Scribd
Upload
296 views75 pages

Ckav7 0

The document outlines various tasks and solutions related to the Certified Kubernetes Administrator (CKA) exam, including creating persistent volumes, managing pods, and executing commands within Kubernetes. It provides specific commands and YAML configurations for tasks such as creating pods with environment variables, scaling deployments, and monitoring logs. Each task is accompanied by an explanation and the expected output or actions to be taken.

Uploaded by

Ilir Isaj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
296 views75 pages

Ckav7 0

The document outlines various tasks and solutions related to the Certified Kubernetes Administrator (CKA) exam, including creating persistent volumes, managing pods, and executing commands within Kubernetes. It provides specific commands and YAML configurations for tasks such as creating pods with environment variables, scaling deployments, and monitoring logs. Each task is accompanied by an explanation and the expected output or actions to be taken.

Uploaded by

Ilir Isaj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 75

0

Exam CKA
Certified Kubernetes Administrator (CKA)

Program
Version: 7.0

[ Total Questions: 67 ]
Certify For Sure with IT Exam Dumps
1. CORRECT TEXT

Score: 4%

Task

Create a persistent volume with name app-data , of capacity 1Gi and access mode ReadOnlyMany. The

type of volume is hostPath and its location is /srv/app-data .

Answer:

See the solution below.

Explanation:

Solution:

#vi pv.yaml

apiVersion: v1

kind: PersistentVolume

metadata:

name: app-config

spec:

capacity:

storage: 1Gi

accessModes:

- ReadOnlyMany

hostPath:

path: /srv/app-config

The No.1 IT Certification Dumps

1
Certify For Sure with IT Exam Dumps
kubectl create -f pv.yaml

2. CORRECT TEXT

Create a pod with environment variables as var1=value1.Check the environment variable in pod

Answer:

See the solution below.

Explanation:

kubectl run nginx --image=nginx --restart=Never --env=var1=value1

# then

kubectl exec -it nginx -- env

# or

kubectl exec -it nginx -- sh -c 'echo $var1'

# or

kubectl describe po nginx | grep value1

3. CORRECT TEXT

List “nginx-dev” and “nginx-prod” pod and delete those pods

Answer:

See the solution below.

Explanation:

kubect1 get pods -o wide

kubectl delete po “nginx-dev”kubectl delete po “nginx-prod”

4. CORRECT TEXT

Create 2 nginx image pods in which one of them is labelled with env=prod and another one

labelled with env=dev and verify the same.

Answer:

See the solution below.

Explanation:

kubectl run --generator=run-pod/v1 --image=nginx -- labels=env=prod nginx-prod --dry-run

The No.1 IT Certification Dumps

2
Certify For Sure with IT Exam Dumps
-o yaml > nginx-prodpod.yaml Now, edit nginx-prod-pod.yaml file and remove entries like

“creationTimestamp: null” “dnsPolicy: ClusterFirst”

vim nginx-prod-pod.yaml

apiVersion: v1

kind: Pod

metadata:

labels:

env: prod

name: nginx-prod

spec:

containers:

- image: nginx

name: nginx-prod

restartPolicy: Always

# kubectl create -f nginx-prod-pod.yaml

kubectl run --generator=run-pod/v1 --image=nginx --

labels=env=dev nginx-dev --dry-run -o yaml > nginx-dev-pod.yaml

apiVersion: v1

kind: Pod

metadata:

labels:

env: dev

name: nginx-dev

spec:

containers:

- image: nginx

name: nginx-dev

restartPolicy: Always

# kubectl create -f nginx-prod-dev.yaml

Verify :

The No.1 IT Certification Dumps

3
Certify For Sure with IT Exam Dumps
kubectl get po --show-labels

kubectl get po -l env=prod

kubectl get po -l env=dev

5. CORRECT TEXT

Score: 4%

Task

Set the node named ek8s-node-1 as unavailable and reschedule all the pods running on it.

Answer:

See the solution below.

Explanation:

SOLUTION:

[student@node-1] > ssh ek8s

kubectl cordon ek8s-node-1

kubectl drain ek8s-node-1 --delete-local-data --ignore-daemonsets --force

6. CORRECT TEXT

Create a busybox pod that runs the command “env” and save the output to “envpod” file

Answer:

See the solution below.

Explanation:

kubectl run busybox --image=busybox --restart=Never –-rm -it -- env > envpod.yaml

The No.1 IT Certification Dumps

4
Certify For Sure with IT Exam Dumps

7. CORRECT TEXT

Score: 5%

Task

Monitor the logs of pod bar and:

• Extract log lines corresponding to error file-not-found

• Write them to /opt/KUTR00101/bar

Answer:

See the solution below.

