Scribd
Upload
75 views

CKA Questions LP

Uploaded by

anisuzzaman1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
75 views

CKA Questions LP

Uploaded by

anisuzzaman1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Q-1: You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a

specific ServiceAccount scoped to a specific namespace.

Task -
Create a new ClusterRole named deployment-clusterrole, which only allows to create the following
resource types:
a) Deployment
b) Stateful
c)DaemonSet
Create a new ServiceAccount named cicd-token in the existing namespace app-team1.
Bind the new ClusterRole deployment-clusterrole to the new ServiceAccount cicd-token, limited to the
namespace app-team1.

Q-2:
Task -
Set the node named ek8s-node-0 as unavailable and reschedule all the pods running on it.

Q-3:
Task -
Given an existing Kubernetes cluster running version 1.22.1, upgrade all of the Kubernetes control
plane and node components on the master node only to version 1.22.2 Be sure to drain the master node
before upgrading it and uncordon it after the upgrade.

Q-4:
Task -
First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379, saving the
snapshot to /var/lib/backup/etcd-snapshot.db.
The following TLS certificates/key are supplied for connecting to the server with etcdctl :
• CA certificate: /opt/KUIN00601/ca.cn
• Client certificate:
/opt/KUIN006011etcd-client.crt
• Client key:
/opt/KUI N00601/etcd-client.key
Creating a snapshot of the given instance is expected to compfete in seconds.
If the operation seems to hang. something's likely wrong with your command. Use
+ c to cancel the operation and try again.
Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previous.db.

Q-5:
Task -
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace fubar.
Ensure that the new NetworkPolicy allows Pods in namespace internal to connect to port 9000 of Pods
in namespace fubar. Further ensure that the new NetworkPolicy:
a) does not allow access to Pods, which don't listen on port 9000
b) does not allow access from Pods, which are not in namespace internal
Q-6:
Task -
Reconfigure the existing deployment front-end and add a port specification named http exposing port
80/tcp of the existing container nginx. Create a new service named front-end-svc exposing the
container port http.
Configure the new service to also expose the individual Pods via a NodePort on the nodes on which
they are scheduled.

Q-7:
Task -
Scale the deployment presentation to 3 pods.

Q-8:
Task -
Schedule a pod as follows:
a) Name: nginx-kusc00401
b) Image: nginx
c) Node selector: disk=ssd

Q-9:
Task -
Check to see how many nodes are ready (not including nodes tainted NoSchedule) and write the
number to /opVKUSC00402/kusc00402.txt.

Q-10:
Task -
Schedule a Pod as follows:
a) Name: kucc8
b) App Containers: 2
c) Container Name/Images:
• nginx
• consul

Q-11:
Task -
Create a persistent volume with name app-data, of capacity 2Gi and access mode ReadOnlyMany. The
type of volume is hostPath and its location is /srv/app- data.
Q-12:
Task -
Monitor the logs of pod foo and:
a) Extract log lines corresponding to error file-not-found
b) Write them to /opt/KUTR00101/foo

Q-13:
Context-
An existing Pod needs to be integrated into the Kubernetes built-in logging architecture (e.g. kubectl
logs). Adding a streaming sidecar container is a good and common way to accomplish this requirement.

Task -
Add a sidecar container named sidecar, using the busybox image, to the existing Pod big-corp-app. The
new sidecar container has to run the following command:
/bin/sh -c "tail -n l -f /var/log/big-corp-pp.log"
Use a Volume, mounted at /var/log, to make the log file big-corp-app.log available to the sidecar
container.
Don't modify the specification of the existing container other than adding the required volume mount.

Q-14:
Task -
From the pod label name=overloaded-cpu, find pods running high CPU workloads and write the name
of the pod consuming most CPU to the file /opt/ KUTR00401/KUTR00401.txt (which already exists).

Q-15:
Task -
A Kubernetes worker node, named wk8s-node-0 is in state NotReady.
Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state,
ensuring that any changes are made permanent.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy