. What is the difference between uncordon and taint?

a. uncordon marks a node as unschedulable (for any pod), but a taint marks a pod as unsuitable for certain nodes
b. uncordon marks a node as unsuitable for certain pods, but a taint marks a pod as unscheduable with certain nodes
c. uncordon marks a node as schedulable, but a taint marks a pod as unsuitable for certain nodes
d. None of the above.

67. What is a Docker tag? Choose the most correct answer.

a. A variety of meta data about a Docker container stored in the container file itself
b. A variety of meta data about a Docker image stored in the Docker image file or the Docker registry
c. A registry-wide unique identifier of a Docker image
d. A repository-wide unique identifier of a Docker image
e. All of the above
f. None of the above

68. To tag an image, you would run which of the following?

a. docker tag
b. docker build -t
c. docker build --tag
d. All of the above
e. None of the above

69. For a typical Kubernetes deployment, what components of a worker node typically interact with which component of the Control Plane? Choose 2, 3, or 4, but also choose the most accurate combination.

a. For the worker node, the kubelet
b. For the worker node, the kube-proxy
c. For the worker node, the Container Runtime
d. For the Control Plane, the API server
e. For the Control Plane, the Scheduler
f. For the Control Plane, the Controller Manager
g. For the control plane, etcd

70. What type of logging solution underlies Kubernetes' built-in ability to monitor individual containers and the node itself?

a. Heapster
b. cAdvisor from inside kube-proxy
c. cAdvisor from inside the Kubelet
d. cAdvisor on the node from outside the Kubelet
e. cAdvisor inside the container runtime
f. the Kubelet

71. What are valid types of taints?

a. NoSchedule
b. PreferNoSchedule
c. NoExecute
d. A and B
e. B and C
f. A and C
g. All of the above
h. None of the above; there is only one valid taint.
i. None of the above; the other types are not listed

72. How many etcd nodes is it recommended for the production implementation of the Kubernetes cluster?

a. 1
b. 3
c. 5
d. 6

73. What is the difference between a pod and a container?
___________________________________________

You can find the answers to this quiz here.

Kubernetes Quiz and Answers

This is a quiz about containers, Docker, and Kubernetes -- but mostly about Kubernetes. You can test yourself before a job interview. You may also want to see this list of Kubernetes books.

1. cgroups govern which of the following resources (choose all that apply)?

a. CPU
b. Namespaces
c. Memory
d. Disk I/O rates

Answer: A, C, and D. Source: Page 157 of Docker Up & Running, First Edition, by Matthias and Kane. The second edition can be purchased here.

2. What does the Docker cache do?

Answer: C. Source: https://thenewstack.io/understanding-the-docker-cache-for-faster-builds/

3. What type of logging solution underlies Kubernetes default centralized capabilities?

a. LogStash via Elastic Stack
b. The EFK stack (ElasticSearch, FluentD, and Kibana)
c. Open source Splunk
d. Syslog
e. None of the above, Kubernetes has no centralized logging by default.

Answer: E. Page 501 of Kubernetes in Action by Marko Luksa

4. What does the docker inspect command analyze?

a. Containers.
b. Images.
c. Docker networks.
d. All of the above.

Answer: D. Source man docker inspect from a server with Docker installed.

5. What are three (of the six) types of resources that are namespaced via a Docker container?

Answer: Any of three of these six are acceptable: Mount, UTS (Unix Timesharing System), IPC, PID, network, and user. Source pages 161 and 162 of Docker Up & Running, First Edition by Karl Matthias and Sean Kane. The second edition can be purchased here.

6. Using a kubectl command, can you list individual containers?

Yes
No

Answer: No. According to page 43 of Kubernetes in Action, you can only list "standalone Kubernetes objects." Containers are not necessarily Kubernetes objects.

7. Which of the following is the primary function of the Kubernetes scheduler?

a. Sets a trigger based on resource utilization for a Kubernetes event to happen.
b. Sets a trigger based on time for a Kubernetes event to happen.
c. To allocates a pod on a given worker node.
d. Prioritizes the maintenance of the controller manager according to the time of day.

Answer: C. The scheduler is defined as allocating a pod on a worker node according to page 44 of Kubernetes in Action.

8. How does the Kubelet authenticate with Kubernetes to govern the worker node and ensure it is part of the Kubernetes cluster?

Answer: C. Page 326 of Kubernetes in Action by Marko Luksa

9. What are the two things that the API server in the Kubernetes control plane does (choose one of the following letter options)?

Answer: D. Page 321 of Kubernetes in Action by Luksa.

10. What is the Kubernetes Service Proxy? Choose two.

Answer: B and D. Page 19 of Kubernetes in Action by Luksa.

