Scribd
Upload
13 views7 pages

CKA_Exam_Level_Practice_Questions

The document contains a practice exam for the Certified Kubernetes Administrator (CKA) certification, featuring a series of tasks related to Kubernetes operations. Each task includes a question followed by a corresponding answer detailing the necessary commands or configurations. The tasks cover a wide range of topics, including pod creation, resource management, networking, and troubleshooting within a Kubernetes environment.

Uploaded by

Anas Elarbi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views7 pages

CKA_Exam_Level_Practice_Questions

The document contains a practice exam for the Certified Kubernetes Administrator (CKA) certification, featuring a series of tasks related to Kubernetes operations. Each task includes a question followed by a corresponding answer detailing the necessary commands or configurations. The tasks cover a wide range of topics, including pod creation, resource management, networking, and troubleshooting within a Kubernetes environment.

Uploaded by

Anas Elarbi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Certified Kubernetes Administrator (CKA) Practice Exam - Questions

1. Create a pod called `nginx-secure` that uses the `nginx` image and runs in the `restricted`

namespace.

2. Create a deployment called `redis-deploy` with 2 replicas using the `redis:6.0` image and expose

it via ClusterIP service.

3. Set a resource limit of 200m CPU and 256Mi memory for a container in pod `nginx-limited` using

the `nginx` image.

4. Create a pod `nginx-probe` with readiness and liveness HTTP probes on port 80.

5. Display the node on which the pod `nginx-secure` is running.

6. Create a persistent volume called `pv-data` of size 1Gi using hostPath `/mnt/data`.

7. Create a PersistentVolumeClaim for `pv-data` and mount it in a pod running busybox.

8. Create a service account `appuser` and use it in a pod called `frontend`.

9. Taint a node `worker1` to only allow pods with the toleration

`key=dedicated,value=frontend:NoSchedule`.

10. Get all pods using more than 100Mi of memory.

11. Create a Job that runs `echo Hello CKA` and exits.

12. Patch deployment `web` to use image `nginx:1.18`.

13. Configure a network policy to allow ingress to pod label app=web only from pods with label

access=true.

14. Create an Ingress to expose `web-svc` service on `/web` path.

15. Upgrade a cluster node's kubelet configuration to use a custom `--cgroup-driver=systemd` flag.

16. Create a pod that mounts a ConfigMap with key `ENV=prod` as an environment variable.

17. Enable audit logging in the Kubernetes API server.

18. Backup etcd data to `/backup/etcd-snapshot.db`.


19. Restore etcd from a snapshot.

20. Create a Horizontal Pod Autoscaler for `web-deploy` between 1 and 5 replicas at 80% CPU

target.

21. Create a CronJob that runs every 5 minutes and echoes `Hi`.

22. Configure RBAC to allow `appuser` to list pods in `dev` namespace.

23. View API resources available in the cluster.

24. Show the control plane component status.

25. Force delete a pod stuck in terminating state.

26. Create a pod `curlpod` and use it to test service `web-svc` on port 80.

27. Create a pod with init containers that sleeps 10s before starting main container.

28. Create a deployment with anti-affinity rules to spread pods across nodes.

29. Create a pod that writes to a file every 30 seconds and test log rotation.

30. Debug why a pod `nginx-pod` is not starting.


Certified Kubernetes Administrator (CKA) Practice Exam - Answers

1. Create a pod called `nginx-secure` that uses the `nginx` image and runs in the `restricted`

namespace.

Answer:

kubectl create ns restricted

kubectl run nginx-secure --image=nginx -n restricted

2. Create a deployment called `redis-deploy` with 2 replicas using the `redis:6.0` image and expose

it via ClusterIP service.

Answer:

kubectl create deployment redis-deploy --image=redis:6.0 --replicas=2

kubectl expose deployment redis-deploy --port=6379 --target-port=6379 --type=ClusterIP

3. Set a resource limit of 200m CPU and 256Mi memory for a container in pod `nginx-limited` using

the `nginx` image.

Answer:

Create a YAML file with `resources.limits` section and apply using kubectl apply -f file.yaml

4. Create a pod `nginx-probe` with readiness and liveness HTTP probes on port 80.

Answer:

Define the pod spec with `readinessProbe` and `livenessProbe` using HTTP GET on port 80.

