🔍
👤
⚙️ Module 5 4 LabsEst. 50 min

Advanced Workloads & Scheduling

Control exactly where and how your workloads run using DaemonSets, Jobs, and Affinities.

Theory: Beyond Standard Deployments

While Deployments are great for standard web servers, Kubernetes provides controllers for specialized workloads.

Workload Types

  • DaemonSet: Ensures a copy of a Pod runs on *every* node (e.g., logging agents).
  • Job: Runs a task to completion (e.g., a DB migration).
  • CronJob: Runs a Job on a specific schedule.

Advanced Scheduling

Normally, the scheduler places pods wherever there is room. You can constrain this using:

  • Node Affinity: "Prefer to run on nodes with SSDs."
  • Taints & Tolerations: Nodes push pods away (Taint) unless the pod explicitly has the antidote (Toleration).

Deep Dive: Autoscaling Flows

The Horizontal Pod Autoscaler (HPA) scales the number of Pod replicas based on observed CPU utilization or custom metrics. The Vertical Pod Autoscaler (VPA) increases/decreases the CPU and Memory resource requests/limits for existing Pods.

graph LR; Metrics[Metrics Server] -.-> |Reports 85% CPU| HPA[HPA Controller] HPA --> |Calculates target: 5 pods| Deploy[Deployment] Deploy --> |Scales up| RS[ReplicaSet] RS --> |Creates| P1(Pod 4) RS --> |Creates| P2(Pod 5) style HPA fill:#8b5cf6,stroke:#a78bfa,stroke-width:2px,color:#fff

3. InitContainers and Troubleshooting

An InitContainer runs to completion before the main app containers start (e.g., waiting for a DB to be ready, or running database migrations). If a main container crashes immediately on start, it enters a CrashLoopBackOff state, often requiring kubectl logs --previous to debug.

Hands-on Labs

Lab 1: DaemonSets
Deploy a DaemonSet configured to run a fluentd logging agent.
kubectl apply -f daemonset.yaml
Lab 2: One-time Job
Run a Job that calculates Pi to 2000 places, then terminates.
kubectl apply -f pi-job.yaml
Lab 3: Tainting a Node
Taint node-1 so standard pods won't schedule there anymore.
kubectl taint nodes node-1 special=true:NoSchedule
Lab 4: Tolerating a Taint
Deploy a pod with a specified toleration to bypass the node-1 taint.
kubectl apply -f tolerant-pod.yaml

Interview Prep: Advanced Workloads

Q: What is the difference between Node Affinity and Taints/Tolerations?

Node Affinity is a property of Pods that attracts them to a set of nodes (e.g., "schedule this pod only on nodes with GPU=true"). Taints are a property of Nodes that repel Pods unless the Pod explicitly has a matching Toleration. They are often used together to create dedicated nodes.

Q: CrashLoopBackOff: What causes it and how do you debug it?

It means a pod repeatedly fails to start or crashes immediately after starting. Common causes: missing dependencies, bad configuration/secrets leading to an application panic, or OOM (Out of Memory) kills. You debug it by running `kubectl logs my-pod --previous` to see the logs from the crashed container before it was restarted.

Q: Why use an InitContainer instead of doing setup in the main container's script?

InitContainers securely separate setup logic (like fetching secrets from Vault or running DB migrations) from the main app. They can contain tools that you don't want in the app image for security reasons. Also, if an InitContainer fails, K8s will repeatedly restart the Pod until it succeeds, blocking the app container from starting prematurely.

Module Knowledge Check

Question 1

Terminal Simulator
root@k8s-master:~#