11. What is the kube-proxy? Choose two.

Answer: B and E. Page 19 and 327 of Kubernetes in Action by Luksa.

12. What is a label selector in Kubernetes?

Answer: G. Source: Pages 72 through 74 of Kubernetes in Action by Marko Luksa. (Via an online conversation with an expert, we determined A and B were both label selectors.)

13. What creates the pods on the nodes when a Deployment Controller attempts to converge system resources toward a desired state?

a. Deployment Manager
b. The Kubelet
c. The Replication Manager
d. The Node Controller
e. The Scheduler
f. None of the above

Answer: B. Source: The middle of page 319 of Kubernetes in Action by Luksa provides the answer. The top of page 324 of Kubernetes in Action by Luksa has additional context.

14. Stateful containers and the StatefulSet Controller deal with which of the following?

Answer: C. Source: Page 324 of Kubernetes in Action by Luksa.

15. What is a pod in Kubernetes?

a. A container
b. A container and etcd
c. A group of one or more closely related containers
d. The Docker host (the server that hosts containers)
e. None of the above

Answer: C. Source: "A pod is a group of one or more tightly related containers that will always run together on the same worker node and in the same Linux namespace(s)." This quote was taken from page 43 of Kubernetes in Action by Luksa.

16. What command in Kubernetes will list the pods (associated with the kubeconfig) on your server with kubectl?

a. kubectl describe pods
b. kubectl explain pods
c. kubectl get pods
d. kubectl list-cluster
e. kubectl list pods

Answer: C. kubectl get pods

17. What is the equivalent of the "man" page for Kubernetes services?

a. kubectl describe svc
b. kubectl help svc
c. kubectl man svc
d. kubectl explain svc

Answer: D. kubectl explain svc

18. How do you find out the IP address, the TCP/IP port and age of a given service that is running on your Kubernetes cluster?

a. kubectl describe svc
b. kubectl get resources
c. kubectl get rs
d. kubectl get svc
e. kubectl explain svc

Answer: A. kubectl describe svc

19. When a Kubernetes cluster supports a web application, how is routing done? ____________________________________________

Answer
The external traffic is destined for a host, and the underlying pod can be determined via the rules of a "spec" configured in an appropriate yaml of an ingress controller. A service (or an ingress) of a Kubernetes cluster and a worker node's kube-proxy are the primary components usually involved. (To learn more about the differences between a service and an ingress in Kubernetes, see this posting. An ambassador container could support the bypassing of the kube-proxy.) The service listens on a given socket. A service is not attached to a pod. The kube-proxy makes sure a request to an IP address and a port of a service is ultimately connected to a back-end pod. A taint on the node may make it ineligible for the kube-proxy to route traffic to a pod therein. A toleration in a pod may override the taint on the node. (The source of the previous two sentences is this page.) A readiness probe can set a complex set of parameters for a pod to be potentially ready or not to receive traffic; conditional logic can happen at the point of routing due to readiness probes. For a detailed explanation, see this posting.

20. What component of the Kubernetes control plane sends out the liveness probes to the pods?

a. The API server
b. The Controller Manager
c. etcd
d. The Scheduler
e. None of the above.

Answer: E. The kubelet (a component not in the control plane) sends out the liveness probe. The source is page 90 of Kubernetes in Action by Luksa.

21. What component of the Kubernetes control plane ultimately responds to failed liveness probes of containers?

a. The API server
b. The Controller Manager
c. etcd
d. The Scheduler
e. None of the above.

Answer: B. The Controller Manager. The source is page 90 of Kubernetes in Action by Luksa.

22. Which of the following are true in Kubernetes? Choose all that apply.

a. Taints are for nodes.
b. Taints are for pods.
c. Tolerations are for nodes.
d. Tolerations are for pods.

Answer: A and D. The source can be found here.

23. From which of the following can you create a Docker image?

a. a Dockerfile
b. a container
c. a .tar file
d. all of the above
e. none of the above

Answer: D. The sources of this answer are as follows:

a. https://docs.docker.com/develop/develop-images/baseimages/
b. https://stackoverflow.com/questions/48874167/publishing-container-to-quay-by-example
c. A .tar file could be an image according to this https://www.thegeekdiary.com/how-to-create-docker-image-from-a-container-and-dockerfile/

24. How many Schedulers in the control plane can run in a working Kubernetes cluster? Choose the most accurate answer.

a. You must have exactly one Scheduler.
b. You can have no Schedulers or at most one Scheduler.
c. You can have one or two Schedulers for every master node.
d. You can have no Schedulers or several.

Answer: D. Page 321 of Kubernetes in Action.

25. Is there a difference between a pod specification and a manifest?

Answer: No. They are the both same as a pod template.

