[Feb-2022] CKA Certification with Actual Questions from Pass4training
Updated CKA Dumps PDF - CKA Real Valid Brain Dumps With 63 Questions!
Understanding of functional and technical aspects of Workloads & Scheduling
The following will be discussed in CNCF CKA dumps:
- Create a Kubernetes service to allow access to the application from outside the cluster
- Know how to scale applications
- Awareness of manifest management and common templating tools
- Set up a Kubernetes worker node
- Use Kubernetes to automatically provision persistent cloud storage volumes
- Expose Kubernetes applications via cloud load balancers
- Effectively manage Kubernetes clusters from the command-line
- Use ConfigMaps and Secrets to configure applications
- Describe methods for deploying Kubernetes clusters in the cloud
- Understand the primitives used to create robust, self-healing, application deployments
- Understand how resource limits can affect Pod scheduling
- Determine if it is a good idea to move a stateful application into Kubernetes
- Monitor and manage Kubernetes clusters using the Kubernetes Dashboard
- Understand deployments and how to perform rolling update and rollbacks
- Deploy a stateless application in a Kubernetes cluster
NEW QUESTION 29
Score: 13%
Task
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state, ensuring that any changes are made permanent.
Answer:
Explanation:
See the solution below.
Explanation
Solution:
sudo -i
systemctl status kubelet
systemctl start kubelet
systemctl enable kubelet
NEW QUESTION 30
List all configmap and secrets in the cluster in all namespace and write it to a file /opt/configmap-secret
Answer:
Explanation:
kubectl get configmap,secrets --all-namespaces > /opt/configmap-secret // Verify Cat /opt/configmap-secret
NEW QUESTION 31
Create a namespace called 'development' and a pod with image nginx called nginx on this namespace.
Answer:
Explanation:
kubectl create namespace development kubectl run nginx --image=nginx --restart=Never -n development
NEW QUESTION 32
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a state, ensuring that any changes are made permanent.
You can ssh to the failed node using:
[student@node-1] $ | ssh Wk8s-node-0
You can assume elevated privileges on the node with the following command:
[student@w8ks-node-0] $ | sudo -i
Answer:
Explanation:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 D.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 E.JPG
NEW QUESTION 33
Perform the following tasks:
* Add an init container to hungry-bear (which has been defined in spec file
/opt/KUCC00108/pod-spec-KUCC00108.yaml)
* The init container should create an empty file named/workdir/calm.txt
* If /workdir/calm.txt is not detected, the pod should exit
Answer:
Explanation:
* Once the spec file has been updated with the init container definition, the pod should be created See the solution below.
Explanation
solution
NEW QUESTION 34
Create a Pod nginx and specify a CPU request and a CPU limit of 0.5 and 1 respectively.
- A. // create a yml file
kubectl run nginx-pod --image=nginx --restart=Never --dry-run -
o yaml > nginx-pod.yml
// add the resources section and create
vim nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: nginx
resources:
requests:
cpu: "0.5"
limits:
cpu: "1"
restartPolicy: Always
kubectl apply -f nginx-pod.yaml
// verify
kubectl top pod - B. // create a yml file
kubectl run nginx-pod --image=nginx --restart=Never --dry-run -
o yaml > nginx-pod.yml
// add the resources section and create
vim nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: nginx
resources:
requests:
cpu: "0.4"
limits:
cpu: "1"
restartPolicy: Always
kubectl apply -f nginx-pod.yaml
// verify
kubectl top pod
Answer: A
NEW QUESTION 35
Create a Pod with main container busybox and which executes this
"while true; do echo 'Hi I am from Main container' >>
/var/log/index.html; sleep 5; done" and with sidecar container
with nginx image which exposes on port 80. Use emptyDir Volume
and mount this volume on path /var/log for busybox and on path
/usr/share/nginx/html for nginx container. Verify both containers
are running.
