50 Questions for CKAD and CKA exam
Subodh D
Posted on February 2, 2021
This a list of questions you can practice for CKAD/CKA exams. These questions will cover most of the concepts in the CNCF curriculum for CKAD/CKA exams.
You can check out my other blog post where I have listed the resources where you can practice these questions and some educative material for exam preparations:
How to prepare for the CKAD exam
You can also follow this repository for further updates:
https://github.com/subodh-dharma/ckad
Questions
You can time yourself when practicing these questions. Here is a timer for you.
Create a new pod with the
nginx
image.Create a new pod with the name
redis
and with the imageredis:1.99
.Identify the problem with the pod.
Rectify the problem with the pod and wait until the pod is ready and healthy.
Create a new replicaset
rs-1
using imagenginx
with labelstier:frontend
and selectors astier:frontend
. Create 3 replicas for the same.Scale the above replicaset to 5 replicas.
Update the image of the above replicaset to use
nginx:alpine
image.Scale down the replicaset to 2 replicas.
Create a new deployment
deploy-1
using imagebusybox
with 3 replicas and commandsleep 3600
.Update the image of the above deployment with image
ubuntu
.Create a namespace
finance
.Create a pod
redis01
using image redis in thefinance
namespace.Deploy a
redis02
pod using theredis:alpine
image with the labels set totier=db
.Create a service
redis-service
to expose theredis02
application within the cluster on port 6379.Create a new pod called
custom-nginx
using thenginx
image and expose it on container port 8080.Create a pod called
httpd
using the imagehttpd:alpine
in the default namespace. Next, create a service of type ClusterIP by the same name (httpd). The target port for the service should be 80.Create a pod with the
ubuntu
image to run a container to sleep for 5000 seconds.Create a new ConfigMap for the
webapp-color
pod. Set key-value pairs asCOLOR=blue
.Create a deployment
nginx01
using nginx image, which has environment variable CREATED_BY with valueoctocat
.Verify the environment variable in the containers of the above deployment.
Create a new config map
db-config
with key-value pairs as:
a] db-host = "localhost.example.com"
b] db-port = 3306
c] db-name = "kubernetes-objects"Mount the config map
db-config
in the deploymentubuntu01
with imageubuntu
which has 2 replicas.-
Create a deployment named
multi-con-01
, which has two containers, one container usesnginx
image and has port 80 exposed. Mount the config mapdb-config
as environment variable. Create the second container in the same deployment with imageubuntu
, keep the container alive using the commandsleep 5000
and mount the config map indb-config
with different keys where the new keys are mapped as:- db-host --> DB_URL
- db-port --> DB_PORT
- db-name --> DB_NAME
-
Create an opaque secret named
db-creds
with following key value pairs:- db_user=root
- db_password=pass404
- db_role=admin
Mount the secret
db-creds
in the deploymentmulti-con-01
[created in (23)] as environment variables in the ubuntu container with the same keys as mentioned in the secret.Create a pod
ubuntu02
with imageubuntu
and run the commandsleep 3400
as user 1001.Create a pod
ubuntu03
with imageubuntu
and add capabilities for SYS_TIME to each container. Run the commanddate -s '01JAN 2020 10:00:00
to verify if it is successful.Taint one of the worker nodes in your cluster with the following property,
mode=maintainance:NoSchedule
. Create a podnginx02
with imagenginx:alpine
and ensure the pod runs on the tainted node as above.
Hint: You might want to use tolerations and nodeselectors both in case you have multiple worker nodes..Create a pod
box0
with imagebusybox
and commandsleep 30; touch /tmp/debug; sleep 30; rm /tmp/debug
. The pod should not be ready until the file /tmp/debug is available in the pod. If the file doesn't exist, the pod must restart.Create a pod
nginx03
with imagenginx
, make sure the server is up and running every 10 seconds. The nginx server ideally takes 30 seconds to warm up so ensure that there are no false negatives when reporting the health of the pod.
Note: Nginx runs on port 80..This is a multistage problem:
a] Create a deploymentdeploy01
with imagenginx
with port 80 exposed.
b] Update the deployment with imagenginx:dev
and make sure you record the execution of this action.
c] If the deployment in step b is unsuccessful, rollback the deployment to the previous state by setting any fields explicitly.
d] If the nginx deployment is in a healthy state, scale the deployment to run 3 replicas, also record this execution for audit-keeping.
e] Display the history of deploymentdeploy-01
and store it in file /opt/answers/31.txt.Create a job that will roll a dice using image
kodekloud/throw-dice
. The image generates a random number between 1 and 6 and exits. It is a success only if it is a 6 else it is a failure. Check how many times it takes the job to trigger to get a successful outcome.Create a job with the above image to generate 8 successful outcomes. Also, ensure that the job will attempt no more than 15 attempts and see if the job is successful. You can add an element of 3 parallel executions if required.