"Pod templates are pod specifications which are included in other objects, such as Replication Controllers, Jobs, and DaemonSets. Controllers use Pod Templates to make actual pods. The sample below is a simple manifest for a Pod which contains a container that prints a message." This previous quote and the code below this sentence were taken from https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/.

apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox
    command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']

26. Describe the lifecycle of a container.

_____________________________

Answer: Something along the lines of this would be an acceptable answer: Create container, run container, start container, stop container, restart container and/or destroy container.

27. How does Kubernetes do Service Discovery?

a. Via environment variables for the socket of the service.
b. Via DNS.
c. Both of the above.
d. Via kube-proxy
e. None of the above.

Answer: C. Source: fabric8.io.

28. Which of the following is the most recommended way to make the Kubernetes control plane highly available?

Answer: C. Source: Page 342 of Kubernetes in Action.

29. In multi-master Kubernetes control planes, list the components (one or more) that do nothing until they are designated as a --leader-elect? Choose the most correct answer.

a. API Server
b. Controller Manager
c. etcd
d. Scheduler
e. a and b
f. b and c
g. a and c
h. b and d
i. None of the above.

Answer: H. Source: Page 343 of Kubernetes in Action.

30. What namespace(s) is (or are) there by default with Kubernetes?

a. default
b. docker
c. kube-system
d. kube-public
e. kube-proxy
f. a and b
g. a and e
h. a, c, and d
i. a through e

Answer: H. Source "…there are actually three namespaces that Kubernetes ships with: default, kube-system (used for Kubernetes components), and kube-public (used for public resources)." This quote was taken from https://cloud.google.com/blog/products/gcp/kubernetes-best-practices-organizing-with-namespaces

31. What is a Kubernetes operator?

Answer: E. The source of this answer is here https://kubernetes.io/docs/concepts/extend-kubernetes/operator/. "An Operator is a method of packaging, deploying and managing a Kubernetes application." (This quote was taken from https://coreos.com/operators/.)

Operators are considered patterns according to the following sources:

To learn about the operator framework to use operators, see https://github.com/operator-framework or https://operatorframework.io/.

32. What is a difference between a readiness probe and a liveness probe?

Answer: D. The source of this answer is Kubernetes.io. For more information, see this internal posting.

33. What is a startup probe in Kubernetes?

Answer: C. The source of this answer is Kubernetes.io.

34. The Scheduler in the control plane governs future or current pod allocations in the worker nodes?

a. Current
b. Future
c. Both
d. Neither

Answer: A. This was taken from page 44 of Kubernetes in Action.

35. What are Kubernetes Admission Controllers?

Answer: C. Source: https://kubernetes.io/blog/2019/03/21/a-guide-to-kubernetes-admission-controllers/

36. How do you bypass admission control plugins? Choose the best answer.

Answer: C. For A (and B), the source is this: https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/. For B, the source is this: According to page 317 of Kubernetes in Action, these Admission Control plugins are bypassed when a client requests to read something. Modifications to pods, creating or deleting pods or pulling images would not be considered read-only requests.

37. How many ServiceAccounts can a pod be associated with?

a. None, pods do not use ServiceAccounts.
b. Zero or one.
c. One.
d. Two.
e. An infinite number

Answer: C. Source: Page 349 of Kubernetes in Action.

38. What is a ServiceAccount?

Answer: D. Source: Page 348 of Kubernetes in Action.

39. Which of the following types of services can help make a service externally accessible? Choose all that apply.

a. ClusterIP
b. LoadBalancer
c. NodePort
d. Ingress
e. None of the above.

Answer: B, C, and D. B and C according to page 135 of Kubernetes in Action. For D, an HTTP/HTTPS service can be exposed by an ingress according to this website. To learn why A is incorrect, see this https://kubernetes.io/docs/concepts/services-networking/service/

40. Every controller does which of the following?

Answer: F. For B, see page 322 of Kubernetes in Action. For C, see page 324 of Kubernetes in Action. For why A is not correct, see page 322 of Kubernetes in Action.

41. What are some discrete components that the API server interacts with directly? Choose all that apply.

Answer: A, B, E, F and I. Source: Pages 18 (for a), 318 (for b, e, and i), 319 (for f), 321 (c, d), 322 (for g, h) of Kubernetes in Action.

42. RoleBindings and ClusterRoleBindings bind Roles and ClusterRoles for which of the following?

a. Users
b. Groups
c. ServiceAccounts
d. All of the above
e. None of the above

Answer: D. Source: Page 374 of Kubernetes in Action.

43. True or False? The API server does nothing but store resources in etcd and inform clients about this process after it happens.

True
False

Source: True. Page 321 of Kubernetes in Action.