- A. // create an initial yaml file with this
kubectl run multi-cont-pod --image=busbox --restart=Never --
dry-run -o yaml > multi-container.yaml
// edit the yml as below and create it
kubectl create -f multi-container.yaml
vim multi-container.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
run: multi-cont-pod
name: multi-cont-pod
spec:
volumes:
- name: var-logs
emptyDir: {}
containers:
- image: busybox
command: ["/bin/sh"]
args: ["-c", "while true; do echo 'Hi I am from Main
container' >> /var/log/index.html; sleep 5;done"]
name: main-container
volumeMounts:
- name: var-logs
mountPath: /var/log
- image: nginx
name: sidecar-container
ports:
- containerPort: 80
volumeMounts:
- name: var-logs
mountPath: /usr/share/nginx/html
restartPolicy: Never
// Create Pod
kubectl apply -f multi-container.yaml
//Verify
kubectl get pods - B. // create an initial yaml file with this
kubectl run multi-cont-pod --image=busbox --restart=Never --
dry-run -o yaml > multi-container.yaml
// edit the yml as below and create it
kubectl create -f multi-container.yaml
vim multi-container.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
run: multi-cont-pod
name: multi-cont-pod
spec:
volumes:
- image: busybox
command: ["/bin/sh"]
args: ["-c", "while true; do echo 'Hi I am from Main
container' >> /var/log/index.html; sleep 5;done"]
name: main-container
volumeMounts:
- name: var-logs
mountPath: /var/log
- image: nginx
name: sidecar-container
ports:
mountPath: /usr/share/nginx/html
restartPolicy: Never
// Create Pod
kubectl apply -f multi-container.yaml
//Verify
kubectl get pods
Answer: A
NEW QUESTION 36
Get all the pods with label "env"
Answer:
Explanation:
kubectl get pods -L env
NEW QUESTION 37
Create a pod with init container which create a file "test.txt"
in "workdir" directory. Main container should check a file
"test.txt" exists and execute sleep 9999 if the file exists.
- A. // create an initial yaml file with this
kubectl run init-cont-pod --image=alpine --restart=Never --dry-run -o
yaml > init-cont-pod.yaml
// edit the yml as below and create it
vim init-cont-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: init-cont-pod
labels:
app: myapp
spec:
volumes:
- name: test-volume
emptyDir: {}
containers:
- name: main-container
image: busybox:1.28
command: ['sh', '-c', 'if [ -f /workdir/test.txt ]; then sleep
9999; fi']
volumeMounts:
- name: test-volume
mountPath: /workdir
initContainers:
- name: init-myservice
image: busybox:1.28
command: ['sh', '-c', "mkdir /workdir; echo >
/workdir/test.txt"]
volumeMounts:
- name: test-volume
mountPath: /workdir
// Create the pod
kubectl apply -f init-cont-pod.yaml
kubectl get pods
// Check Events by doing
kubectl describe po init-cont-pod
Init Containers:
init-myservice:
Container ID:
docker://ebdbf5fad1c95111d9b0e0e2e743c2e347c81b8d4eb5abcccdfe1dd74524
0d4f
Image: busybox:1.28
Image ID: dockerpullable://busybox@sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df
416dea4f41046e0f37d47
Port: <none>
Host Port: <none>
Command:
sh
-c
mkdir /workdir; echo > /workdir/test.txt
State: Terminated Reason: Completed - B. // create an initial yaml file with this
kubectl run init-cont-pod --image=alpine --restart=Never --dry-run -o
yaml > init-cont-pod.yaml
// edit the yml as below and create it
vim init-cont-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: init-cont-pod
labels:
app: myapp
spec:
volumes:
- name: test-volume
emptyDir: {}
containers:
- name: main-container
image: busybox:1.28
command: ['sh', '-c', 'if [ -f /workdir/test.txt ]; then sleep
9999; fi']
volumeMounts:
image: busybox:1.28
command: ['sh', '-c', "mkdir /workdir; echo >
/workdir/test.txt"]
volumeMounts:
- name: test-volume
mountPath: /workdir
// Create the pod
kubectl apply -f init-cont-pod.yaml
kubectl get pods
// Check Events by doing
kubectl describe po init-cont-pod
Init Containers:
init-myservice:
Container ID:
docker://ebdbf5fad1c95111d9b0e0e2e743c2e347c81b8d4eb5abcccdfe1dd74524
0d4f
Image: busybox:1.28
Image ID: dockerpullable://busybox@sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df
416dea4f41046e0f37d47
Port: <none>
Host Port: <none>
Command:
sh
-c
mkdir /workdir; echo > /workdir/test.txt
State: Terminated Reason: Completed
Answer: A
NEW QUESTION 38
On the NGFW, how can you generate and block a private key from export and thus harden your security posture and prevent rogue administrators or other bad actors from misusing keys?
- A. 1) Select Device > Certificate Management > Certificates >Device > Certificates
2) Import the certificate.
3) Select Import Private Key
4) Click Generate to generate the new certificate. - B. 1) Select Device > Certificates
2) Select Certificate Profile.
3) Generate the certificate
4) Select Block Private Key Export. - C. 1) Select Device > Certificate Management > Certificates Device > Certificates
2) Generate the certificate.
3) Select Block Private Key Export.
4) Click Generate to generate the new certificate. - D. 1) Select Device > Certificates
2) Select Certificate Profile
3) Generate the certificate
4) Select Block Private Key Export
Answer: D
NEW QUESTION 39
An Administrator is configuring Authentication Enforcement and they would like to create an exemption rule to exempt a specific group from authentication. Which authentication enforcement object should they select?
