Subodh D's Blog

50 Questions for CKAD and CKA exam preparation

50 Questions for CKAD and CKA exam preparation

Subodh D's photo
Subodh D
·

16 min read

Photo by Andrew Neel on Unsplash

50 Questions for CKAD and CKA exam preparation

This a list of questions you can practice for CKAD/CKA exams. These questions will cover most of the concepts in the CNCF curriculum for CKAD/CKA exams.

You can check out my other blog post where I have listed the resources where you can practice these questions and some educative material for exam preparations:

How to prepare for the CKAD exam

Questions

You can time yourself when practicing these questions. Here is a timer for you.

  1. Create a new pod with the nginx image.

  2. Create a new pod with the name redis and with the image redis:1.99.

  3. Identify the problem with the pod.
  4. Rectify the problem with the pod and wait until the pod is ready and healthy.
  5. Create a new replicaset rs-1 using image nginx with labels tier:frontend and selectors as tier:frontend. Create 3 replicas for the same.
  6. Scale the above replicaset to 5 replicas.
  7. Update the image of the above replicaset to use nginx:alpine image.
  8. Scale down the replicaset to 2 replicas.
  9. Create a new deployment deploy-1 using image busybox with 3 replicas and command sleep 3600.
  10. Update the image of the above deployment with image ubuntu.
  11. Create a namespace finance.
  12. Create a pod redis01 using image redis in the finance namespace.
  13. Deploy a redis02 pod using the redis:alpine image with the labels set to tier=db.
  14. Create a service redis-service to expose the redis02 application within the cluster on port 6379.
  15. Create a new pod called custom-nginx using the nginx image and expose it on container port 8080.
  16. Create a pod called httpd using the image httpd:alpine in the default namespace. Next, create a service of type ClusterIP by the same name (httpd). The target port for the service should be 80.
  17. Create a pod with the ubuntu image to run a container to sleep for 5000 seconds.
  18. Create a new ConfigMap for the webapp-color pod. Set key-value pairs as COLOR=blue.
  19. Create a deployment nginx01 using nginx image, which has environment variable CREATED_BY with value octocat.
  20. Verify the environment variable in the containers of the above deployment.
  21. Create a new config map db-config with key-value pairs as: a] db-host = "localhost.example.com" b] db-port = 3306 c] db-name = "kubernetes-objects"
  22. Mount the config map db-config in the deployment ubuntu01 with image ubuntu which has 2 replicas.
  23. Create a deployment named multi-con-01, which has two containers, one container uses nginx image and has port 80 exposed. Mount the config map db-config as environment variable. Create the second container in the same deployment with image ubuntu, keep the container alive using the command sleep 5000 and mount the config map in db-config with different keys where the new keys are mapped as:
    • db-host --> DB_URL
    • db-port --> DB_PORT
    • db-name --> DB_NAME
  24. Create an opaque secret named db-creds with following key value pairs:
    • db_user=root
    • db_password=pass404
    • db_role=admin
  25. Mount the secret db-creds in the deployment multi-con-01 [created in (23)] as environment variables in the ubuntu container with the same keys as mentioned in the secret.
  26. Create a pod ubuntu02 with image ubuntu and run the command sleep 3400 as user 1001.
  27. Create a pod ubuntu03 with image ubuntu and add capabilities for SYS_TIME to each container. Run the command date -s '01JAN 2020 10:00:00 to verify if it is successful.
  28. Taint one of the worker nodes in your cluster with the following property, mode=maintainance:NoSchedule. Create a pod nginx02 with image nginx:alpine and ensure the pod runs on the tainted node as above. Hint: You might want to use tolerations and nodeselectors both in case you have multiple worker nodes..
  29. Create a pod box0 with image busybox and command sleep 30; touch /tmp/debug; sleep 30; rm /tmp/debug. The pod should not be ready until the file /tmp/debug is available in the pod. If the file doesn't exist, the pod must restart.
  30. Create a pod nginx03 with image nginx, make sure the server is up and running every 10 seconds. The nginx server ideally takes 30 seconds to warm up so ensure that there are no false negatives when reporting the health of the pod. Note: Nginx runs on port 80..
  31. This is a multistage problem: a] Create a deployment deploy01 with image nginx with port 80 exposed. b] Update the deployment with image nginx:dev and make sure you record the execution of this action. c] If the deployment in step b is unsuccessful, rollback the deployment to the previous state by setting any fields explicitly. d] If the nginx deployment is in a healthy state, scale the deployment to run 3 replicas, also record this execution for audit-keeping. e] Display the history of deployment deploy-01 and store it in file /opt/answers/31.txt.
  32. Create a job that will roll a dice using image kodekloud/throw-dice. The image generates a random number between 1 and 6 and exits. It is a success only if it is a 6 else it is a failure. Check how many times it takes the job to trigger to get a successful outcome.
  33. Create a job with the above image to generate 8 successful outcomes. Also, ensure that the job will attempt no more than 15 attempts and see if the job is successful. You can add an element of 3 parallel executions if required.
  34. Create a scheduled job such that it runs every minute. Use the image kodekloud/throw-dice to check the outcome.
  35. Create a Persistent Volume deploy-history which makes the storage available on each worker nodes at /tmp/deployment. Make sure it has the default provisioner of your cluster assigned. Label the Persistent Volume with audit: true, tier: middleware. The persistent volume must have a capacity of 2 GB.
  36. Create a Persistent Volume persistent-data which uses a storage class name persistent and is of type hostPath which stores the data on /tmp/persistent on worker nodes. The persistent volume must have a capacity of 2 GB.
  37. Create a Persistent Volume my-personal-data which uses a storage class name persistent and is of type hostPath which stores the data on /tmp/pii on worker nodes. The persistent volume must have a capacity of 2 GB. Since this will store personal data, make sure you can identify the persistent volume using the labels security: high, type: pii, audit: true.
  38. Create a Persistent Volume Claim to bind to persistent volume which uses storage class persistent and requests 2 GB capacity.
  39. Create a Persistent Volume Claim to bind to a PV which ensures that the personal and private data is secure. Ensure that this PVC will bind to a PV of type pii.
  40. Create a PVC such that it will bind to a PV that is qualified for middleware applications.
  41. Create a deployment deploy02 with image busybox, mount one of the PVC from above such that it will store logs in the /tmp/deployment directory. The containers of the deployment must: a] Create a file in /tmp/deployment with the same name as the pod name with .txt extension. b] Run the command i=0; while true; do; echo "$i $(date)" >> /tmp/deployment/<podname>.txt && sleep 60 ; done to the log file. Hint: You can use init-containers, environment variables to achieve this. c] Ensure there are 5 replicas of the deployment. d] Ensure you can see the log files created and populated with data in /tmp/deployment directory on the scheduled worker nodes.
  42. Create two deployments i.e. nginx04 and redis04 using images nginx and redis respectively with 3 replicas. Your goal is to ensure that: a] each worker node must not have 2 or more nginx04 pods. b] each worker node that has a nginx04 pod must have a redis04 pod scheduled on the same node. Hint: Use pod affinity and anti-affinity to ensure the above scneario.