44. Which are valid types of readiness probes? Choose three.

a. a service probe
b. an HTTP GET probe
c. a TCP Socket probe
d. a liveness probe
e. an ICMP probe
f. a process listening probe
g. an Exec probe

Answer: B, C, and G. Source: Page 150 of Kubernetes in Action.

45. In open source Kubernetes, a namespace, a cluster, and a user are associated with each other with which of the following?

a. project
b. context
c. etcd
d. kubelet
e. kube-proxy
f. none of the above

Answer: B. Source is https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl. The reason it is not A is that projects are part of OpenShift.

46. Network communication between Pods happens because of which of the following?

a. Container Network Interface plugin
b. NAT
c. the kubelet
d. all of the above
e. none of the above

Answer: A. Source page 335 of Kubernetes in Action. Flannel, Calico, Romana, and Weave-net are examples of CNI plugins according to Kubernetes.io.

47. How is the PodDisruptionBudget different from the maxUnavailable setting?

Answer: D. Source Page 272 of Kubernetes in Action and the inside of back cover page, possibly considered page 595, of Kubernetes in Action.

48. How do you backout of a Kubernetes deployment named "foobar"?

a. Run "kubectl rollout undo deployment foobar"
b. Run "kubectl rollback deployment foobar"
c. Run "kubeadm revert foobar"
d. Run "kubectl backout foobar"
e. There is no supported way to do this.

Answer: A. Source 269 of Kubernetes in Action.

49. What is Kubernetes Cluster Federation?

Answer: E. With a Federation API server and the Federation Controller Manager, and a dedicated kubectl client and a dedicated etcd instance, a Kubernetes Cluster Federation can manage the control planes of multiple Kubernetes clusters. For more information, see https://coreos.com/blog/kubernetes-cluster-federation.html

50. What pair of components handle DNS resolution in Kubernetes pods?

Answer: D. Source: Page 129 of Kubernetes in Action.

51. What is Envoy?

Answer: B. Source: What is Envoy in Kubernetes?

52. Which of the following are Quality of Service class designations for a Pod? Choose all that apply.

a. Available
b. BestEffort
c. NonPreemptive
d. Reserved
e. Shared
f. Guaranteed
g. Minimal
h. HighAvailable
i. Burstable
j. HighPriority

Answer: B, F, and I. For the source of this, see this external page. For more information, see https://www.replex.io/blog/everything-you-need-to-know-about-kubernetes-quality-of-service-qos-classes

53. On Kubernetes 1.11 or higher, when an existing PVC's size is requested to be enlarged, what happens by default (assuming there is space available)?

a. A new volume is created and the pre-existing one is destroyed.
b. A new volume is created and the pre-existing one remains.
c. The pre-existing one's size is expanded.
d. The request fails.

Answer: C. Source: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#expanding-persistent-volumes-claims

54. What kubectl command would you use to remove pods from a node before maintenance without making the node unschedulable?

a. kubectl evict
b. kubectl cordon
c. kubectl uncordon
d. kubectl drain
e. kubectl taint
f. kubectl taint all

Answer: D. Source: https://kubernetes.io/docs/tasks/administer-cluster/safely-drain-node/#use-kubectl-drain-to-remove-a-node-from-service

55. Name three verbs that the Kubernetes API server supports (e.g., /v1/api/dosomething).
________
________
________

Answer: Options include GET, CREATE, UPDATE, PATCH, DELETE and PROXY
Source: https://kubernetes.io/docs/reference/using-api/api-concepts/#single-resource-api

56. Name three different distributions of Kubernetes.

_______________
_______________
_______________

Answer: Here are several possible options:
Azure Kubernetes Service (AKS, Microsoft's Kubernetes-as-a-Service)
Canonical Distribution of Kubernetes
Elastic Kubernetes Service (EKS, Amazon's Kubernetes-as-a-Service)
Google Kubernetes Engine (GKE, Google's Kubernetes-as-a-Service)
Heptio Kubernetes Subscription
Kotena Pharos
Minikube
open-source Kubernetes
OpenShift
Pivotal Kubernetes Service (owned by VMware)
Rancher 2.x
SUSE Container as a Service Platform
Gravity

57. What is a service mesh?
______________________________________________

Answer: An optional component of Kubernetes that provides more features or better security. For more details, see this posting.

