CKA Important Questions

CKA Important Questions
Q1. Question on RBAC


– Create a service-account (name-given-in-exam) in namespace (name-given-in-exam)

– create a clusterrole which has access to create resources like deployments,statefulsets,deamonsets etc.

– Bind that service account with cluster role using clusterrolebinding.

Q2. Upgarde kubernetes cluster from version 1.22.1 to 1.22.2 using kubeadm tool


* It is exepected that we upgarde kubelet and kubectl as well.

* It is given to upgrade only master node.

* Make sure to get root access of the node which is asked to upgrade.

Read Also-Top Jenkins Interview Questions For Freshers:

Q3. Make a particular node unavailable by rescheduling pods inside it to another node.


Q4. Take the backup of current etcd cluster to a DB file (file path given in exam) and restore the cluster with already given file. cacert, cert and key file path are given in exam.


Q5. Schedule the pod on the particular node <name-given-in-exam> using nodeSelector.


Q6. Scale the given deployment <name-given-in-exam> to 5 replicas.


Q7. Create a ingress resource for a given service named “hi”. Port and service name is given in the Exam.


* It should print the output as “hi” after running the curl command

$ curl -Iv <int-ip>/hi

output:- hi

Q8. Create a networkpolicy that allows pods in <namespace_1> to access port 8080 from <namespace_2>


* Make sure to cover all the conditions given by creating network policy.

* Create a ingress policy with port and limited to namespace <name-given-in-exam> and pods <name-given-in-exam>

* Make sure the NetworkPolicy does not allow port other than 8080 and does not allow pods from any other namespace except <namespace_2>

Q9. Create a persistent volume of 10Gi using hostpath given exam.


Q10. Create a persistent volumeclaim using given specifications of size 10Mi and storageclass . Create the persistentvolumeclaim to mount the volume to a pod to specified path And resize the volume to 70Mi using “kubectl edit” or “kubectl patch” command


Q11. Expose the Deployment


* Modify the deployment and set the http port 80 to the container.

* Create a service <name-given-in-exam> to expose the http port 80.

* Configure the service to expose the individual pods using NodePort on the node itself where they are running.

Q12 Identify which pod is consuming most CPU with filter < Given in Exam>. and Redirect the name of the pod to a file location <file-location-path>


Q13 Logging architecture.


* One app pod called monitor is deployed.

* Add sidecar container inside monitor pod which will execute the command – /bin/sh -c “tail -n+1 -f /var/log/big-app.log”

* Make sure you use given volume mount to a pod.

Q14. Another one on Logging


* Pod is deployed

* Find the logs of particular error and redirect it to a given file

Q15. Identify which nodes has taint applied as NoSchedule and write the remaining number of nodes to a file


Q16. Run 2 container with images (nginx + redis) in a single pod name it as multi-container.


Here’s an example YAML manifest for a pod named “multi-container” with Nginx and Redis containers:

apiVersion: v1
kind: Pod
  name: multi-container
  - name: nginx-container
    image: nginx:latest
    - containerPort: 80

  - name: redis-container
    image: redis:latest
    - containerPort: 6379

In this example:

  • The first container is named “nginx-container” and uses the Nginx image. It exposes port 80.
  • The second container is named “redis-container” and uses the Redis image. It exposes port 6379.

Save this YAML manifest to a file, for example, multi-container-pod.yaml, and create the pod using the kubectl apply command:

kubectl apply -f multi-container-pod.yaml

This will create a pod named “multi-container” with both Nginx and Redis containers running inside.

To access the containers, you can use the kubectl exec command. For example, to access the Nginx container:

kubectl exec -it multi-container -c nginx-container -- /bin/bash

And to access the Redis container:

kubectl exec -it multi-container -c redis-container -- /bin/sh

Replace multi-container with the actual name of your pod.

Q17. In a cluster one node is NotReady. We are exepected to bring back that node to Ready state.


To troubleshoot and bring back a Kubernetes node to the “Ready” state when it is in the “NotReady” state, you can follow these general steps:

  1. Identify the Issue:
  • Check the node’s status and details:
kubectl get nodes kubectl describe node <node-name>
  • Examine the logs on the problematic node:
 kubectl logs <node-name>
  • Check the system logs for any relevant information:
bash journalctl -u kubelet
  1. Common Issues and Solutions:
  • Network Issues:
    • Ensure that the node has network connectivity.
    • Check if there are any issues with the network plugin (e.g., Flannel, Calico).
  • Resource Exhaustion:
    • Check if the node is running out of resources (CPU, memory, disk).
    • Review the resource usage on the node.
  • Kubelet Issues:
    • Restart the kubelet on the problematic node:
systemctl restart kubelet
  • Check kubelet logs for errors.
  • CNI Plugin Issues:
    • If using a CNI plugin, check its logs for errors.
    • Restart the CNI plugin if necessary.
  1. Node Draining and Uncordoning:
  • If the node is cordoned (marked as unschedulable), uncordon it to allow new pods to be scheduled:
kubectl uncordon <node-name>
  • If the node is drained (evacuated of pods), ensure that it is no longer drained:
bash kubectl uncordon <node-name>
  1. Node Reboot:
  • In some cases, a simple reboot of the node might resolve issues.
  1. Update/Upgrade:
  • Upgrading or reinstalling components can resolve issues.
  1. Manual Remediation:
  • If the node is still not recovering, you might need to take more drastic measures, such as removing and re-adding the node to the cluster.


Mahesh Wabale
Latest posts by Mahesh Wabale (see all)

Leave a Comment