Explanation: Solution:

kubectl logs bar | grep 'unable-to-access-website' > /opt/KUTR00101/bar

cat /opt/KUTR00101/bar

8. CORRECT TEXT

List all the pods sorted by created timestamp

Answer:

See the solution below.

Explanation:

kubect1 get pods--sort-by=.metadata.creationTimestamp

9. CORRECT TEXT

Create a nginx pod with label env=test in engineering namespace

The No.1 IT Certification Dumps

5
Certify For Sure with IT Exam Dumps
Answer:

See the solution below.

Explanation:

kubectl run nginx --image=nginx --restart=Never --labels=env=test

-- namespace=engineering --dry-run -o yaml > nginx-pod.yaml

kubectl run nginx --image=nginx --restart=Never --labels=env=test --

namespace=engineering --dry-run -o yaml | kubectl create -n engineering -f –

YAML File:

apiVersion: v1

kind: Pod

metadata:

name: nginx

namespace: engineering

labels:

env: test

spec:

containers:

- name: nginx

image: nginx

imagePullPolicy: IfNotPresent

restartPolicy: Never

kubectl create -f nginx-pod.yaml

10. CORRECT TEXT

Schedule a pod as follows:

✑ Name: nginx-kusc00101

✑ Image: nginx

✑ Node selector: disk=ssd

Answer:

See the solution below.

The No.1 IT Certification Dumps

6
Certify For Sure with IT Exam Dumps
Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\6 B.JPGF:\Work\Data

The No.1 IT Certification Dumps

7
Certify For Sure with IT Exam Dumps
F:\Work\Data Entry Work\Data Entry\20200827\CKA\6 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\6 D.JPG

11. CORRECT TEXT

List the nginx pod with custom columns POD_NAME and POD_STATUS

Answer:

See the solution below.

Explanation:

kubectl get po -o=custom-columns="POD_NAME:.metadata.name,

POD_STATUS:.status.containerStatuses[].state"

12. CORRECT TEXT

Create a pod that having 3 containers in it? (Multi-Container)

Answer:

See the solution below.

Explanation:

The No.1 IT Certification Dumps

8
Certify For Sure with IT Exam Dumps
image=nginx, image=redis, image=consul

Name nginx container as “nginx-container”

Name redis container as “redis-container”

Name consul container as “consul-container”

Create a pod manifest file for a container and append container

section for rest of the images

kubectl run multi-container --generator=run-pod/v1 --image=nginx --

dry-run -o yaml > multi-container.yaml

# then

vim multi-container.yaml

apiVersion: v1

kind: Pod

metadata:

labels:

run: multi-container

name: multi-container

spec:

containers:

- image: nginx

name: nginx-container

- image: redis

name: redis-container

- image: consul

name: consul-container

restartPolicy: Always

13. CORRECT TEXT

Configure the kubelet systemd- managed service, on the node labelled with name=wk8s- node-1, to launch

a pod containing a single container of Image httpd named webtool automatically. Any spec files required

should be placed in the /etc/kubernetes/manifests directory on the node.

The No.1 IT Certification Dumps

9
Certify For Sure with IT Exam Dumps
You can ssh to the appropriate node using:

[student@node-1] $ ssh wk8s-node-1

You can assume elevated privileges on the node with the following command:

[student@wk8s-node-1] $ | sudo –i

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\21 C.JPG

The No.1 IT Certification Dumps

10
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\21 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\21 E.JPG

The No.1 IT Certification Dumps

11
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\21 F.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\21 G.JPG

The No.1 IT Certification Dumps

12
Certify For Sure with IT Exam Dumps

14. CORRECT TEXT

Check to see how many worker nodes are ready (not including nodes tainted NoSchedule) and write the

number to /opt/KUCC00104/kucc00104.txt.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\15 B.JPG

The No.1 IT Certification Dumps

13
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\15 C.JPG

15. CORRECT TEXT

A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and

perform any appropriate steps to bring the node to a Ready state, ensuring that any changes are made

permanent.

You can ssh to the failed node using:

[student@node-1] $ | ssh Wk8s-node-0

You can assume elevated privileges on the node with the following command:

[student@w8ks-node-0] $ | sudo –i

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

14
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 D.JPG

The No.1 IT Certification Dumps

15
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 E.JPG

16. CORRECT TEXT

List all the pods showing name and namespace with a json path expression

Answer:

See the solution below.

Explanation:

kubectl get pods -o=jsonpath="{.items[*]['metadata.name',

'metadata.namespace']}"

17. CORRECT TEXT

List all the pods sorted by name

Answer:

See the solution below.

