Karpenter Multi-Team Clusters: NodePools, Weights & Isolation

Karpenter Multi-Team Clusters: NodePools, Weights & Isolation

Architecting a single Karpenter cluster for ML, Backend, and Batch teams means getting NodePool weights and taint-based isolation right — or pods land somewhere expensive and wrong. You'll learn: * How to define separate NodePools per team — ml-gpu (p3/p4 instances), backend (m5/m6), and batch-spot (Spot, any family) * How Karpenter's spec.weight field drives pool selection: higher weight wins, ties break randomly * The exact selection sequence — Karpenter first finds every pool that can satisfy the pod, then ranks by weight * Why taints alone aren't enough: pairing gpu=true:NoSchedule and spot=true:NoSchedule with matching tolerations gives you hard isolation * Senior gotcha: labels control scheduling preference, taints enforce it — you need both for airtight multi-team separation Keywords: Karpenter NodePool weights, multi-team Kubernetes cluster, Karpenter GPU NodePool, Karpenter spot instances, Kubernetes taint isolation 🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud [https://DevOpsInterview.Cloud/?utm_source=podbean&utm_medium=podcast&utm_campaign=shownotes]

Karpenter EC2NodeClass: AMI, Subnets, and EBS Config

When your security team mandates a specific AMI, private subnets, custom security groups, and encrypted EBS, Karpenter's EC2NodeClass is exactly where all of that infrastructure detail lives. You'll learn: * The core separation of concerns: NodePool defines what to provision (requirements, constraints); EC2NodeClass defines how (the cloud-provider infrastructure details) * How to pin a specific AMI using amiSelectorTerms and lock nodes to private subnets via tag-based subnetSelectorTerms * Configuring securityGroupSelectorTerms and enforcing EBS encryption through blockDeviceMappings in the EC2NodeClass spec * How nodeClassRef wires a NodePool to a NodeClass — and why one NodeClass can back many NodePools, making AMI rotation straightforward Keywords: Karpenter EC2NodeClass, Karpenter NodePool vs NodeClass, Karpenter AMI selection, Karpenter private subnets, Kubernetes node provisioning security 🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud [https://DevOpsInterview.Cloud/?utm_source=podbean&utm_medium=podcast&utm_campaign=shownotes]

Karpenter Consolidation & Drift: 2 AM Node Cleanup

Your cluster is burning 50 nodes at 10% utilization at 2 AM with a stale AMI — here's exactly how Karpenter's disruption engine handles both problems automatically. You'll learn: * Setting consolidationPolicy: WhenEmptyOrUnderutilized with a consolidateAfter: 30s window to drain and terminate underutilized nodes * How Karpenter's drift detection compares live node spec against the current NodeClass — and marks nodes drifted when the AMI changes * Using expireAfter: 720h to force a rolling node refresh every 30 days as a TTL safety net * Why consolidation, drift, and expiration are all forms of the same primitive: Karpenter's disruption mechanism Keywords: Karpenter consolidation, Karpenter drift detection, node expiration TTL, Kubernetes node lifecycle, Karpenter NodePool disruption 🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud [https://DevOpsInterview.Cloud/?utm_source=podbean&utm_medium=podcast&utm_campaign=shownotes]

Karpenter Lifecycle: How GPU Pods Get Unstuck

A pending ML training job needing 8 GPUs is a classic Karpenter interview scenario — here's the exact four-step lifecycle an interviewer expects you to walk through. You'll learn: * Why the K8s scheduler marks pods unschedulable and how Karpenter's controller watches for that signal * How Karpenter evaluates all pod constraints at once — resource requests, nodeSelector, nodeAffinity, tolerations, and topology spread * How it calls the EC2 API to select the right instance (p3.16xlarge for 8 GPUs) in the correct availability zone * Why Karpenter provisions the node but the K8s scheduler still does the final pod binding — a gotcha that trips up a lot of candidates Keywords: Karpenter node provisioning, Kubernetes GPU scheduling, pending pods interview question, Karpenter vs cluster autoscaler, K8s scheduler lifecycle 🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud [https://DevOpsInterview.Cloud/?utm_source=podbean&utm_medium=podcast&utm_campaign=shownotes]

Azure Container Apps Migration: Zero-Downtime .NET & SQL AG

Migrating a stateful .NET app from Azure VMs to Azure Container Apps without dropping a single request — including SQL Server Always On AG failover — is exactly the kind of scenario senior interviewers throw at platform engineers. You'll learn: * How to containerize a stateful .NET app and handle session/state externalization before cutover * Azure Container Apps environment setup: managed environments, Dapr sidecars, and ingress configuration for gradual traffic shifting * SQL Server Always On Availability Group failover patterns — listener routing, read-scale replicas, and avoiding split-brain during migration * Blue/green and weighted traffic strategies in Azure Container Apps to achieve zero-downtime cutover * Common gotchas: persistent volume claims, connection string management with Key Vault references, and health probe tuning Keywords: Azure Container Apps migration, SQL Server Always On failover, zero downtime .NET containerization, stateful app Azure Kubernetes migration, platform engineering interview 🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud [https://DevOpsInterview.Cloud/?utm_source=podbean&utm_medium=podcast&utm_campaign=shownotes]