58. Name three different service meshes for K8S.
________________________
________________________
________________________

Answer: Any of these are acceptable:

AWS App Mesh
Consul Connect
Kuma
Istio
Linkerd
OpenShift Service Mesh
VMware Tanzu Service Mesh (formerly VMware NSX)

59. What is Ambassador in Kubernetes?

Answer: K.
For A, see page 139 of Kubernetes Patterns by Bilgin Ibryam and Roland Huß (O'Reilly). Copyright 2019 Bilgin Ibryam and Roland Huß, 978-1-492-05028-5.
For D, "Ambassador is an open-source Envoy-based ingress controller." taken from https://kubernetes.io/blog/2020/06/05/supporting-the-evolving-ingress-specification-in-kubernetes-1.18/#supporting-kubernetes-ingress
For E, see https://blog.getambassador.io/load-balancing-strategies-in-kubernetes-l4-round-robin-l7-round-robin-ring-hash-and-more-6a5b81595d6c

60. The concept of standing up the new pods simultaneously while all of the old pods are still running (and later dissolve the old pods) describes which pattern?

a. Rolling update
b. Blue/Green release
c. Canary release
d. Recreate strategy
e. Stand-up release
f. Fixed deployment
g. Standard update

61. Which of the following were influenced from the the Gang of Four Design Patterns book?

a. Kubernetes design patterns
b. Apache Camel's architecture and features
c. Both of the above
d. None of the above

Answer: C. Source for A is from page 4 of Kubernetes Patterns by Bilgin Ibryam and Roland Huß (O'Reilly). Copyright 2019 Bilgin Ibryam and Roland Huß, 978-1-492-05028-5. The source of B is https://camel.apache.org/manual/latest/book-getting-started.html. Camel is relevant to Kubernetes; for more information about this, see https://camel.apache.org/components/latest/kubernetes-summary.html

62. Which of the following is ideal for a kube-proxy or some cluster-wide operator such as a log collector?

a. DaemonSet
b. ReplicaSet
c. CronJob
d. Deployment

63. Which of the following is a way that will cause Kubernetes to scale out? Chose the most accurate response.

64. Which component of Kubernetes is responsible for deleting the persistent volumes so they can be recycled after a StatefulSet has been discarded?

a. the API server
b. the Kubelet
c. the Controller Manager
d. the Scheduler
e. None of the above

Answer: E. Persistent volumes are not automatically deleted or recycled. The source of this is pages 91 and 92 of Kubernetes Patterns by Bilgin Ibryam and Roland Huß (O'Reilly). Copyright 2019 Bilgin Ibryam and Roland Huß, 978-1-492-05028-5.

65. What is the rule syntax in a YAML file to prevent a Pod from running as root?

a. NoAllowPrivilegeEscalation
b. RootNotAllowed
c. MustRunAsNonRoot
d. RunAsNonRoot

Answer: C. Source https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/#8-run-containers-as-a-non-root-user

66. What is the difference between uncordon and taint?

a. uncordon marks a node as unschedulable (for any pod), but a taint marks a pod as unsuitable for certain nodes
b. uncordon marks a node as unsuitable for certain pods, but a taint marks a pod as unscheduable with certain nodes
c. uncordon marks a node as schedulable, but a taint marks a node as unsuitable for certain pods
d. None of the above.

Answer: C. Source: https://www.continualintegration.com/miscellaneous-articles/what-are-some-common-kubectl-commands/

67. What is a Docker tag? Choose the most correct answer.

Answer: D. Source https://www.freecodecamp.org/news/an-introduction-to-docker-tags-9b5395636c2a/
To understand the differences of a registry and a repository, see this posting.

68. To tag an image, you would run which of the following?

a. docker tag
b. docker build -t
c. docker build --tag
d. All of the above
e. None of the above

Answer: D. Sources:
https://docs.docker.com/engine/reference/commandline/tag/
https://docs.docker.com/engine/reference/commandline/build/

Answer: A, B, and D. Source: Page 18 of Kubernetes in Action by Marko Luksa.

70. What type of logging solution underlies Kubernetes' built-in ability to monitor individual containers and the node itself?

a. Heapster
b. cAdvisor from inside kube-proxy
c. cAdvisor from inside the Kubelet
d. cAdvisor on the node from outside the Kubelet
e. cAdvisor inside the container runtime
f. the Kubelet

Answer: C. Source: https://www.cloudforecast.io/blog/cadvisor-and-kubernetes-monitoring-guide/

See also page 430 of Kubernetes in Action by Marko Luksa.

Heapster is not correct because it is obsolete; see https://github.com/kubernetes-retired/heapster for more information.

71. What are valid types of taints?

Answer: G. Source: https://medium.com/kubernetes-tutorials/making-sense-of-taints-and-tolerations-in-kubernetes-446e75010f4e

See also page 460 of Kubernetes in Action.

72. How many etcd nodes is it recommended for the production implementation of the Kubernetes cluster?

a. 1
b. 3
c. 5
d. 6

Answer: C. Source: https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/

73. What is the difference between a pod and a container?
___________________________________________
Answer: A container is not necessarily a pod. A pod is one or more containers.