Explanation:

kubectl get pods --sort-by=.metadata.name

The No.1 IT Certification Dumps

16
Certify For Sure with IT Exam Dumps

18. CORRECT TEXT

List all persistent volumes sorted by capacity, saving the full kubectl output to

/opt/KUCC00102/volume_list. Use kubectl 's own functionality for sorting the output, and do not manipulate

it any further.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\2 C.JPG

19. CORRECT TEXT

Create a persistent volume with name app-data, of capacity 2Gi and access mode ReadWriteMany. The

type of volume is hostPath and its location is /srv/app-data.

Answer:

See the solution below.

The No.1 IT Certification Dumps

17
Certify For Sure with IT Exam Dumps
Explanation:

solution

Persistent Volume

A persistent volume is a piece of storage in a Kubernetes cluster. PersistentVolumes are a cluster-level

resource like nodes, which don’t belong to any namespace. It is provisioned by the administrator and has a

particular file size. This way, a developer deploying their app on Kubernetes need not know the underlying

infrastructure. When the developer needs a certain amount of persistent storage for their application, the

system administrator configures the cluster so that they consume the PersistentVolume provisioned in an

easy way.

Creating Persistent Volume

kind: PersistentVolumeapiVersion: v1metadata: name:app-dataspec: capacity: # defines the capacity of PV

we are creating storage: 2Gi #the amount of storage we are tying to claim accessModes: # defines the

rights of the volume we are creating - ReadWriteMany hostPath: path: "/srv/app-data" # path to which we

are creating the volume

Challenge

✑ Create a Persistent Volume named app-data, with access mode ReadWriteMany, storage classname

shared, 2Gi of storage capacity and the host path /srv/app- data.

2. Save the file and create the persistent volume.

The No.1 IT Certification Dumps

18
Certify For Sure with IT Exam Dumps

Image for post

3. View the persistent volume.

✑ Our persistent volume status is available meaning it is available and it has not been mounted yet. This

status will change when we mount the persistentVolume to a persistentVolumeClaim.

PersistentVolumeClaim

In a real ecosystem, a system admin will create the PersistentVolume then a developer will create a

PersistentVolumeClaim which will be referenced in a pod. A PersistentVolumeClaim is created by

specifying the minimum size and the access mode they require from the persistentVolume. Challenge

✑ Create a Persistent Volume Claim that requests the Persistent Volume we had created above. The

claim should request 2Gi. Ensure that the Persistent Volume Claim has the same storageClassName as

the persistentVolume you had previously created.

kind: PersistentVolumeapiVersion: v1metadata: name:app-data

spec:

accessModes: - ReadWriteMany resources:

requests: storage: 2Gi

storageClassName: shared

2. Save and create the pvc

njerry191@cloudshell:~ (extreme-clone-2654111)$ kubect1 create -f app-data.yaml

persistentvolumeclaim/app-data created

3. View the pvc

Image for post

4. Let’s see what has changed in the pv we had initially created.

Image for post

Our status has now changed from available to bound.

The No.1 IT Certification Dumps

19
Certify For Sure with IT Exam Dumps
5. Create a new pod named myapp with image nginx that will be used to Mount the Persistent Volume

Claim with the path /var/app/config.

Mounting a Claim

apiVersion: v1kind: Podmetadata: creationTimestamp: null name: app-dataspec: volumes: -

name:congigpvc persistenVolumeClaim: claimName: app-data containers: - image: nginx name: app

volumeMounts: - mountPath: "/srv/app-data " name: configpvc

20. CORRECT TEXT

Create a busybox pod and add “sleep 3600” command

Answer:

See the solution below.

Explanation:

kubectl run busybox --image=busybox --restart=Never -- /bin/sh -c

"sleep 3600"

21. CORRECT TEXT

List the nginx pod with custom columns POD_NAME and POD_STATUS

Answer:

See the solution below.

Explanation:

kubectl get po -o=custom-columns="POD_NAME:.metadata.name,

POD_STATUS:.status.containerStatuses[].state"

22. CORRECT TEXT

Get list of all pods in all namespaces and write it to file “/opt/pods-list.yaml”

Answer:

See the solution below.

Explanation:

kubectl get po –all-namespaces > /opt/pods-list.yaml

The No.1 IT Certification Dumps

20
Certify For Sure with IT Exam Dumps
23. CORRECT TEXT

Perform the following tasks:

✑ Add an init container to hungry-bear (which has been defined in spec file

/opt/KUCC00108/pod-spec-KUCC00108.yaml)

✑ The init container should create an empty file named/workdir/calm.txt

✑ If /workdir/calm.txt is not detected, the pod should exit

✑ Once the spec file has been updated with the init container definition, the pod should be created

Answer: See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 B.JPG

The No.1 IT Certification Dumps

21
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 D.JPG

The No.1 IT Certification Dumps

22
Certify For Sure with IT Exam Dumps

24. CORRECT TEXT

Task Weight: 4%

Task

Scale the deployment webserver to 3 pods.

