LinuxFoundation.CKA.v2023-03-27.

q73

Exam Code: CKA

Exam Name: Certified Kubernetes Administrator (CKA) Program Exam
Certification Provider: Linux Foundation
Free Question Number: 73
Version: v2023-03-27
# of views: 113
# of Questions views: 730
https://www.freecram.net/torrent/LinuxFoundation.CKA.v2023-03-27.q73.html

NEW QUESTION: 1
Score: 4%

Context
You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a
specific ServiceAccount scoped to a specific namespace.
Task
Create a new ClusterRole named deployment-clusterrole, which only allows to create the
following resource types:
* Deployment
* StatefulSet
* DaemonSet
Create a new ServiceAccount named cicd-token in the existing namespace app-team1.
Bind the new ClusterRole deployment-clusterrole lo the new ServiceAccount cicd-token , limited
to the namespace app-team1.
Answer:
Solution:
Task should be complete on node k8s -1 master, 2 worker for this connect use command
[student@node-1] > ssh k8s
kubectl create clusterrole deployment-clusterrole --verb=create --
resource=deployments,statefulsets,daemonsets kubectl create serviceaccount cicd-token --
namespace=app-team1 kubectl create rolebinding deployment-clusterrole --
clusterrole=deployment-clusterrole --serviceaccount=default:cicd-token --namespace=app-team1

NEW QUESTION: 2
From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name
of the pod consuming most CPU to the file /opt/KUTR00102/KUTR00102.txt (which already
exists).
Answer:
solution
NEW QUESTION: 3
List all the pods sorted by created timestamp
Answer:
kubect1 get pods--sort-by=.metadata.creationTimestamp

NEW QUESTION: 4
Check to see how many worker nodes are ready (not including nodes tainted NoSchedule) and
write the number to /opt/KUCC00104/kucc00104.txt.
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 5
Pause the rollout of the deployment
Answer:
kubectl rollout pause deploy webapp

NEW QUESTION: 6
Score: 5%

Task
From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name
of the pod consuming most CPU to the file /opt/KUTR00401/KUTR00401.txt (which already
exists).
Answer:
Solution:
kubectl top -l name=cpu-user -A
echo 'pod name' >> /opt/KUT00401/KUT00401.txt

NEW QUESTION: 7
Get IP address of the pod - "nginx-dev"
Answer:
See the solution below.
Explanation
Kubect1 get po -o wide
Using JsonPath
kubect1 get pods -o=jsonpath='{range
items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'

NEW QUESTION: 8
Delete the pod without any delay (force delete)
Answer:
Kubect1 delete po "POD-NAME" --grace-period=0 --force

NEW QUESTION: 9
Create a pod that having 3 containers in it? (Multi-Container)
Answer:
See the solution below.
Explanation
image=nginx, image=redis, image=consul
Name nginx container as "nginx-container"
Name redis container as "redis-container"
Name consul container as "consul-container"
Create a pod manifest file for a container and append container
section for rest of the images
kubectl run multi-container --generator=run-pod/v1 --image=nginx --
dry-run -o yaml > multi-container.yaml
# then
vim multi-container.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
run: multi-container
name: multi-container
spec:
containers:
- image: nginx
name: nginx-container
- image: redis
name: redis-container
- image: consul
name: consul-container
restartPolicy: Always

NEW QUESTION: 10
A. nit-cfg bit is an incorrect filename the correct filename should be init-ofg.xml
B. There must be commas between the parameter names and their values instead of the equal
symbols
C. The USB must be formatted using the ext4 file system
D. The bootstrap.xml file is a required file, but it is missing
E. The USB drive has been formatted with an unsupported file system
Answer: (SHOW ANSWER)

NEW QUESTION: 11
Create a pod that echo "hello world" and then exists. Have the pod deleted automatically when
it's completed
Answer:
kubectl run busybox --image=busybox -it --rm --restart=Never --
/bin/sh -c 'echo hello world'
kubectl get po # You shouldn't see pod with the name "busybox"