- A. default-browser-challenge
- B. default-authentication-bypass
- C. default-no-captive-port
- D. default-web-form
Answer: C
NEW QUESTION 40
View certificate details in /etc/kubernetes/pki
Answer:
Explanation:
// Verify Public Key / Certificate file Openssl x509 -in certificate.crt -noout -text // Verify Private Key Openssl rsa -in "private-key" -check // Verify CSR Openssl req -text -noout -verify
NEW QUESTION 41
// Create a configmap
kubectl create configmap redis-config --from-file=/opt/redisconfig
// Verify
kubectl get configmap redis-config -o yaml
// first run this command to save the pod yml
kubectl run redis-pod --image=redis --restart=Always --dry-run
-o yaml > redis-pod.yml
// edit the yml to below file and create
apiVersion: v1
kind: Pod
metadata:
name: redis
spec:
containers:
- name: redis
image: redis
env:
- name: MASTER
value: "true"
ports:
- containerPort: 6379
volumeMounts:
- mountPath: /redis-master-data
name: data
- mountPath: /redis-master
name: config
volumes:
- name: data
emptyDir: {}
- name: config
configMap:
name: example-redis-config
- A. items:
- key: redis-config
path: redis.conf
cf
kk kubectl apply -f redis-pod.yml
// // Verify
K kubectl exec -it redis - cat /redis-master-data/redis.conf - B. items:
- key: redis-config
path: redis.conf
cf
// // Verify
K kubectl exec -it redis - cat /redis-master-data/redis.conf
Answer: A
NEW QUESTION 42
Ensure a single instance of podnginxis running on each node of theKubernetes cluster wherenginxalso represents the Image name whichhas to be used. Do not override anytaints currently in place.
UseDaemonSetto complete thistask and useds-kusc00201asDaemonSet name.
Answer:
Explanation:
See the solution below.
Explanation
solution
NEW QUESTION 43
Create the service as type NodePort with the port 32767 for the nginx pod with the pod selector app: my-nginx
Answer:
Explanation:
kubectl run nginx --image=nginx --restart=Never -- labels=app=nginx --port=80 --dry-run -o yaml > nginx-pod.yaml
NEW QUESTION 44
Score: 4%
Task
Set the node named ek8s-node-1 as unavailable and reschedule all the pods running on it.
Answer:
Explanation:
See the solution below.
Explanation
SOLUTION:
[student@node-1] > ssh ek8s
kubectl cordon ek8s-node-1
kubectl drain ek8s-node-1 --delete-local-data --ignore-daemonsets --force
NEW QUESTION 45
Check the image version in pod without the describe command
Answer:
Explanation:
kubectl get po nginx -o jsonpath='{.spec.containers[].image}{"\n"}'
NEW QUESTION 46
Create and configure the servicefront-end-serviceso it's accessiblethroughNodePortand routes to theexisting pod namedfront-end.
Answer:
Explanation:
See the solution below.
Explanation
solution
NEW QUESTION 47
Create a redis pod, and have it use a non-persistent storage
(volume that lasts for the lifetime of the Pod)
- A. vim redis-pod-vol.yaml
apiVersion: v1
kind: Pod
metadata:
name: redis
spec:
containers:
- name: redis
image: redis
ports:
- containerPort: 6379
volumeMounts:
- mountPath: /data
name: redis-storage
volumes:
- name: redis-storage
emptyDir: {}
kubectl apply -f redis-pod-vol.yaml - B. vim redis-pod-vol.yaml
apiVersion: v1
kind: Pod
metadata:
name: redis
spec:
containers:
- name: redis
image: redis
ports:
- containerPort: 6679
volumeMounts:
- mountPath: /data
name: redis-storage
volumes:
- name: redis-storage
emptyDir: {}
kubectl apply -f redis-pod-vol.yaml
Answer: A
NEW QUESTION 48
......
Who should take the Linux Foundation-CKA: Certified Kubernetes Administrator Exam
This certification will allow the candidate to be setup as a succesfull Kubernetes Administrator and will be able to know and work on the following things:
- Kubernetes storage
- Kubernetes logging and monitoring
- Kubernetes and application Lifecycle Management
- Kubernetes scheduling
- Kubernetes networking
Pass Your CKA Exam Easily With 100% Exam Passing Guarantee: https://www.pass4training.com/CKA-pass-exam-training.html
100% Free CKA Exam Dumps Use Real Kubernetes Administrator Dumps: https://drive.google.com/open?id=1VsjkpL6hLEAiwvepOpzyU0EXVmbR_tLu