Answer:

See the solution below.

Explanation: Solution:

25. CORRECT TEXT

Score: 4%

Task

Create a pod named kucc8 with a single app container for each of the following images running inside

(there may be between 1 and 4 images specified): nginx + redis + memcached .

The No.1 IT Certification Dumps

23
Certify For Sure with IT Exam Dumps
Answer:

See the solution below.

Explanation:

Solution:

kubectl run kucc8 --image=nginx --dry-run -o yaml > kucc8.yaml

# vi kucc8.yaml

apiVersion: v1

kind: Pod

metadata:

creationTimestamp: null

name: kucc8

spec:

containers:

- image: nginx

name: nginx

- image: redis

name: redis

- image: memcached

name: memcached

- image: consul

name: consul

kubectl create -f kucc8.yaml

#12.07

26. CORRECT TEXT

Get list of all the pods showing name and namespace with a jsonpath expression.

Answer:

See the solution below.

Explanation:

The No.1 IT Certification Dumps

24
Certify For Sure with IT Exam Dumps
kubectl get pods -o=jsonpath="{.items[*]['metadata.name'

, 'metadata.namespace']}"

27. CORRECT TEXT

Create a pod as follows:

✑ Name: non-persistent-redis

✑ container Image: redis

✑ Volume with name: cache-control

✑ Mount path: /data/redis

The pod should launch in the staging namespace and the volume must not be persistent.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 B.JPG

The No.1 IT Certification Dumps

25
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 D.JPG

The No.1 IT Certification Dumps

26
Certify For Sure with IT Exam Dumps

28. CORRECT TEXT

Score: 13%

Task

A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and

perform any appropriate steps to bring the node to a Ready state, ensuring that any changes are made

permanent.

The No.1 IT Certification Dumps

27
Certify For Sure with IT Exam Dumps
Answer:

See the solution below.

Explanation:

Solution:

sudo -i

systemctl status kubelet

systemctl start kubelet

systemctl enable kubelet

29. CORRECT TEXT

Create a pod that echo “hello world” and then exists. Have the pod deleted automatically when it’s

completed

Answer:

See the solution below.

Explanation:

kubectl run busybox --image=busybox -it --rm --restart=Never --

/bin/sh -c 'echo hello world'

kubectl get po # You shouldn't see pod with the name "busybox"

30. CORRECT TEXT

Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where nginx also

represents the Image name which has to be used. Do not override any taints currently in place.

Use DaemonSet to complete this task and use ds-kusc00201 as DaemonSet name.

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

28
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 C.JPG

The No.1 IT Certification Dumps

29
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 E.JPG

The No.1 IT Certification Dumps

30
Certify For Sure with IT Exam Dumps

31. CORRECT TEXT

Create a pod as follows:

✑ Name: mongo

✑ Using Image: mongo

✑ In a new Kubernetes namespace named: my-website

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\9 B.JPG

32. CORRECT TEXT

Score: 4%

The No.1 IT Certification Dumps

31
Certify For Sure with IT Exam Dumps

Task

Scale the deployment presentation to 6 pods.

Answer:

See the solution below.

Explanation:

Solution:

kubectl get deployment

kubectl scale deployment.apps/presentation --replicas=6

33. CORRECT TEXT

Create a deployment as follows:

✑ Name: nginx-app

✑ Using container nginx with version 1.11.10-alpine

✑ The deployment should contain 3 replicas

Next, deploy the application with new version 1.11.13-alpine, by performing a rolling update.

Finally, rollback that update to the previous version 1.11.10-alpine.

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

32
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\7 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\7 C.JPG

The No.1 IT Certification Dumps

33
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\7 D.JPG

34. CORRECT TEXT

From the pod label name=cpu-utilizer, find pods running high CPU workloads and

write the name of the pod consuming most CPU to the file /opt/KUTR00102/KUTR00102.txt

(which already exists).

Answer: See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

34
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\16 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\16 C.JPG

The No.1 IT Certification Dumps

35
Certify For Sure with IT Exam Dumps

35. CORRECT TEXT

Given a partially-functioning Kubernetes cluster, identify symptoms of failure on the cluster.

Determine the node, the failing service, and take actions to bring up the failed service and restore the

health of the cluster. Ensure that any changes are made permanently.