NEW QUESTION: 12
Create a pod as follows:
Name: mongo
Using Image: mongo
In a new Kubernetes namespace named: my-website
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\9 B.JPG

NEW QUESTION: 13
Create a nginx pod with label env=test in engineering namespace
Answer:
See the solution below.
Explanation
kubectl run nginx --image=nginx --restart=Never --labels=env=test --namespace=engineering --
dry-run -o yaml > nginx-pod.yaml kubectl run nginx --image=nginx --restart=Never --
labels=env=test --namespace=engineering --dry-run -o yaml | kubectl create -nengineering-f -
YAML File:
apiVersion: v1
kind: Pod
metadata:
name: nginx
namespace: engineering
labels:
env: test
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
restartPolicy: Never
kubectl create -f nginx-pod.yaml

NEW QUESTION: 14
Score: 7%

Task
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo.
Ensure that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000 of
Pods in namespace echo.
Further ensure that the new NetworkPolicy:
* does not allow access to Pods, which don't listen on port 9000
* does not allow access from Pods, which are not in namespace my-app
Answer:
Solution:
#network.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-port-from-namespace
namespace: internal
spec:
podSelector:
matchLabels: {
}
policyTypes:
- Ingress
ingress:
- from:
- podSelector: {
}
ports:
- protocol: TCP
port: 8080
#spec.podSelector namespace pod
kubectl create -f network.yaml

NEW QUESTION: 15
Perform the following tasks:
Add an init container to hungry-bear defined in spec file
/opt/KUCC00108/pod-spec-KUC
The init container should create /workdir/calm.txt
If /workdir/calm.txt is not
Once the spec file has been definition, the pod should be created
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 D.JPG

NEW QUESTION: 16
Create a pod as follows:
Name: non-persistent-redis
container Image: redis
Volume with name: cache-control
Mount path: /data/redis
The pod should launch in the staging be persistent.
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\13 D.JPG
 Valid CKA Dumps shared by PassTestKing.com for Helping Passing CKA Exam!
PassTestKing.com now offer the newest CKA exam dumps, the PassTestKing.com CKA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com CKA dumps with Test Engine here: https://www.passtestking.com/Linux-
Foundation/CKA-practice-exam-dumps.html (68 Q&As Dumps, 35%OFF Special Discount
Code: freecram)

NEW QUESTION: 17
Create a file:
/opt/KUCC00302/kucc00302.txt that lists all pods that implement service baz in namespace
development.
The format of the file should be one pod name per line.
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\11 D.JPG

NEW QUESTION: 18
Score: 7%

Task
Create a new nginx Ingress resource as follows:
* Name: ping
* Namespace: ing-internal
* Exposing service hi on path /hi using service port 5678

Answer:
Solution:
vi ingress.yaml
#
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ping
namespace: ing-internal
spec:
rules:
- http:
paths:
- path: /hi
pathType: Prefix
backend:
service:
name: hi
port:
number: 5678
#
kubectl create -f ingress.yaml

NEW QUESTION: 19
Create a Kubernetes secret as follows:
* Name: super-secret
* password: bob
Create a pod named pod-secrets-via-file, using the redis Image, which mounts a secret named
super-secret at
/secrets.
Answer:
Create a second pod named pod-secrets-via-env, using the redis Image, which exports password
as CONFIDENTIAL See the solution below.
Explanation
solution
NEW QUESTION: 20
Score: 4%
Task
Create a persistent volume with name app-data , of capacity 1Gi and access mode
ReadOnlyMany. The type of volume is hostPath and its location is /srv/app-data .
Answer:
Solution:
#vi pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: app-config
spec:
capacity:
storage: 1Gi
accessModes:
- ReadOnlyMany
hostPath:
path: /srv/app-config
#
kubectl create -f pv.yaml

NEW QUESTION: 21
Get the deployment rollout status
Answer:
kubectl rollout status deploy webapp

