Home / Linux Foundation / CKAD

Question list

List of questions

Question 1

(0)

Context A web application requires a specific version of redis to be used as a cache. Task Create a pod with the following characteristics, and leave it running when complete: • The pod must r

Question 2

(0)

Context You are tasked to create a secret and consume the secret in a pod using environment variables as follow: Task • Create a secret named another-secret with a key/value pair; key1/value4

Question 3

(0)

Context Task You are required to create a pod that requests a certain amount of CPU and memory, so it gets scheduled to-a node that has those resources available. • Create a pod named nginx-res

Question 4

(0)

Context You are tasked to create a ConfigMap and consume the ConfigMap in a pod using a volume mount. Task Please complete the following: • Create a ConfigMap named another-config containing t

Question 5

(0)

Context Your application’s namespace requires a specific service account to be used. Task Update the app-a deployment in the production namespace to run as the restrictedservice service account

Question 6

(0)

Context A pod is running on the cluster but it is not responding. Task The desired behavior is to have Kubemetes restart the pod when an endpoint returns an HTTP 500 onthe /healthz endpoint. Th

Question 7

(0)

Context You sometimes need to observe a pod's logs, and write those logs to a file for further analysis. Task Please complete the following; • Deploy the counter pod to the cluster using the p

Question 8

(0)

Context It is always useful to look at the resources your applications are consuming in a cluster. Task • From the pods running in namespace cpu-stress , write the name only of the pod that is

Question 9

(0)

Context Anytime a team needs to run a container on Kubernetes they will need to define a pod within which to run the container. Task Please complete the following: • Create a YAML formatted pod

Question 10

(0)

Context Task Create a new deployment for running.nginx with the following parameters; • Run the deployment in the kdpd00201 namespace. The namespace has already been created • Name the deploym

Related questions

Context You are tasked to create a ConfigMap and consume the ConfigMap in a pod using a volume mount. Task Please complete the following: • Create a ConfigMap named another-config containing the key/value pair: key4/value3 • start a pod named nginx-configmap containing a single container using the nginx image, and mount the key you just created into the pod under directory /also/a/path

Context Task Create a new deployment for running.nginx with the following parameters; • Run the deployment in the kdpd00201 namespace. The namespace has already been created • Name the deployment frontend and configure with 4 replicas • Configure the pod with a container image of lfccncf/nginx:1.13.7 • Set an environment variable of NGINX__PORT=8080 and also expose that port for the container above

Context Task: The pod for the Deployment named nosql in the craytisn namespace fails to start because its container runs out of resources. Update the nosol Deployment so that the Pod: 1) Request 160M of memory for its Container 2) Limits the memory to half the maximum memory constraint set for the crayfah name space.

Context Task: A Dockerfile has been prepared at -/human-stork/build/Dockerfile 1) Using the prepared Dockerfile, build a container image with the name macque and lag 3.0. You may install and use the tool of your choice. 2) Using the tool of your choice export the built container image in OC-format and store it at - /human stork/macque 3.0 tar

Context Task You are required to create a pod that requests a certain amount of CPU and memory, so it gets scheduled to-a node that has those resources available. • Create a pod named nginx-resources in the pod-resources namespace that requests a minimum of 200m CPU and 1Gi memory for its container • The pod should use the nginx image • The pod-resources namespace has already been created

Context Task: A pod within the Deployment named buffale-deployment and in namespace gorilla is logging errors. 1) Look at the logs identify errors messages. Find errors, including User “system:serviceaccount:gorilla:default” cannot list resource “deployment” […] in the namespace “gorilla” 2) Update the Deployment buffalo-deployment to resolve the errors in the logs of the Pod. The buffalo-deployment ‘S manifest can be found at -/prompt/escargot/buffalo-deployment.yaml

Context You are asked to prepare a Canary deployment for testing a new application release. Task: A Service named krill-Service in the goshark namespace points to 5 pod created by the Deployment named current-krill-deployment 1) Create an identical Deployment named canary-kill-deployment, in the same namespace. 2) Modify the Deployment so that: -A maximum number of 10 pods run in the goshawk namespace. -40% of the krill-service ‘s traffic goes to the canary-krill-deployment pod(s)

Context Task: Update the Pod ckad00018-newpod in the ckad00018 namespace to use a NetworkPolicy allowing the Pod to send and receive traffic only to and from the pods web and db

