Kubernetes is powerful and unforgiving. These questions check whether a candidate understands its objects and failure modes, not just kubectl apply.
Hiring a Kubernetes developer is easy. Telling a real one from a convincing résumé is the hard part — and it’s most of what we do. These are grouped by level, because the same question that stretches a junior is a warm-up for a senior.
Junior Kubernetes interview questions
0–2 years
Core objects.
What is Kubernetes and what problem does it solve?
A container orchestrator that schedules, scales and heals containerised workloads across a cluster declaratively.
Thinks it’s just “Docker at scale” with no detail.
What is a pod?
The smallest deployable unit, one or more tightly-coupled containers sharing network and storage.
Thinks a pod is always a single container.
What is a Deployment?
A controller that manages a ReplicaSet to run and update a desired number of pod replicas, enabling rolling updates.
Creates pods directly with no controller.
What is a Service and why do you need one?
A stable network endpoint and load balancer for a set of ephemeral pods selected by labels.
Talks to pod IPs directly, which change constantly.
What is the difference between a Deployment and a StatefulSet?
Deployments suit stateless apps; StatefulSets give stable identities and storage for stateful workloads.
Runs a database as a plain Deployment.
What are labels and selectors?
Key-value tags on objects and the queries that match them, wiring services to pods and organising resources.
Hardcodes relationships instead of using labels.
What is a namespace?
A virtual cluster partition for isolating and organising resources and applying quotas/policies.
Puts everything in default.
What is the difference between a ConfigMap and a Secret?
ConfigMaps hold non-sensitive config; Secrets hold sensitive data (base64-encoded, ideally encrypted at rest).
Stores passwords in a ConfigMap.
Mid-level Kubernetes interview questions
2–5 years
Scheduling and networking.
How do liveness and readiness probes differ?
Liveness restarts a stuck container; readiness controls whether it receives traffic. Confusing them causes outages.
Uses one probe for both or none at all.
How do requests and limits work?
Requests reserve resources for scheduling; limits cap usage. Missing requests cause poor scheduling; low limits cause OOM kills and throttling.
Sets no resource requests or limits.
How does the Horizontal Pod Autoscaler work?
It scales replica count based on metrics like CPU or custom metrics against a target.
Scales manually and reactively.
How does networking and service discovery work?
Every pod gets an IP; Services provide stable DNS names; kube-proxy/CNI route traffic.
Hardcodes IPs between services.
What is an Ingress?
An HTTP(S) router that exposes services externally with host/path rules and TLS, backed by an ingress controller.
Exposes every service with a separate LoadBalancer.
How do rolling updates and rollbacks work?
Deployments replace pods gradually respecting availability, and can roll back to a previous revision on failure.
Deletes and recreates all pods, causing downtime.
How does persistent storage work?
PersistentVolumeClaims request storage that PersistentVolumes (often dynamically provisioned) satisfy, decoupling pods from disks.
Writes important data to the pod filesystem.
What causes a pod to be stuck in Pending or CrashLoopBackOff?
Pending often means unschedulable (resources/affinity); CrashLoopBackOff means the container keeps exiting — check logs and events.
Deletes the pod repeatedly instead of reading events/logs.
Senior Kubernetes interview questions
5+ years
Operations and reliability.
How do you debug a failing workload systematically?
kubectl describe and events, logs, probe status, resource pressure, and recent changes — narrowing from symptom to cause.
Restarts things hoping it fixes itself.
How do you secure a cluster?
RBAC least privilege, network policies, non-root containers, secrets management, image scanning, and pod security standards.
Cluster-admin for everything and no network policy.
How do you manage configuration across environments?
Templating/overlays (Helm/Kustomize) and GitOps so cluster state is declarative and reviewable.
Applies hand-edited manifests directly to prod.
How do you plan for high availability and disruption?
Multiple replicas across nodes/zones, PodDisruptionBudgets, anti-affinity, and tested node drains.
Runs a single replica of critical services.
How does autoscaling work end to end?
HPA for pods, Cluster Autoscaler for nodes, and requests/limits set correctly so scaling decisions are sane.
Enables HPA but sets no resource requests.
How do you roll out changes safely?
Progressive delivery (canary/blue-green), health gates, and automated rollback on failure metrics.
Ships straight to all replicas with no canary.
How do you approach observability in Kubernetes?
Metrics (Prometheus), centralised logs and tracing tied to SLOs, plus alerting on symptoms not just resource usage.
Only checks if pods are “Running.”
When is Kubernetes overkill?
For small, simple workloads where its operational complexity outweighs the benefits; a simpler platform may fit better.
Insists everything needs Kubernetes.
Build and score a full interview with our free interview scorecard tool, browse the full question hub, or see how we interview engineers.