Pods are the smallest deployable units of computing that you can create and manage in Kubernetes. A Pod (as in a pod of whales or pea pod) is a group of one or more containers, with shared storage and network resources, and a specification for how to run the containers.
Taken from https://kubernetes.io/docs/concepts/workloads/pods/

You may want to buy a Kubernetes book.

How Do You Prepare for a Job Interview as a Software Engineer?

Question
How do you prepare for a job interview as a software engineer?

Answer
You may want to go to these pages:

Buy books on technical aspects of coding or one that is geared toward technical questions that may be asked. Here are some options:

Coding Interview Questions, Kindle Edition by Karumanchi
Cracking the Coding Interview: 189 Programming Questions and Solutions 6th Edition
Dynamic Programming for Coding Interviews: A Bottom-Up approach to problem solving
Elements of Programming Interviews in Python (Note that this is geared toward Python programmers.)
Introduction to Algorithms by Thomas Cormen, Charles Leiserson, Ronald Rivest, Clifford Stein
Programming Interviews Exposed: Secrets to Landing Your Next Job (This book could help a Python programmer, but it is geared toward C, C++, C#, Java and JavaScript developers.)
Programming Pearls by Jon Bentley

To learn about programming in general, see this site or this page.

To prepare for a Java, Python, C, C++ technical interview, see this site.

To find a book on these subjects, click the appropriate link: C#, Hadoop, and RESTful APIs

It is not free, but you may want to try algoexpert.io.

Not only is coding in an interview different from coding for a business over the course of several months, the years of experience a person has may not be a factor in how efficient/productive an employee is. The Mythical Man-Month (on page 30) cites a 1960s study that found that there was no correlation between work performance and years of experience in a programmer. Given the age discrimination that some older job seekers have felt in I.T., this idea that years of experience is irrelevant to true productivity may be true in the modern world of programming. Be encouraged whatever age you are; the environment (or the idiosyncrasies of the employer) and situation of the position may be the main factor for your success.

How Do You Find the Largest and Smallest Numbers in a Python List in O(N^2) Time?

Problem scenario
You want to write a Python program that will accept a list of integers interactively. You want the program to find and print out the largest number and the smallest number of the list entered. You do not want to use the max() or min() functions (which work in Python 3 without importing any library).

What do you do?

Solution

def extremefinder(mainlist):
  a = len(mainlist) - 1
  b = len(mainlist)
  maxnum = 0
  minnum = 0
  for x in mainlist:
    low = 0
    high = 0
    for y in mainlist:
      if (x > y):
          low = low + 1
          if (low == a):  # This never evaluates if x == y. So we use "a" var
            maxnum = x
      else:
          high = high + 1
          if (high == b):   # This handles x == y conditions. So we use "b" var
            minnum = x
  print("The highest number of array provided is on the left below this line")
  print (maxnum, minnum)
  print("The lowest number of array provided is on the right above this line")

print("This program will return the largest and smallest integers from the array provided")
mainlist = list(map(int, input("Please enter a space-separated list of integers: ").rstrip().split()))
extremefinder(mainlist)

Many Ways to Optimize an OLTP Database Running PostgreSQL

Updated on 2/1/22
Tuning relational databases and related processes can be somewhat simple or very complex. OLTP databases have many processes governing the usage of resources. Optimizing these and keeping locks granular and efficient in accord with business requirements is key to having high performance and reliability.

Studying the business requirements carefully can allow you to redesign the database and the SQL queries to make things happen more efficiently. You could rewrite stored procedures to involve less computational complexity.

We cannot provide every possible way of enhancing the performance of your PostgreSQL database given the multitude of idiosyncrasies that could exist. We hope that some of these ideas give you some ideas of where to begin.

1. Find which query or operation is slow. It may be that your PostgreSQL OLTP database is performing acceptably for most operations, but one query is not working. If you want more assistance is determining which query is having a problem, see this external page.

2. Place important indexes of heavily used tables on solid state disks. You do this with manually configuring tablespaces to be mounted on such disks. We appreciate that cost constraints can keep you from using solid state disks exclusively. Indexes with rapidly changing statistics should be placed on the fastest disks available.

3. Use the autovacuum feature. Tables with many updates and deletes will change rapidly. Updated and deleted rows are called "dead rows" or "dead tuples." The autovacuum feature will automatically eliminate "dead tuples." To read more see this posting.

4. Avoid aggregate (min, max and count) SQL commands if possible.

5. Avoid SELECT *. Try to select only the columns you need.

6. Utilize indexes properly. Indexes on columns with highly varied data are more efficiently used than with indexes with columns that have unvaried data. Multi-column indexes can be created to ensure the index key tends to be unique. DML operations with such indices are the most efficient.

If you have SQL statements that will only operate on a portion of the rows, partial indexes can be ideal for overall performance. Partial indexes may be limited to SQL statements with a WHERE clause to filter only matching rows. These indexes take up less space and need to be updated less frequently compared to normal indexes.

