CKA Important Questions

CKA Important Questions

Q1. Question on RBAC

Answer-

– Create a service-account (name-given-in-exam) in namespace (name-given-in-exam)

– create a clusterrole which has access to create resources like deployments,statefulsets,deamonsets etc.

– Bind that service account with cluster role using clusterrolebinding.

Q2. Upgarde kubernetes cluster from version 1.22.1 to 1.22.2 using kubeadm tool

Answer-

* It is exepected that we upgarde kubelet and kubectl as well.

* It is given to upgrade only master node.

* Make sure to get root access of the node which is asked to upgrade.

Read Also-Top Jenkins Interview Questions For Freshers:

Q3. Make a particular node unavailable by rescheduling pods inside it to another node.

Answer-

Q4. Take the backup of current etcd cluster to a DB file (file path given in exam) and restore the cluster with already given file. cacert, cert and key file path are given in exam.

Answer-

Q5. Schedule the pod on the particular node <name-given-in-exam> using nodeSelector.

Answer-

Q6. Scale the given deployment <name-given-in-exam> to 5 replicas.

Answer-

Q7. Create a ingress resource for a given service named “hi”. Port and service name is given in the Exam.

Answer-

* It should print the output as “hi” after running the curl command

$ curl -Iv <int-ip>/hi

output:- hi

Q8. Create a networkpolicy that allows pods in <namespace_1> to access port 8080 from <namespace_2>

Answer-

* Make sure to cover all the conditions given by creating network policy.

* Create a ingress policy with port and limited to namespace <name-given-in-exam> and pods <name-given-in-exam>

* Make sure the NetworkPolicy does not allow port other than 8080 and does not allow pods from any other namespace except <namespace_2>

Q9. Create a persistent volume of 10Gi using hostpath given exam.

Answer-

Q10. Create a persistent volumeclaim using given specifications of size 10Mi and storageclass . Create the persistentvolumeclaim to mount the volume to a pod to specified path And resize the volume to 70Mi using “kubectl edit” or “kubectl patch” command

Answer-

Q11. Expose the Deployment

Answer-

* Modify the deployment and set the http port 80 to the container.

* Create a service <name-given-in-exam> to expose the http port 80.

* Configure the service to expose the individual pods using NodePort on the node itself where they are running.

Q12 Identify which pod is consuming most CPU with filter < Given in Exam>. and Redirect the name of the pod to a file location <file-location-path>

Answer-

Q13 Logging architecture.

Answer-

* One app pod called monitor is deployed.

* Add sidecar container inside monitor pod which will execute the command – /bin/sh -c “tail -n+1 -f /var/log/big-app.log”

* Make sure you use given volume mount to a pod.

Q14. Another one on Logging

Answer-

* Pod is deployed

* Find the logs of particular error and redirect it to a given file

Q15. Identify which nodes has taint applied as NoSchedule and write the remaining number of nodes to a file

Answer-

Q16. Run 2 container with images (nginx + redis) in a single pod name it as multi-container.

Answer-

Here’s an example YAML manifest for a pod named “multi-container” with Nginx and Redis containers:

apiVersion: v1
kind: Pod
metadata:
  name: multi-container
spec:
  containers:
  - name: nginx-container
    image: nginx:latest
    ports:
    - containerPort: 80

  - name: redis-container
    image: redis:latest
    ports:
    - containerPort: 6379

In this example:

• The first container is named “nginx-container” and uses the Nginx image. It exposes port 80.
• The second container is named “redis-container” and uses the Redis image. It exposes port 6379.

Save this YAML manifest to a file, for example, multi-container-pod.yaml, and create the pod using the kubectl apply command:

kubectl apply -f multi-container-pod.yaml

This will create a pod named “multi-container” with both Nginx and Redis containers running inside.

To access the containers, you can use the kubectl exec command. For example, to access the Nginx container:

kubectl exec -it multi-container -c nginx-container -- /bin/bash

And to access the Redis container:

kubectl exec -it multi-container -c redis-container -- /bin/sh

Replace multi-container with the actual name of your pod.

Q17. In a cluster one node is NotReady. We are exepected to bring back that node to Ready state.

Answer-

To troubleshoot and bring back a Kubernetes node to the “Ready” state when it is in the “NotReady” state, you can follow these general steps:

1. Identify the Issue:

• Check the node’s status and details:

kubectl get nodes kubectl describe node <node-name>

• Examine the logs on the problematic node:

 kubectl logs <node-name>

• Check the system logs for any relevant information:

bash journalctl -u kubelet

1. Common Issues and Solutions:

• Network Issues:
  • Ensure that the node has network connectivity.
  • Check if there are any issues with the network plugin (e.g., Flannel, Calico).
• Resource Exhaustion:
  • Check if the node is running out of resources (CPU, memory, disk).
  • Review the resource usage on the node.
• Kubelet Issues:
  • Restart the kubelet on the problematic node:

systemctl restart kubelet

• Check kubelet logs for errors.
• CNI Plugin Issues:
  • If using a CNI plugin, check its logs for errors.
  • Restart the CNI plugin if necessary.

1. Node Draining and Uncordoning:

• If the node is cordoned (marked as unschedulable), uncordon it to allow new pods to be scheduled:

kubectl uncordon <node-name>

• If the node is drained (evacuated of pods), ensure that it is no longer drained:

bash kubectl uncordon <node-name>

1. Node Reboot:

• In some cases, a simple reboot of the node might resolve issues.

1. Update/Upgrade:

• Upgrading or reinstalling components can resolve issues.

1. Manual Remediation:

• If the node is still not recovering, you might need to take more drastic measures, such as removing and re-adding the node to the cluster.

Thanks…