NEW QUESTION: 22
Change the Image version back to 1.17.1 for the pod you just updated and observe the changes
Answer:
kubectl set image pod/nginx nginx=nginx:1.17.1 kubectl describe po nginx kubectl get po nginx -w
# watch it

NEW QUESTION: 23
Perform the following tasks:
* Add an init container tohungry-bear(which has beendefined in spec file
/opt/KUCC00108/pod-spec-KUCC00108.yaml)
* The init container should createan empty file named/workdir/calm.txt
* If/workdir/calm.txtis notdetected, the pod should exit
* Once the spec file has beenupdatedwith the init containerdefinition, the pod should becreated
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 24
Get IP address of the pod - "nginx-dev"
A. Kubect1 get po -o wide
Using JsonPath
kubect1 get pods -o=jsonpath='{range
.items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'
B. Kubect1 get po -o wide
Using JsonPath
kubect1 get pods
.items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'
Answer: A (LEAVE A REPLY)

NEW QUESTION: 25
Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where
nginx also represents the Image name which has to be used. Do not override any taints currently
in place.
Use DaemonSet to complete this task and use ds-kusc00201 as DaemonSet name.
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 26
Given a partially-functioningKubernetes cluster, identifysymptoms of failure on the cluster.
Determine the node, the failingservice, and take actions to bring upthe failed service and restore
thehealth of the cluster. Ensure that anychanges are made permanently.
You cansshto the relevant Inodes (bk8s-master-0orbk8s-node-0) using:
[student@node-1] $ ssh<nodename>
You can assume elevatedprivileges on any node in thecluster with the followingcommand:
[student@nodename] $ | sudo -i
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 27
List all the pods sorted by created timestamp
Answer:
See the solution below.
Explanation
kubect1 get pods--sort-by=.metadata.creationTimestamp

NEW QUESTION: 28
Create an nginx pod with containerPort 80 and it should check the pod running at endpoint /
healthz on port 80 and verify and delete the pod.
A. kubectl run nginx --image=nginx --restart=Always --port=80 --
dry-run -o yaml > nginx-pod.yaml
// add the livenessProbe section and create
apiVersion: v1
kind: Pod
metadata:
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: nginx
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /healthz
port: 80
restartPolicy: Always
kubectl create -f nginx-pod.yaml
// verify
kubectl describe pod nginx | grep -i readiness
kubectl delete po nginx
B. kubectl run nginx --image=nginx --restart=Always --port=80 --
dry-run -o yaml > nginx-pod.yaml
// add the livenessProbe section and create
apiVersion: v1
kind: Pod
metadata:
labels:
containers:
- image: nginx
name: nginx
ports:
- containerPort: 60
livenessProbe:
httpGet:
path: /healthz
port: 60
restartPolicy: Always
kubectl create -f nginx-pod.yaml
// verify
kubectl describe pod nginx | grep -i readiness
kubectl delete po nginx
Answer: (SHOW ANSWER)

NEW QUESTION: 29
Score: 7%
Task
Create a new nginx Ingress resource as follows:
* Name: ping
* Namespace: ing-internal
* Exposing service hi on path /hi using service port 5678

Answer:
See the solution below.
Explanation
Solution:
vi ingress.yaml
#
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ping
namespace: ing-internal
spec:
rules:
- http:
paths:
- path: /hi
pathType: Prefix
backend:
service:
name: hi
port:
number: 5678
#
kubectl create -f ingress.yaml

NEW QUESTION: 30

Answer:
See the solution below.
Explanation
kubectl get po -all-namespaces > /opt/pods-list.yaml

NEW QUESTION: 31
Set the node namedek8s-node-1asunavailable and reschedule all thepods running on it.
Answer:
See the solution below.
Explanation
solution
 Valid CKA Dumps shared by PassTestKing.com for Helping Passing CKA Exam!
PassTestKing.com now offer the newest CKA exam dumps, the PassTestKing.com CKA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com CKA dumps with Test Engine here: https://www.passtestking.com/Linux-
Foundation/CKA-practice-exam-dumps.html (68 Q&As Dumps, 35%OFF Special Discount
Code: freecram)