You can ssh to the relevant I nodes (bk8s-master-0 or bk8s-node-0) using:

[student@node-1] $ ssh <nodename>

You can assume elevated privileges on any node in the cluster with the following command:

[student@nodename] $ | sudo –i

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\23 C.JPG

The No.1 IT Certification Dumps

36
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\23 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\23 E.JPG

The No.1 IT Certification Dumps

37
Certify For Sure with IT Exam Dumps

36. CORRECT TEXT

Create a file:

/opt/KUCC00302/kucc00302.txt that lists all pods that implement service baz in namespace development.

The format of the file should be one pod name per line.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 B.JPG

The No.1 IT Certification Dumps

38
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 D.JPG

The No.1 IT Certification Dumps

39
Certify For Sure with IT Exam Dumps

37. CORRECT TEXT

For this item, you will have to ssh to the nodes ik8s-master-0 and ik8s-node-0 and complete all tasks on

these nodes. Ensure that you return to the base node (hostname: node-1) when you have completed this

item.

Context

As an administrator of a small development team, you have been asked to set up a Kubernetes cluster to

test the viability of a new application.

Task

You must use kubeadm to perform this task. Any kubeadm invocations will require the use of the

--ignore-preflight-errors=all option.

✑ Configure the node ik8s-master-O as a master node. .

✑ Join the node ik8s-node-o to the cluster.

Answer:

See the solution below.

Explanation:

solution

You must use the kubeadm configuration file located at /etc/kubeadm.conf when initializingyour cluster.

You may use any CNI plugin to complete this task, but if you don't have your favourite CNI plugin's manifest

URL at hand, Calico is one popular option:

https://docs.projectcalico.org/v3.14/manifests/calico.yaml

Docker is already installed on both nodes and apt has been configured so that you can install the required

tools.

38. CORRECT TEXT

Create a snapshot of the etcd instance running at https://127.0.0.1:2379, saving the snapshot to the file

path /srv/data/etcd-snapshot.db.

The following TLS certificates/key are supplied for connecting to the server with etcdctl:

✑ CA certificate: /opt/KUCM00302/ca.crt

✑ Client certificate: /opt/KUCM00302/etcd-client.crt

The No.1 IT Certification Dumps

40
Certify For Sure with IT Exam Dumps
✑ Client key: Topt/KUCM00302/etcd-client.key

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\18 C.JPG

39. CORRECT TEXT

Score: 7%

The No.1 IT Certification Dumps

41
Certify For Sure with IT Exam Dumps

Task

Reconfigure the existing deployment front-end and add a port specification named http exposing port 80/tcp

of the existing container nginx.

Create a new service named front-end-svc exposing the container port http.

Configure the new service to also expose the individual Pods via a NodePort on the nodes on which they

are scheduled.

Answer:

See the solution below.

Explanation:

Solution:

kubectl get deploy front-end

kubectl edit deploy front-end -o yaml

#port specification named http

#service.yaml

apiVersion: v1

kind: Service

metadata:

name: front-end-svc

labels:

app: nginx

spec:

ports:

The No.1 IT Certification Dumps

42
Certify For Sure with IT Exam Dumps
- port: 80

protocol: tcp

name: http

selector:

app: nginx

type: NodePort

# kubectl create -f service.yaml

# kubectl get svc

# port specification named http

kubectl expose deployment front-end --name=front-end-svc --port=80 --tarport=80 -- type=NodePort

40. CORRECT TEXT

Create an nginx pod and list the pod with different levels of verbosity

Answer:

See the solution below.

Explanation:

// create a pod

kubectl run nginx --image=nginx --restart=Never --port=80

// List the pod with different verbosity

kubectl get po nginx --v=7

kubectl get po nginx --v=8

kubectl get po nginx --v=9

41. CORRECT TEXT

Score:7%

The No.1 IT Certification Dumps

43
Certify For Sure with IT Exam Dumps

Context

An existing Pod needs to be integrated into the Kubernetes built-in logging architecture (e.

g. kubectl logs). Adding a streaming sidecar container is a good and common way to accomplish this

requirement.

Task

Add a sidecar container named sidecar, using the busybox Image, to the existing Pod big- corp-app. The

new sidecar container has to run the following command:

/bin/sh -c tail -n+1 -f /va r/log/big-corp-app.log

Use a Volume, mounted at /var/log, to make the log file big-corp-app.log available to the sidecar container.

Answer:

See the solution below.