In Postgres version 11 covering indexes can satisfy all the columns requested by predefined SELECT statements. You can obviate locks on a table and optimize performance by including only the columns necessary in a covering index. Indexes that do not have excessive complexity in their binary trees can be more useful than those with excessive complexity based on how the rows are looked up. Properly designed covering indexes include leaf columns that have the desired trees for optimal leverage of the index's binary tree. To learn more about covering indexes, see this posting.

If the corresponding metadata of a table is not updated when a table is updated, the query planner will rely on stale metadata. Performance of a PostgreSQL database with outdated statistics will perform poorly. In some cases indexes that are not updated regularly enough defeat their purpose of improving performance and can even be counterproductive. Statistics must be kept up-to-date. But too frequent of updates to statistics could degrade performance.

Do not have excessive numbers of indexes. For OLTP operations, statistics must be updated for each index. Having unnecessary indexes will slow your database performance with each DML command. The indexes themselves will also consume disk space.

7. Normalize the database. Some databases start out denormalized as the database architect did not think the program would become popular or grow. Normalized tables are usually less useful to humans when looking at them directly than denormalized tables. But highly normalized tables involve less locking during OLTP operations. PostgreSQL is ACID-compliant and normalization facilitates this feature. (In some instances, if there are joins across large datasets, you may want to have duplicative data in denormalized form. Usually OLTP databases benefit from normalization, hypotehtically it is possible that denormalized tables could help specific read applications.)

8. Do not run expensive queries during peak hours. Full database backups during peak business hours are not recommended. If you are not sure if a SQL statement is expensive use the EXPLAIN command. The EXPLAIN command will find a cost of a query without actually running it. This is advantageous because it will rely on statistics and not cause a significant load on your database. EXPLAIN ANALYZE will actually run the query and provide details of what is happening behind-the-scenes. These can be helpful when trying to learn more about what your stored procedures will do to the database. To learn about the health of your database in a public cloud, you may want to learn more about Azure Metrics, Cloud SQL (in GCP) which provides metrics data with instance information, or Amazon RDS monitoring.

9. If you need additional disk space (e.g., for solid state disks which are very fast), you may want to analyze the data types chosen in your tables. Sometimes business requirements allow you to maintain precision with datatypes that do not facilitate the same range of values. If you can maintain necessary accuracy and redesign tables to use columns that are minimally large enough to accommodate expected growth of the values of new data, using such datatypes can keep the size of tables smaller. Refactoring database tables can be a big task. If there is ample RAM and lots of disk I/O activity, you may want to increase the default work_mem value. For adjusting memory settings for PostgreSQL specifically, you may want to view this external site.

10. If you have ample disk space, created materialized views or temporary tables to query from. Complex computations can be expensive. Keeping a materialized view or temporary table can reduce CPU and RAM utilization. If you have configured TABLESPACE appropriately, having materialized views can reduce I/O contention and deadlocks. Well-designed materialized views can enhance your database performance significantly.

11. The query planner has limitations. If statistics are not being updated as rapidly as the database tables are being updated, the query planner will not be operating in the most efficient manner.

There are many operations that have constant values (sometimes they are integers while others are floating point values) that serve as default weights in PostgreSQL. Through scrutiny of your system, research and/or trial-and-error, you could optimize the query planner by granularly modifying these values for over 12 different constants. This could increase the efficiency of your system. The default values will be used, but they are not necessarily the most appropriate for your needs and hardware.

For example the query planner may place an arbitrary estimate on fetching pages from a database. Fetching pages (sections of a database table) from sequential pages is a different operation from randomly selecting pages. If your database tables tend to be in memory, placing a lower value for the random_page_cost may help the query planner. Likewise if you are in a memory-constrained environment, then setting a higher value for the random_page_cost may make the query planner consider costs in a more accurate way.

To learn more about these different values (other than the cost of fetching pages), see this page.

12. From a pragmatic perspective network latency can be factor with database performance. Optimizing networks to minimize congestion and packet collisions is beyond the scope of this posting. Operating system environments that support PostgreSQL can also impact database performance. Tuning and architecting servers is also beyond the scope of this posting.

13. For text indexing, SQL databases are not always the best. NoSQL options may be more suited. Elastic Search or Apache Lucene may be what could help you for searching text files.

14. If your OLTP database uses a user-defined function or stored procedure that uses procedural logic (e.g., looping through each row), see if you can re-write it to use a CASE statement. In SQL Server, CASE statements are much faster (according to the SQL Server 2008 Bible).