NEW QUESTION: 32
Task Weight: 4%

Task
Scale the deployment webserver to 3 pods.
Answer:
Solution:

NEW QUESTION: 33
Create a deployment as follows:
Name: nginx-app
Using container nginx with version 1.11.10-alpine
The deployment should contain 3 replicas
Next, deploy the application with new version 1.11.13-alpine, by performing a rolling update.
Finally, rollback that update to the previous version 1.11.10-alpine.
Answer:
solution
NEW QUESTION: 34
List all service account and create a service account called "admin"
A. kubectl get sa
kubectl get sa --all-namespaces
//Verify
kubectl get sa admin -o yaml
B. kubectl get sa
kubectl get sa --all-namespaces
kubectl create sa admin
//Verify
kubectl get sa admin -o yaml
Answer: (SHOW ANSWER)

NEW QUESTION: 35
Check the Image version of nginx-dev pod using jsonpath
Answer:
kubect1 get po nginx-dev -o jsonpath='{.spec.containers[].image}{"\n"}'

NEW QUESTION: 36
Get the number of schedulable nodes and write to a file
/opt/schedulable-nodes.txt
A. kubectl get nodes -o jsonpath="{range
.items[*]}{.metadata.name}
{.spec.taints[?(@.effect=='NoSchedule')].effect}{\"\n\"}{end}"
| awk 'NF==1 {print $0}' > /opt/schedulable-nodes.txt
// Verify
cat /opt/schedulable-nodes.txt
B. kubectl get nodes -o jsonpath="{range
.items[*]}{.metadata.name}
{.spec.taints[?(@.effect=='NoSchedule')].effect}{\"\n\"}{end}"
| awk 'NF==11 {print $0}' > /opt/schedulable-nodes.txt
// Verify
cat /opt/schedulable-nodes.txt
Answer: (SHOW ANSWER)

NEW QUESTION: 37
Create a persistent volume with name app-data, of capacity 2Gi and access mode
ReadWriteMany. The type of volume is hostPath and its location is /srv/app-data.
Answer:
See the solution below.
Explanation
solution
Persistent Volume
A persistent volume is a piece of storage in a Kubernetes cluster. PersistentVolumes are a
cluster-level resource like nodes, which don't belong to any namespace. It is provisioned by the
administrator and has a particular file size. This way, a developer deploying their app on
Kubernetes need not know the underlying infrastructure. When the developer needs a certain
amount of persistent storage for their application, the system administrator configures the cluster
so that they consume the PersistentVolume provisioned in an easy way.
Creating Persistent Volume
kind: PersistentVolumeapiVersion: v1metadata: name: spec: capacity: # defines the capacity of
PV we are creating storage: 2Gi #the amount of storage we are tying to claim accessModes: #
defines the rights of the volume we are creating - ReadWriteMany " # path to which we are
creating the volume Challenge Create a Persistent Volume named ReadWriteMany, storage
classname shared, 2Gi of storage capacity and the host path
2. Save the file and create the persistent volume.
Image for post

3. View the persistent volume.

Our persistent volume status is available meaning it is available and it has not been mounted yet.
This status will change when we mount the persistentVolume to a persistentVolumeClaim.
PersistentVolumeClaim
In a real ecosystem, a system admin will create the PersistentVolume then a developer will create
a PersistentVolumeClaim which will be referenced in a pod. A PersistentVolumeClaim is created
by specifying the minimum size and the access mode they require from the persistentVolume.
Challenge
Create a Persistent Volume Claim that requests the Persistent Volume we had created above.
The claim should request 2Gi. Ensure that the Persistent Volume Claim has the same
storageClassName as the persistentVolume you had previously created.
kind: PersistentVolumeapiVersion: v1metadata: name:
spec:
accessModes: - ReadWriteMany
requests: storage: 2Gi
storageClassName: shared
2. Save and create the pvc
njerry191@cloudshell:~ (extreme-clone-2654111)$ kubect1 create -f app-data.yaml
persistentvolumeclaim/app-data created
3. View the pvc
Image for post

4. Let's see what has changed in the pv we had initially created.

Image for post

Our status has now changed from available to bound.