Explanation:

Solution:

kubectl get pod big-corp-app -o yaml

The No.1 IT Certification Dumps

44
Certify For Sure with IT Exam Dumps
apiVersion: v1

kind: Pod

metadata:

name: big-corp-app

spec:

containers:

- name: big-corp-app

image: busybox

args:

- /bin/sh

- -c

- > i=0;

while true;

do

echo "$(date) INFO $i" >> /var/log/big-corp-app.log;

i=$((i+1));

sleep 1;

done

volumeMounts:

- name: logs

mountPath: /var/log

- name: count-log-1

image: busybox

args: [/bin/sh, -c, 'tail -n+1 -f /var/log/big-corp-app.log']

volumeMounts:

- name: logs

mountPath: /var/log

volumes:

- name: logs

emptyDir: {

The No.1 IT Certification Dumps

45
Certify For Sure with IT Exam Dumps
}

kubectl logs big-corp-app -c count-log-1

42. CORRECT TEXT

Create a pod named kucc8 with a single app container for each of the

following images running inside (there may be between 1 and 4 images specified):

nginx + redis + memcached.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 B.JPG

The No.1 IT Certification Dumps

46
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 D.JPG

The No.1 IT Certification Dumps

47
Certify For Sure with IT Exam Dumps

43. CORRECT TEXT

Score: 7%

Task

First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379, saving the snapshot

to /srv/data/etcd-snapshot.db.

The No.1 IT Certification Dumps

48
Certify For Sure with IT Exam Dumps

Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previo us.db

Answer:

See the solution below.

Explanation:

The No.1 IT Certification Dumps

49
Certify For Sure with IT Exam Dumps
Solution:

#backup

ETCDCTL_API=3 etcdctl --endpoints="https://127.0.0.1:2379" --

cacert=/opt/KUIN000601/ca.crt --cert=/opt/KUIN000601/etcd-client.crt --

key=/opt/KUIN000601/etcd-client.key snapshot save /etc/data/etcd-snapshot.db

#restore

ETCDCTL_API=3 etcdctl --endpoints="https://127.0.0.1:2379" --

cacert=/opt/KUIN000601/ca.crt --cert=/opt/KUIN000601/etcd-client.crt --

key=/opt/KUIN000601/etcd-client.key snapshot restore /var/lib/backup/etcd-snapshot- previoys.db

44. CORRECT TEXT

Check the image version in pod without the describe command

Answer:

See the solution below.

Explanation:

kubectl get po nginx -o

jsonpath='{.spec.containers[].image}{"\n"}'

45. CORRECT TEXT

Create a deployment spec file that will:

✑ Launch 7 replicas of the nginx Image with the labelapp_runtime_stage=dev

✑ deployment name: kual00201

Save a copy of this spec file to /opt/KUAL00201/spec_deployment.yaml

(or /opt/KUAL00201/spec_deployment.json).

When you are done, clean up (delete) any new Kubernetes API object that you produced during this task.

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

50
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\10 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\10 C.JPG

The No.1 IT Certification Dumps

51
Certify For Sure with IT Exam Dumps

46. CORRECT TEXT

Check the Image version of nginx-dev pod using jsonpath

Answer:

See the solution below.

Explanation:

kubect1 get po nginx-dev -o

jsonpath='{.spec.containers[].image}{"\n"}'

47. CORRECT TEXT

Score: 7%

Task

Create a new nginx Ingress resource as follows:

• Name: ping

• Namespace: ing-internal

• Exposing service hi on path /hi using service port 5678

The No.1 IT Certification Dumps

52
Certify For Sure with IT Exam Dumps

Answer:

See the solution below.

Explanation:

Solution:

vi ingress.yaml

apiVersion: networking.k8s.io/v1

kind: Ingress

metadata:

name: ping

namespace: ing-internal

spec:

rules:

- http:

paths:

- path: /hi

pathType: Prefix

backend:

service:

name: hi

The No.1 IT Certification Dumps

53
Certify For Sure with IT Exam Dumps
port:

number: 5678

kubectl create -f ingress.yaml

48. CORRECT TEXT

Create and configure the service front-end-service so it's accessible through NodePort and routes to the

existing pod named front-end.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\8 B.JPG

49. CORRECT TEXT

Get IP address of the pod – “nginx-dev”

The No.1 IT Certification Dumps

54
Certify For Sure with IT Exam Dumps
Answer:

See the solution below.

Explanation:

Kubect1 get po -o wide

Using JsonPath

kubect1 get pods -o=jsonpath='{range

items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'

50. CORRECT TEXT

Score: 7%

Task

Given an existing Kubernetes cluster running version 1.20.0, upgrade all of the Kubernetes control plane

and node components on the master node only to version 1.20.1.

Be sure to drain the master node before upgrading it and uncordon it after the upgrade.

The No.1 IT Certification Dumps

55
Certify For Sure with IT Exam Dumps

You are also expected to upgrade kubelet and kubectl on the master node.

Answer:

See the solution below.