  43. Create 3 pods nginx05, redis05, and httpd05 with images nginx, redis, and httpd respectively. Attach a sidecar debug container of image busybox to each of them. The security team has enforced the application team to limit the communication between unnecessary pods. Ensure that only the following communication is allowed between pods: a] Allow:

        1. nginx05 <--> redis05
    2. nginx05 <--> httpd05

    b] Deny: 

        1. httpd05 <-/-> redis05
    2. redis05 <-/-> rest of the world
    3. nginx05 <-/-> the rest of the world

    Identify a possible information flow in this system. Write the information flow in the format End-User::Pod1::Pod2::Pod3.

  44. Create an application stack from this source link. Apply the network policy from this source link. Identify whether the network policy applied is correct or not. If not, update the desired network policy. If any network policy was updated, write the updated policy in /opt/44_netpol.yaml.
  45. A developer started a pod calculus with image busybox which performs the calculation i=0; while true; do a=$(( i*i+i )); echo $a; i=$(( i+1 )); done. But later realized that this is not a reliable way to start a calculation-intensive pod. The developer decided to use a replicaset instead. But with the current pod running it would ruin all the calculations done so far. Can you help the developer to ensure that a replicaset can be created and the existing pod can become a part of this replicaset without any downtime. Store the manifest file of the replica set in /opt/45_rs.yaml and at the beginning add a comment describing in one line what strategy was implemented to achieve this.
  46. Create a deployment deploy03 that uses image nginx:v2. The container name must be nginx. Check if the deployment is successful. Now delete the deployment. Get the events associated with the deployment deploy03 and pods created by the deployment and store them in a file located at /opt/answers/46_events.txt

  47. Create a configmap devconfig that has configuration data as follows:

    1. sdk.cfg: 
       path: /etc/sdk/
 version: v2
 auth: token
    2. language: golang:1.15

    Create a pod devbox with image busybox such that it projects the contents in devconfig. Project sdk.cfg on path /var/dev-sdk/config/sdk.cfg and language on path /var/dev-sdk/lang/golang/version/value.txt.

  48. Create a pod pod01 with image busybox such that it requests for 100m of cpu and 50Mi of memory and the resources allocated are expandable to a limit of 200m of cpu and 250 Mi of memory. Try to create a pod using imperative command only.
  49. A stateful-set problem: a. Create a stateful set for a middleware application named middleware that uses image nginx. Ensure that the stateful set has 3 replicas and has a persistent storage such that it uses PVC with a storage of 1 Gi mounted on worker nodes host path at /tmp/middleware/storage. Mount the storage on /var/www/html. Create a init-container in the stateful set with image busybox to create an index.html at /var/www/html. The contents of the index.html can be generated using the command echo "From middleware application" > /var/www/html/index.html. Expose the stateful set through a headless service middleware-svc. b. Create a temporary pod with image busybox to check if you can access nginx service. Try accessing the service with the headless service and pod names (not ips).
  50. Create a deployment stressor with image polinux/stress. Execute the deployment with command stress and arguments --cpu 4 --timeout 180. Enable autoscaling for this deployment with a cpu limit of 75%. Get the autoscale management object and store it in /opt/answers/50_autoscale.yaml file
  51. Delete all the resources. :wink:

I am hoping to come up with a document with solutions to these questions. If you need a solution for any specific problem or encounter a problem with any question feel free to reach out to me in the comments or open an issue in this GitHub repo: github.com/subodh-dharma/ckad

All the best for your exams!

References

Some of the questions are inspired from

KubernetesCertificationk8sbest practices