5. Create a new pod named myapp with image nginx that will be used to Mount the Persistent
Volume Claim with the path /var/app/config.
Mounting a Claim
apiVersion: v1kind: Podmetadata: creationTimestamp: null name: app-dataspec: volumes: -
name:congigpvc persistenVolumeClaim: claimName: app-data containers: - image: nginx name:
app volumeMounts: - mountPath: "/srv/app-data " name: configpvc

NEW QUESTION: 38
List all configmap and secrets in the cluster in all namespace and write it to a file /opt/configmap-
secret
Answer:
kubectl get configmap,secrets --all-namespaces > /opt/configmap-secret // Verify
Cat /opt/configmap-secret

NEW QUESTION: 39
Undo the deployment with the previous version and verify
everything is Ok
Answer:
kubectl rollout undo deploy webapp kubectl rollout status deploy webapp kubectl get pods

NEW QUESTION: 40

Answer:
solution
NEW QUESTION: 41
Create the service as type NodePort with the port 32767 for the nginx pod with the pod selector
app: my-nginx
Answer:
kubectl run nginx --image=nginx --restart=Never -- labels=app=nginx --port=80 --dry-run -o yaml >
nginx-pod.yaml

NEW QUESTION: 42
Create a job named "hello-job" with the image busybox which echos "Hello I'm running job"
A. kubectl create job hello-job --image=busybox --dry-run -o yaml
-- echo "Hello I'm running job" > hello-job.yaml
kubectl create -f hello-job.yaml
//Verify Job
kubectl get po
kubectl logs hello-job-*
B. kubectl create job hello-job --image=busybox --dry-run -o yaml
-- echo "Hello I'm running job" > hello-job.yaml
kubectl create -f hello-job.yaml
//Verify Job
kubectl get job
kubectl get po
kubectl logs hello-job-*
Answer: (SHOW ANSWER)

NEW QUESTION: 43
List all persistent volumes sorted by capacity, saving the full kubectl output
to /opt/KUCC00102/volume_list. Use kubectl 's own functionality for sorting the output, and do not
manipulate it any further.
Answer:
solution
NEW QUESTION: 44
Monitor the logs of pod foo and:
Extract log lines corresponding
unable-to-access-website
Write them to/opt/KULM00201/foo

Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 C.JPG

NEW QUESTION: 45
What is the maximum number of samples that can be submitted to WildFire manually per day?
A. 2,000
B. 1,000
C. 15,000
D. 5,000
Answer: (SHOW ANSWER)

NEW QUESTION: 46
Create an nginx pod and list the pod with different levels of verbosity
Answer:
// create a pod
kubectl run nginx --image=nginx --restart=Never --port=80
// List the pod with different verbosity
kubectl get po nginx --v=7
kubectl get po nginx --v=8
kubectl get po nginx --v=9

Valid CKA Dumps shared by PassTestKing.com for Helping Passing CKA Exam!
PassTestKing.com now offer the newest CKA exam dumps, the PassTestKing.com CKA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com CKA dumps with Test Engine here: https://www.passtestking.com/Linux-
Foundation/CKA-practice-exam-dumps.html (68 Q&As Dumps, 35%OFF Special Discount
Code: freecram)

NEW QUESTION: 47
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the
case, and perform any appropriate steps to bring the node to a state, ensuring that any changes
are made permanent.
You can ssh to the failed node using:
[student@node-1] $ | ssh Wk8s-node-0
You can assume elevated privileges on the node with the following command:
[student@w8ks-node-0] $ | sudo -i
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 E.JPG

NEW QUESTION: 48
Check the history of deployment
Answer:
kubectl rollout history deployment webapp

NEW QUESTION: 49
Score: 7%
Task
First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379, saving the
snapshot to /srv/data/etcd-snapshot.db.

Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previo us.db

Answer:
Solution:
#backup
ETCDCTL_API=3 etcdctl --endpoints="https://127.0.0.1:2379" --cacert=/opt/KUIN000601/ca.crt --
cert=/opt/KUIN000601/etcd-client.crt --key=/opt/KUIN000601/etcd-client.key snapshot
save /etc/data/etcd-snapshot.db
#restore
ETCDCTL_API=3 etcdctl --endpoints="https://127.0.0.1:2379" --cacert=/opt/KUIN000601/ca.crt --
cert=/opt/KUIN000601/etcd-client.crt --key=/opt/KUIN000601/etcd-client.key snapshot
restore /var/lib/backup/etcd-snapshot-previoys.db

NEW QUESTION: 50
Monitor the logs of pod foo and:
Extract log lines corresponding to error
unable-to-access-website
Write them to /opt/KULM00201/foo

Answer:
solution
NEW QUESTION: 51
Print pod name and start time to "/opt/pod-status" file
Answer:
See the solution below.
Explanation
kubect1 get pods -o=jsonpath='{range
items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'

NEW QUESTION: 52
Get list of all the nodes with labels
Answer:
kubectl get nodes --show-labels

NEW QUESTION: 53
Create a file:
/opt/KUCC00302/kucc00302.txt that lists all pods that implement service in namespace
development.
The format of the file should be one pod name per line.
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 54
What are the differences between using a service versus using an application for Security Policy
match?
A. Use of a "service" enables the firewall to take action after enough packets allow for App-ID
identification
B. Use of a "service" enables the firewall to take immediate action with the first observed packet
based on port numbers. Use of an application allows the firewall to take action after enough
packets allow for App-ID identification regardless of the ports being used
C. Use of a "service" enables the firewall to take immediate action with the first observed packet
based on port numbers. Use of an "application allows the firewall to take immediate action if the
port being used is a member of the application standard port list
D. There are no differences between "service" or "application." Use of an "application simplifies
configuration by allowing use of a friendly application name instead of port numbers.
Answer: (SHOW ANSWER)

NEW QUESTION: 55
Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where
nginx also represents the Image name which has to be used. Do not override any taints currently
in place.
Use DaemonSet to complete this task and use ds-kusc00201 as DaemonSet name.
Answer:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 E.JPG

NEW QUESTION: 56
Delete the above pod and create again from the same yaml file
and verifies there is no "test-file.txt" in the path /data/redis
(Since non-persistent storage "emptyDir" is used).
Answer:
kubectl delete pod test-redis kubectl create -f test-redis.yaml kubectl exec -it test-redis /bin/sh
cat /data/redis/file.txt // file doesn't exist

NEW QUESTION: 57
Score: 13%

Task
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the
case, and perform any appropriate steps to bring the node to a Ready state, ensuring that any
changes are made permanent.

Answer:
Solution:
sudo -i
systemctl status kubelet
systemctl start kubelet
systemctl enable kubelet

NEW QUESTION: 58
Create 2 nginx image pods in which one of them is labelled with env=prod and another one
labelled with env=dev and verify the same.
Answer:
See the solution below.
Explanation
kubectl run --generator=run-pod/v1 --image=nginx -- labels=env=prod nginx-prod --dry-run -o
yaml > nginx-prodpod.yaml Now, edit nginx-prod-pod.yaml file and remove entries like
"creationTimestamp: null"
"dnsPolicy: ClusterFirst"
vim nginx-prod-pod.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
env: prod
name: nginx-prod
spec:
containers:
- image: nginx
name: nginx-prod
restartPolicy: Always
# kubectl create -f nginx-prod-pod.yaml
kubectl run --generator=run-pod/v1 --image=nginx --
labels=env=dev nginx-dev --dry-run -o yaml > nginx-dev-pod.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
env: dev
name: nginx-dev
spec:
containers:
- image: nginx
name: nginx-dev
restartPolicy: Always
# kubectl create -f nginx-prod-dev.yaml
Verify :
kubectl get po --show-labels
kubectl get po -l env=prod
kubectl get po -l env=dev