Explanation:

SOLUTION:

[student@node-1] > ssh ek8s

kubectl cordon k8s-master

The No.1 IT Certification Dumps

56
Certify For Sure with IT Exam Dumps
kubectl drain k8s-master --delete-local-data --ignore-daemonsets --force

apt-get install kubeadm=1.20.1-00 kubelet=1.20.1-00 kubectl=1.20.1-00 --

disableexcludes=kubernetes

kubeadm upgrade apply 1.20.1 --etcd-upgrade=false

systemctl daemon-reload

systemctl restart kubelet kubectl

uncordon k8s-master

51. CORRECT TEXT

Score: 7%

Task

Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo. Ensure

that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000 of Pods in

namespace echo.

Further ensure that the new NetworkPolicy:

• does not allow access to Pods, which don't listen on port 9000

• does not allow access from Pods, which are not in namespace my-app

Answer:

See the solution below.

Explanation:

Solution:

#network.yaml

The No.1 IT Certification Dumps

57
Certify For Sure with IT Exam Dumps
apiVersion: networking.k8s.io/v1

kind: NetworkPolicy

metadata:

name: allow-port-from-namespace

namespace: internal

spec:

podSelector:

matchLabels: {

policyTypes:

- Ingress

ingress:

- from:

- podSelector: {

ports:

- protocol: TCP

port: 8080

#spec.podSelector namespace pod

kubectl create -f network.yaml

52. CORRECT TEXT

Scale the deployment webserver to 6 pods.

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

58
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\14 B.JPG

53. CORRECT TEXT

Monitor the logs of pod foo and:

✑ Extract log lines corresponding to error

unable-to-access-website

✑ Write them to/opt/KULM00201/foo

Answer:

See the solution below.

Explanation:

solution

The No.1 IT Certification Dumps

59
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 C.JPG

The No.1 IT Certification Dumps

60
Certify For Sure with IT Exam Dumps

54. CORRECT TEXT

Create a Kubernetes secret as follows:

✑ Name: super-secret

✑ password: bob

Create a pod named pod-secrets-via-file, using the redis Image, which mounts a secret named

super-secret at /secrets.

Create a second pod named pod-secrets-via-env, using the redis Image, which exports

password as CONFIDENTIAL

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 B.JPG

The No.1 IT Certification Dumps

61
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 D.JPG

The No.1 IT Certification Dumps

62
Certify For Sure with IT Exam Dumps

55. CORRECT TEXT

Score: 4%

Task

Check to see how many nodes are ready (not including nodes tainted NoSchedule ) and write the number

to /opt/KUSC00402/kusc00402.txt.

Answer:

See the solution below.

Explanation:

Solution:

kubectl describe nodes | grep ready|wc -l

kubectl describe nodes | grep -i taint | grep -i noschedule |wc -l

echo 3 > /opt/KUSC00402/kusc00402.txt

kubectl get node | grep -i ready |wc -l

# taintsnoSchedule

kubectl describe nodes | grep -i taints | grep -i noschedule |wc -l

echo 2 > /opt/KUSC00402/kusc00402.txt

56. CORRECT TEXT

Create a deployment as follows:

The No.1 IT Certification Dumps

63
Certify For Sure with IT Exam Dumps
✑ Name: nginx-random

✑ Exposed via a service nginx-random

✑ Ensure that the service & pod are accessible via their respective DNS records

✑ The container(s) within any pod(s) running as a part of this deployment should use the nginx Image

Next, use the utility nslookup to look up the DNS records of the service & pod and write the output to

/opt/KUNW00601/service.dns and /opt/KUNW00601/pod.dns respectively.

Answer:

See the solution below.

Explanation:

Solution:

F:\Work\Data Entry Work\Data Entry\20200827\CKA\17 C.JPG

The No.1 IT Certification Dumps

64
Certify For Sure with IT Exam Dumps

F:\Work\Data Entry Work\Data Entry\20200827\CKA\17 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\17 E.JPG

The No.1 IT Certification Dumps

65
Certify For Sure with IT Exam Dumps

57. CORRECT TEXT

Set the node named ek8s-node-1 as unavailable and reschedule all the pods running on it.

Answer:

See the solution below.

Explanation:

solution

F:\Work\Data Entry Work\Data Entry\20200827\CKA\19 B.JPG

58. CORRECT TEXT

Score: 4%

The No.1 IT Certification Dumps

66
Certify For Sure with IT Exam Dumps

Context

You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a specific

ServiceAccount scoped to a specific namespace.

Task

Create a new ClusterRole named deployment-clusterrole, which only allows to create the following

resource types:

• Deployment

• StatefulSet

• DaemonSet

Create a new ServiceAccount named cicd-token in the existing namespace app-team1. Bind the new

ClusterRole deployment-clusterrole lo the new ServiceAccount cicd-token ,

limited to the namespace app-team1.