15. If the database is large, use partitioning and/or sharding. "Sharding and partitioning are both about breaking up a large data set into smaller subsets. The difference is that sharding implies the data is spread across multiple computers while partitioning does not." (This quote was taken from https://hazelcast.com/glossary/sharding/.) To learn more about partitioning or sharding (which can be complicated), see these pages:

https://www.percona.com/blog/2019/05/24/an-overview-of-sharding-in-postgresql-and-how-it-relates-to-mongodbs/
https://wiki.postgresql.org/wiki/WIP_PostgreSQL_Sharding
https://pgdash.io/blog/postgres-11-sharding.html
https://www.highgo.ca/2020/03/12/horizontal-scalability-sharding-in-postgresql-core-missing-pieces-of-the-puzzle/
https://medium.com/swlh/beginners-guide-to-table-partitioning-in-postgresql-5a014229042
https://severalnines.com/database-blog/guide-partitioning-data-postgresql
https://www.enterprisedb.com/blog/postgres-table-partitioning
https://www.enterprisedb.com/postgres-tutorials/how-use-table-partitioning-scale-postgresql
https://www.postgresql.org/docs/10/ddl-partitioning.html

16. Memory buffers act as a cache; this setting in PostgreSQL is known as shared_buffers. To optimize the OLTP operations, adjust the shared_buffers size to be either lower or higher. To learn more, see these postings:
https://www.postgresql.org/docs/9.1/runtime-config-resource.html
https://redfin.engineering/how-to-boost-postgresql-cache-performance-8db383dc2d8f

17. Configure checkpoints to happen in longer duration intervals.

A checkpoint is a point in the transaction log sequence at which all data files have been updated to reflect the information in the log. All data files will be flushed to disk.
https://www.postgresql.org/docs/9.2/sql-checkpoint.html

By default they happen every five minutes on systems with a low load. If they happen less frequently, you should get better performance. The max_wal_size parameter can be configured differently; the checkpoints can happen in a way that is influenced by this number. "The general rule is: increasing this [max_wal_size] value will lead to more space consumption, but improve write performance at the same time." This optimization tip was adopted, and its last sentence quoted, from https://www.cybertec-postgresql.com/en/postgresql-what-is-a-checkpoint/

18. At the OS level if you are running Linux, you may want to enable hugepages.

How Do You Install pip on a RHEL Server in AWS?

Problem scenario
You want to install pip on a RedHat Enterprise Linux server in AWS. What do you do?

Solution
Prerequisites
This assumes that Python has been installed. If it has not, run this command:
sudo yum -y install python3

Procedures
You may want to try these two commands first:

sudo find / -name pip sudo find / -name pip3

If the above did not help you, run these three commands:
curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py" sudo python3 get-pip.py # use python if python3 is not found
sudo ln -s /usr/local/bin/pip /usr/bin/pip

How Big is a Page in SQL Databases?

Question
Pages are sizes of a database table read from disk and placed into memory (either virtual memory or into RAM). Is a page always 8 KB in a SQL database?

Answer
No. But they are often 8 KB in size.

PostgreSQL has pages that are 8 KB in size (according to this page).
MySQL pages vary in size from 8 KB to 64 KB (according to this page).
Oracle pages are 4K in size, but Oracle supports HugePages which are bigger. To read more see this page.
SQL Server has pages that are 8 KB in size (according to this page).

What is the Difference between a Readiness Probe and a Liveness Probe in Kubernetes?

Question
What is a difference between a readinessprobe and a livenessprobe besides how the corresponding fields are used in defining a Pod using YAML?

Answer
At most a failed liveness probe will result in the restarting of a container. At most a failed readiness probe will result in the removing a pod from the endpoint of a service (page 150 of Kubernetes in Action).

Another difference is that the kubectl get po command will show the results of "liveness" pods only indirectly -- in the "RESTARTS" column. The livenessprobe has the ability to signal to the kubelet that the container must be restarted. (The kubelet could be used to restart the container without the liveness probe.)

The kubectl get po command will show a variety of statistics, and one column in the results of this command is "READY". The "0/1" value would indicate that zero containers out of one are ready based on the readiness probe failing. This is a direct indication of the readiness probe in the kubectl get po command's results.

To learn more, you may want to read this posting by Colin Breck or this posting on the Kubernetes.io website.

How Do You Open a Port to Connect to a GCP server?

Problem scenario
You are used to AWS Security Groups. You created a firewall rule in GCP. You cannot seem to reach the GCP server. What is wrong?

Possible Solution
Does the GCP firewall rule use the same shorthand notation like this?
x.x.x.x/32

Inbound rules in AWS Security Groups use the /32 to allow an IP address to connect to an EC-2 instance or service. For GCP, this /32 will not work. Use /24 or something along those lines.

You may want to see this "How Do You Get a GCP Server to Present a Website on the Internet?" for details.