NEW QUESTION: 59
Create a daemonset named "Prometheus-monitoring" using image=prom/Prometheus which runs
in all the nodes in the cluster. Verify the pod running in all the nodes
A. vim promo-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: prometheus-monitoring
spec:
selector:
matchLabels:
name: prometheus
template:
metadata:
labels:
name: prometheus
spec:
tolerations:
# remove it if your masters can't run pods
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: prometheus-container
image: prom/prometheus
volumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: varlog
emptyDir: {}
- name: varlibdockercontainers
emptyDir: {}
kubectl apply -f promo-ds.yaml
NOTE: Deamonset will get scheduled to "default" namespace, to
schedule deamonset in specific namespace, then add
"namespace" field in metadata
//Verify
kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE
AVAILABLE NODE SELECTOR AGE
prometheus-monitoring 6 6 0 6
0 <none> 7s
kubectl get no # To get list of nodes in the cluster
// There are 6 nodes in the cluster, so a pod gets scheduled to
each node in the cluster
B. vim promo-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: prometheus-monitoring
spec:
selector:
matchLabels:
name: prometheus
template:
metadata:
labels:
name: prometheus
spec:
tolerations:
# remove it if your masters can't run pods
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: prometheus-container
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: varlog
emptyDir: {}
- name: varlibdockercontainers
emptyDir: {}
kubectl apply -f promo-ds.yaml
NOTE: Deamonset will get scheduled to "default" namespace, to
schedule deamonset in specific namespace, then add
"namespace" field in metadata
//Verify
kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE
AVAILABLE NODE SELECTOR AGE
prometheus-monitoring 8 8 0 6
0 <none> 7s
kubectl get no # To get list of nodes in the cluster
// There are 6 nodes in the cluster, so a pod gets scheduled to
each node in the cluster
Answer: (SHOW ANSWER)

NEW QUESTION: 60

Answer:
kubectl get pods -o=jsonpath="{.items[*]['metadata.name' , 'metadata.namespace']}"

NEW QUESTION: 61
Create a deployment as follows:
* Name:nginx-random
* Exposed via a servicenginx-random
* Ensure that the service & podare accessible via theirrespective DNS records
* The container(s) within anypod(s) running as a part of thisdeployment should use
thenginxImage Next, use the utilitynslookupto lookup the DNS records of the service &pod and
write the output to
/opt/KUNW00601/service.dnsand/opt/KUNW00601/pod.dnsrespectively.
Answer:
See the solution below.
Explanation
Solution:
 Valid CKA Dumps shared by PassTestKing.com for Helping Passing CKA Exam!
PassTestKing.com now offer the newest CKA exam dumps, the PassTestKing.com CKA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com CKA dumps with Test Engine here: https://www.passtestking.com/Linux-
Foundation/CKA-practice-exam-dumps.html (68 Q&As Dumps, 35%OFF Special Discount
Code: freecram)

NEW QUESTION: 62
Create and configure the servicefront-end-serviceso it's accessiblethroughNodePortand routes to
theexisting pod namedfront-end.
Answer:
See the solution below.
Explanation
solution

NEW QUESTION: 63
Score: 5%
Task
Monitor the logs of pod bar and:
* Extract log lines corresponding to error
* Write them to /opt/KUTR00101/bar
Answer:
See the solution below.
Explanation
Solution:
kubectl logs bar | grep 'unable-to-access-website' > /opt/KUTR00101/bar cat /opt/KUTR00101/bar