Answer:

See the solution below.

Explanation:

Solution:

Task should be complete on node k8s -1 master, 2 worker for this connect use command

[student@node-1] > ssh k8s

kubectl create clusterrole deployment-clusterrole --verb=create --

resource=deployments,statefulsets,daemonsets

kubectl create serviceaccount cicd-token --namespace=app-team1

kubectl create rolebinding deployment-clusterrole --clusterrole=deployment-clusterrole --

The No.1 IT Certification Dumps

67
Certify For Sure with IT Exam Dumps
serviceaccount=default:cicd-token --namespace=app-team1

59. CORRECT TEXT

Score: 5%

Task

From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name of the pod

consuming most CPU to the file /opt/KUTR00401/KUTR00401.txt (which already exists).

Answer:

See the solution below.

Explanation: Solution:

kubectl top -l name=cpu-user -A

echo 'pod name' >> /opt/KUT00401/KUT00401.txt

60. CORRECT TEXT

Print pod name and start time to “/opt/pod-status” file

Answer:

See the solution below.

Explanation:

kubect1 get pods -o=jsonpath='{range

items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'

61. CORRECT TEXT

The No.1 IT Certification Dumps

68
Certify For Sure with IT Exam Dumps
Score: 4%

Task

Schedule a pod as follows:

• Name: nginx-kusc00401

• Image: nginx

• Node selector: disk=ssd

Answer:

See the solution below.

Explanation:

Solution:

#yaml

apiVersion: v1

kind: Pod

metadata:

name: nginx-kusc00401

spec:

containers:

- name: nginx

image: nginx

imagePullPolicy: IfNotPresent

nodeSelector:

disk: spinning

The No.1 IT Certification Dumps

69
Certify For Sure with IT Exam Dumps
#

kubectl create -f node-select.yaml

62. CORRECT TEXT

List pod logs named “frontend” and search for the pattern “started” and write it to a file “/opt/error-logs”

Answer:

See the solution below.

Explanation:

Kubectl logs frontend | grep -i “started” > /opt/error-logs

63. CORRECT TEXT

Score:7%

Task

Create a new PersistentVolumeClaim

• Name: pv-volume

• Class: csi-hostpath-sc

• Capacity: 10Mi

Create a new Pod which mounts the PersistentVolumeClaim as a volume:

• Name: web-server

• Image: nginx

• Mount path: /usr/share/nginx/html

Configure the new Pod to have ReadWriteOnce access on the volume.

The No.1 IT Certification Dumps

70
Certify For Sure with IT Exam Dumps
Finally, using kubectl edit or kubectl patch expand the PersistentVolumeClaim to a capacity of 70Mi and

record that change.

Answer:

See the solution below.

Explanation:

Solution:

vi pvc.yaml

storageclass pvc

apiVersion: v1

kind: PersistentVolumeClaim

metadata:

name: pv-volume

spec:

accessModes:

- ReadWriteOnce

volumeMode: Filesystem

resources:

requests:

storage: 10Mi

storageClassName: csi-hostpath-sc

# vi pod-pvc.yaml

apiVersion: v1

kind: Pod

metadata:

name: web-server

spec:

containers:

- name: web-server

image: nginx

volumeMounts:

The No.1 IT Certification Dumps

71
Certify For Sure with IT Exam Dumps
- mountPath: "/usr/share/nginx/html"

name: my-volume

volumes:

- name: my-volume

persistentVolumeClaim:

claimName: pv-volume

# craete

kubectl create -f pod-pvc.yaml

#edit

kubectl edit pvc pv-volume --record

64. CORRECT TEXT

List all the pods sorted by name

Answer:

See the solution below.

Explanation:

kubect1 get pods --sort-by=.metadata.name

65. CORRECT TEXT

Create a pod with image nginx called nginx and allow traffic on port 80

Answer:

See the solution below.

Explanation:

kubectl run nginx --image=nginx --restart=Never --port=80

66. CORRECT TEXT

Task Weight: 4%

The No.1 IT Certification Dumps

72
Certify For Sure with IT Exam Dumps

Task

Schedule a Pod as follows:

• Name: kucc1

• App Containers: 2

• Container Name/Images: o nginx

o consul

Answer:

See the solution below.

Explanation:

Solution:

The No.1 IT Certification Dumps

73
Certify For Sure with IT Exam Dumps
Graphical user interface, text, application

Description automatically generated

Text Description automatically generated

67. CORRECT TEXT

Create a namespace called 'development' and a pod with image nginx called nginx on this namespace.

Answer:

See the solution below.

Explanation:

kubectl create namespace development

kubectl run nginx --image=nginx --restart=Never -n development

The No.1 IT Certification Dumps

74

You might also like