Create a scheduled job such that it runs every minute. Use the image
kodekloud/throw-dice
to check the outcome.Create a Persistent Volume
deploy-history
which makes the storage available on each worker nodes at /tmp/deployment. Make sure it has the default provisioner of your cluster assigned. Label the Persistent Volume withaudit: true
,tier: middleware
. The persistent volume must have a capacity of 2 GB.Create a Persistent Volume
persistent-data
which uses a storage class namepersistent
and is of type hostPath which stores the data on /tmp/persistent on worker nodes. The persistent volume must have a capacity of 2 GB.Create a Persistent Volume
my-personal-data
which uses a storage class namepersistent
and is of type hostPath which stores the data on /tmp/pii on worker nodes. The persistent volume must have a capacity of 2 GB. Since this will store personal data, make sure you can identify the persistent volume using the labelssecurity: high
,type: pii
,audit: true
.Create a Persistent Volume Claim to bind to persistent volume which uses storage class
persistent
and requests 2 GB capacity.Create a Persistent Volume Claim to bind to a PV which ensures that the personal and private data is secure. Ensure that this PVC will bind to a PV of type
pii
.Create a PVC such that it will bind to a PV that is qualified for middleware applications.
Create a deployment
deploy02
with image busybox, mount one of the PVC from above such that it will store logs in the/tmp/deployment
directory. The containers of the deployment must:
a] Create a file in /tmp/deployment with the same name as the pod name with .txt extension.
b] Run the commandi=0; while true; do; echo "$i $(date)" >> /tmp/deployment/<podname>.txt && sleep 60 ; done
to the log file.
Hint: You can use init-containers, environment variables to achieve this.
c] Ensure there are 5 replicas of the deployment.
d] Ensure you can see the log files created and populated with data in /tmp/deployment directory on the scheduled worker nodes.Create two deployments i.e.
nginx04
andredis04
using images nginx and redis respectively with 3 replicas. Your goal is to ensure that:
a] each worker node must not have 2 or more nginx04 pods.
b] each worker node that has a nginx04 pod must have a redis04 pod scheduled on the same node.
Hint: Use pod affinity and anti-affinity to ensure the above scneario.-
Create 3 pods
nginx05
,redis05
, andhttpd05
with imagesnginx
,redis
, andhttpd
respectively. Attach a sidecar debug container of imagebusybox
to each of them. The security team has enforced the application team to limit the communication between unnecessary pods. Ensure that only the following communication is allowed between pods:
a] Allow:1. nginx05 <--> redis05 2. nginx05 <--> httpd05
b] Deny:
1. httpd05 <-/-> redis05 2. redis05 <-/-> rest of the world 3. nginx05 <-/-> the rest of the world
Identify a possible information flow in this system. Write the information flow in the format
End-User::Pod1::Pod2::Pod3
. Create an application stack from this source link. Apply the network policy from this source link. Identify whether the network policy applied is correct or not. If not, update the desired network policy. If any network policy was updated, write the updated policy in /opt/44_netpol.yaml.
A developer started a pod
calculus
with imagebusybox
which performs the calculationi=0; while true; do a=$(( i*i+i )); echo $a; i=$(( i+1 )); done
. But later realized that this is not a reliable way to start a calculation-intensive pod. The developer decided to use a replicaset instead. But with the current pod running it would ruin all the calculations done so far. Can you help the developer to ensure that a replicaset can be created and the existing pod can become a part of this replicaset without any downtime. Store the manifest file of the replica set in /opt/45_rs.yaml and at the beginning add a comment describing in one line what strategy was implemented to achieve this.Create a deployment
deploy03
that uses imagenginx:v2
. The container name must benginx
. Check if the deployment is successful. Now delete the deployment. Get the events associated with the deploymentdeploy03
and pods created by the deployment and store them in a file located at /opt/answers/46_events.txt-
Create a configmap
devconfig
that has configuration data as follows:-
sdk.cfg:
path: /etc/sdk/ version: v2 auth: token
language:
golang:1.15
Create a pod
devbox
with imagebusybox
such that it projects the contents indevconfig
. Project sdk.cfg on path/var/dev-sdk/config/sdk.cfg
and language on path/var/dev-sdk/lang/golang/version/value.txt
. -
Create a pod
pod01
with imagebusybox
such that it requests for 100m of cpu and 50Mi of memory and the resources allocated are expandable to a limit of 200m of cpu and 250 Mi of memory. Try to create a pod using imperative command only.A stateful-set problem:
a. Create a stateful set for a middleware application namedmiddleware
that uses imagenginx
. Ensure that the stateful set has 3 replicas and has a persistent storage such that it uses PVC with a storage of 1 Gi mounted on worker nodes host path at /tmp/middleware/storage. Mount the storage on/var/www/html
. Create a init-container in the stateful set with imagebusybox
to create an index.html at /var/www/html. The contents of the index.html can be generated using the commandecho "From middleware application" > /var/www/html/index.html
. Expose the stateful set through a headless servicemiddleware-svc
.
b. Create a temporary pod with imagebusybox
to check if you can access nginx service. Try accessing the service with the headless service and pod names (not ips).Create a deployment
stressor
with imagepolinux/stress
. Execute the deployment with command stress and arguments--cpu 4 --timeout 180
. Enable autoscaling for this deployment with a cpu limit of 75%. Get the autoscale management object and store it in /opt/answers/50_autoscale.yaml fileDelete all the resources. 😉
I am hoping to come up with a document with solutions to these questions. If you need a solution for any specific problem or encounter a problem with any question feel free to reach out to me in the comments or open an issue in this GitHub repo: https://github.com/subodh-dharma/ckad
All the best for your exams!
References
Some of the questions are inspired from
- Mumshad Mannambeth's Udemy Course -- Course Link
Cover Image: Photo by Andrew Neel on Unsplash
Posted on February 2, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.