Context Task: Create a Deployment named expose in the existing ckad00014 namespace running 6 replicas of a Pod. Specify a single container using the ifccncf/nginx: 1.13.7 image Add an environment variable named NGINX_PORT with the value 8001 to the container then expose port 8001

Context A pod is running on the cluster but it is not responding. Task The desired behavior is to have Kubemetes restart the pod when an endpoint returns an HTTP 500 onthe /healthz endpoint. The service, probe-pod, should never send traffic to the pod while it is failing. Please complete the following: • The application has an endpoint, /started, that will indicate if it can accept traffic by returning an HTTP 200. If the endpoint returns an HTTP 500, the application has not yet finished initialization. • The application has another endpoint /healthz that will indicate if the application is still working as expected by returning an HTTP 200. If the endpoint returns an HTTP 500 the application is no longer responsive. • Configure the probe-pod pod provided to use these endpoints • The probes should use port 8080

Question 6 - CKAD discussion

Context

A pod is running on the cluster but it is not responding.

Task

The desired behavior is to have Kubemetes restart the pod when an endpoint returns an HTTP 500 onthe /healthz endpoint. The service, probe-pod, should never send traffic to the pod while it is failing.

Please complete the following:

• The application has an endpoint, /started, that will indicate if it can accept traffic by returning an HTTP 200. If the endpoint returns an HTTP 500, the application has not yet finished initialization.

• The application has another endpoint /healthz that will indicate if the application is still working as expected by returning an HTTP 200. If the endpoint returns an HTTP 500 the application is no longer responsive.

• Configure the probe-pod pod provided to use these endpoints

• The probes should use port 8080

See the solution below.

Suggested answer: A

Explanation:

Solution:

apiVersion: v1

kind: Pod

metadata:

labels:

test: liveness

name: liveness-exec

spec:

containers:

- name: liveness

image: k8s.gcr.io/busybox

args:

/bin/sh

- -c

- touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600

livenessProbe:

exec:

command:

- cat

- /tmp/healthy

initialDelaySeconds: 5

periodSeconds: 5

The initialDelaySeconds field tells the kubelet that it should wait 5 seconds before performing the first probe. To perform a probe, the kubelet executes the command cat /tmp/healthy in the target container. If the command succeeds, it returns 0, and the kubelet considers the container to be alive and healthy. If the command returns a non-zero value, the kubelet kills the container and restarts it.

When the container starts, it executes this command:

/bin/sh -c "touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600"

For the first 30 seconds of the container's life, there is a /tmp/healthy file. So during the first 30 seconds, the command cat /tmp/healthy returns a success code. After 30 seconds, cat

/tmp/healthy returns a failure code.

Create the Pod:

kubectl apply -f https://k8s.io/examples/pods/probe/exec-liveness.yaml

Within 30 seconds, view the Pod events:

kubectl describe pod liveness-exec The output indicates that no liveness probes have failed yet:

FirstSeen LastSeen Count From SubobjectPath Type Reason Message

--------- -------- ----- ---- ------------- -------- ------ -------

24s 24s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec

to worker0

23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image

"k8s.gcr.io/busybox"

23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image "k8s.gcr.io/busybox"

23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id 86849c15382e; Security:[seccomp=unconfined]

23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id 86849c15382e

After 35 seconds, view the Pod events again:

kubectl describe pod liveness-exec

At the bottom of the output, there are messages indicating that the liveness probes have failed, and the containers have been killed and recreated.

FirstSeen LastSeen Count From SubobjectPath Type Reason Message

--------- -------- ----- ---- ------------- -------- ------ -------

37s 37s 1 {default-scheduler } Normal Scheduled Successfully assigned livenessexec

to worker0

36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image

"k8s.gcr.io/busybox"

36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image "k8s.gcr.io/busybox"

36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id 86849c15382e; Security:[seccomp=unconfined]

36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id 86849c15382e

2s 2s 1 {kubelet worker0} spec.containers{liveness} Warning Unhealthy Liveness probe failed: cat: can't open '/tmp/healthy': No such file or directory

Wait another 30 seconds, and verify that the container has been restarted:

kubectl get pod liveness-exec

The output shows that RESTARTS has been incremented:

NAME READY STATUS RESTARTS AGE

liveness-exec 1/1 Running 1 1m

Show Answer

asked 18/09/2024

Pablo Hilario

38 questions