NEW QUESTION: 64
Deploy a pod with image=redis on a node with label disktype=ssd
A. // Get list of nodes
kubectl get nodes
//Get node with the label disktype=ssd
kubectl get no -l disktype=ssd
// Create a sample yaml file
kubectl run node-redis --generator=run-pod/v1 --image=redis --dry
run -o yaml > test-redis.yaml
// Edit test-redis.yaml file and add nodeSelector
vim test-redis.yaml
apiVersion: v1
- name: node-redis
image: redis
imagePullPolicy: IfNotPresent
kubectl apply -f test-redis.yaml
/ // Verify
K kubectl get po -o wide
B. // Get list of nodes
kubectl get nodes
//Get node with the label disktype=ssd
kubectl get no -l disktype=ssd
// Create a sample yaml file
kubectl run node-redis --generator=run-pod/v1 --image=redis --dry
run -o yaml > test-redis.yaml
// Edit test-redis.yaml file and add nodeSelector
vim test-redis.yaml
apiVersion: v1
kind: Pod
metadata:
name: redis
spec:
nodeSelector:
disktype: ssd
containers:
- name: node-redis
image: redis
imagePullPolicy: IfNotPresent
kubectl apply -f test-redis.yaml
/ // Verify
K kubectl get po -o wide
Answer: (SHOW ANSWER)

NEW QUESTION: 65
On the NGFW, how can you generate and block a private key from export and thus harden your
security posture and prevent rogue administrators or other bad actors from misusing keys?
A. 1) Select Device > Certificate Management > Certificates Device > Certificates
2) Generate the certificate.
3) Select Block Private Key Export.
4) Click Generate to generate the new certificate.
B. 1) Select Device > Certificates
2) Select Certificate Profile
3) Generate the certificate
4) Select Block Private Key Export
C. 1) Select Device > Certificates
2) Select Certificate Profile.
3) Generate the certificate
4) Select Block Private Key Export.
D. 1) Select Device > Certificate Management > Certificates >Device > Certificates
2) Import the certificate.
3) Select Import Private Key
4) Click Generate to generate the new certificate.
Answer: (SHOW ANSWER)
NEW QUESTION: 66
Check to see how many worker nodes are ready (not including nodes tainted NoSchedule) and
write the number to /opt/KUCC00104/kucc00104.txt.
Answer:
solution
NEW QUESTION: 67
Set the node named ek8s-node-1 as unavailable and reschedule all the pods running on it.
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 68
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the
case, and perform any appropriate steps to bring the node to a Ready state, ensuring that any
changes are made permanent.
You can ssh to the failed node using:
[student@node-1] $ | ssh Wk8s-node-0
You can assume elevated privileges on the node with the following command:
[student@w8ks-node-0] $ | sudo -i
Answer:
solution
NEW QUESTION: 69
Task Weight: 4%

Task
Schedule a Pod as follows:
* Name: kucc1
* App Containers: 2
* Container Name/Images:
o nginx
o consul
Answer:
Solution:
NEW QUESTION: 70

Answer:
kubectl get pods -o=jsonpath="{.items[*]['metadata.name', 'metadata.namespace']}"

NEW QUESTION: 71
List "nginx-dev" and "nginx-prod" pod and delete those pods
Answer:
kubect1 get pods -o wide
kubectl delete po "nginx-dev" kubectl delete po "nginx-prod"
NEW QUESTION: 72
Schedule a pod as follows:
* Name: nginx-kusc00101
* Image: nginx
* Node selector: disk=ssd
Answer:
See the solution below.
Explanation
solution
NEW QUESTION: 73
Score: 4%
Task
Schedule a pod as follows:
* Name: nginx-kusc00401
* Image: nginx
* Node selector: disk=ssd
Answer:
See the solution below.
Explanation
Solution:
#yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-kusc00401
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
nodeSelector:
disk: spinning
#
kubectl create -f node-select.yaml

Valid CKA Dumps shared by PassTestKing.com for Helping Passing CKA Exam!
PassTestKing.com now offer the newest CKA exam dumps, the PassTestKing.com CKA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com CKA dumps with Test Engine here: https://www.passtestking.com/Linux-
Foundation/CKA-practice-exam-dumps.html (68 Q&As Dumps, 35%OFF Special Discount
Code: freecram)