5. Display the node on which the pod `nginx-secure` is running.

Answer:

kubectl get pod nginx-secure -o wide -n restricted

6. Create a persistent volume called `pv-data` of size 1Gi using hostPath `/mnt/data`.

Answer:

Define a PersistentVolume YAML with capacity 1Gi and hostPath `/mnt/data`, then apply it.
7. Create a PersistentVolumeClaim for `pv-data` and mount it in a pod running busybox.

Answer:

Create a PVC and a pod that mounts the claim, using a shared volumeMounts path.

8. Create a service account `appuser` and use it in a pod called `frontend`.

Answer:

kubectl create sa appuser

Add `serviceAccountName: appuser` in the pod spec.

9. Taint a node `worker1` to only allow pods with the toleration

`key=dedicated,value=frontend:NoSchedule`.

Answer:

kubectl taint nodes worker1 dedicated=frontend:NoSchedule

10. Get all pods using more than 100Mi of memory.

Answer:

kubectl top pod --all-namespaces | awk '$4 > 100'

11. Create a Job that runs `echo Hello CKA` and exits.

Answer:

Define a Job YAML that runs busybox with command `echo Hello CKA`.

12. Patch deployment `web` to use image `nginx:1.18`.

Answer:

kubectl set image deployment/web nginx=nginx:1.18

13. Configure a network policy to allow ingress to pod label app=web only from pods with label

access=true.

Answer:

Define a NetworkPolicy with podSelector app=web and from: podSelector matchLabels access=true.

14. Create an Ingress to expose `web-svc` service on `/web` path.


Answer:

Define an Ingress resource mapping `/web` to `web-svc`.

15. Upgrade a cluster node's kubelet configuration to use a custom `--cgroup-driver=systemd` flag.

Answer:

Edit `/var/lib/kubelet/config.yaml` and restart kubelet with systemctl.

16. Create a pod that mounts a ConfigMap with key `ENV=prod` as an environment variable.

Answer:

kubectl create configmap env-cm --from-literal=ENV=prod

Use `envFrom` or `env` in pod spec.

17. Enable audit logging in the Kubernetes API server.

Answer:

Modify kube-apiserver manifest to include `--audit-log-path` and `--audit-policy-file`.

18. Backup etcd data to `/backup/etcd-snapshot.db`.

Answer:

ETCDCTL_API=3 etcdctl snapshot save /backup/etcd-snapshot.db --endpoints <endpoint> --cacert

--cert --key

19. Restore etcd from a snapshot.

Answer:

Stop etcd, use `etcdctl snapshot restore`, then point etcd to the restored data dir.

20. Create a Horizontal Pod Autoscaler for `web-deploy` between 1 and 5 replicas at 80% CPU

target.

Answer:

kubectl autoscale deployment web-deploy --min=1 --max=5 --cpu-percent=80

21. Create a CronJob that runs every 5 minutes and echoes `Hi`.

Answer:
kubectl create cronjob hi-job --schedule="*/5 * * * *" --image=busybox -- echo Hi

22. Configure RBAC to allow `appuser` to list pods in `dev` namespace.

Answer:

Create Role with list pods and bind it to `appuser` using RoleBinding.

23. View API resources available in the cluster.

Answer:

kubectl api-resources

24. Show the control plane component status.

Answer:

kubectl get componentstatus

25. Force delete a pod stuck in terminating state.

Answer:

kubectl delete pod <pod-name> --grace-period=0 --force

26. Create a pod `curlpod` and use it to test service `web-svc` on port 80.

Answer:

kubectl run curlpod --image=busybox -it --restart=Never -- curl web-svc:80

27. Create a pod with init containers that sleeps 10s before starting main container.

Answer:

Define initContainers section with sleep 10, then normal containers start.

28. Create a deployment with anti-affinity rules to spread pods across nodes.

Answer:

Use `podAntiAffinity` with `requiredDuringSchedulingIgnoredDuringExecution`.

29. Create a pod that writes to a file every 30 seconds and test log rotation.

Answer:

Pod uses busybox and writes to file in a loop. Set up logrotate manually.
30. Debug why a pod `nginx-pod` is not starting.

Answer:

kubectl describe pod nginx-pod

kubectl logs nginx-pod

You might also like