• Home
  • Articles
  • [2023] Pass CKA Exam - Real Questions & Answers [Q24-Q44]

[2023] Pass CKA Exam - Real Questions & Answers [Q24-Q44]

Share

[2023] Pass CKA Exam - Real Questions and Answers

CKA Exam Questions Get Updated [2023] with Correct Answers


The CKA certification is a valuable credential for IT professionals who work with Kubernetes and want to demonstrate their expertise in the field. The certification is vendor-neutral, widely recognized by employers, and can help candidates stand out in a competitive job market. The exam is challenging but fair, testing candidates' skills in a real-world environment. With the growing adoption of Kubernetes in the industry, the CKA certification is becoming increasingly relevant and valuable for IT professionals and organizations alike.

 

NEW QUESTION # 24
Perform the following tasks:
Add an init container to hungry-bear defined in spec file
/opt/KUCC00108/pod-spec-KUC
The init container should create /workdir/calm.txt
If /workdir/calm.txt is not
Once the spec file has been definition, the pod should be created

Answer:

Explanation:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\4 D.JPG


NEW QUESTION # 25
What are the differences between using a service versus using an application for Security Policy match?

  • A. Use of a "service" enables the firewall to take action after enough packets allow for App-ID identification
  • B. Use of a "service" enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an application allows the firewall to take action after enough packets allow for App-ID identification regardless of the ports being used
  • C. There are no differences between "service" or "application." Use of an "application simplifies configuration by allowing use of a friendly application name instead of port numbers.
  • D. Use of a "service" enables the firewall to take immediate action with the first observed packet based on port numbers. Use of an "application allows the firewall to take immediate action if the port being used is a member of the application standard port list

Answer: D


NEW QUESTION # 26
Undo the deployment to the previous version 1.17.1 and verify Image has the previous version

Answer:

Explanation:
kubectl rollout undo deploy webapp kubectl describe deploy webapp | grep Image


NEW QUESTION # 27
Ensure a single instance of podnginxis running on each node of theKubernetes cluster wherenginxalso represents the Image name whichhas to be used. Do not override anytaints currently in place.
UseDaemonSetto complete thistask and useds-kusc00201asDaemonSet name.

Answer:

Explanation:
See the solution below.
Explanation
solution




NEW QUESTION # 28
Create a Kubernetes secret asfollows:
* Name: super-secret
* password: bob
Create a pod namedpod-secrets-via-file Image, which mounts a secret namedsuper-secretat
/secrets.
Create a second pod namedpod-secrets-via-env Image, which exportspasswordas CONFIDENTIAL

Answer:

Explanation:
See the solution below.
Explanation
solution



NEW QUESTION # 29
Score: 4%

Task
Create a persistent volume with name app-data , of capacity 1Gi and access mode ReadOnlyMany. The type of volume is hostPath and its location is /srv/app-data .

Answer:

Explanation:
Solution:
#vi pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: app-config
spec:
capacity:
storage: 1Gi
accessModes:
- ReadOnlyMany
hostPath:
path: /srv/app-config
#
kubectl create -f pv.yaml


NEW QUESTION # 30
Create and configure the service front-end-service so it's accessible through NodePort and routes to the existing pod named front-end.

Answer:

Explanation:
See the solution below.
Explanation
solution


NEW QUESTION # 31
Create a persistent volume with nameapp-data, of capacity2Giandaccess modeReadWriteMany. Thetype of volume ishostPathand itslocation is/srv/app-data.

Answer:

Explanation:
See the solution below.
Explanation
solution
Persistent Volume
A persistent volume is a piece of storage in aKubernetes cluster. PersistentVolumes are a cluster-level resource like nodes, which don't belong to any namespace. It is provisioned by the administrator and has a particular file size. This way, a developer deploying their app on Kubernetes need not knowthe underlying infrastructure.
When the developer needs a certain amount of persistent storage for their application, the system administrator configures the cluster so that they consume the PersistentVolume provisioned in an easy way.
Creating PersistentVolume
kind: PersistentVolumeapiVersion: v1metadata:name:app-dataspec:capacity: # defines the capacity of PV we are creatingstorage:2Gi#the amount of storage we are tying to claimaccessModes: # defines the rights of the volumewe are creating-ReadWriteManyhostPath:path: "/srv/app-data" # path to which we are creating the volume Challenge
* Create a Persistent Volume named ReadWriteMany, storage classname
shared,2Giof storage capacity and the host path

2. Save the file and create the persistent volume.
Image for post

3. View the persistent volume.

* Our persistent volume status is available meaning it is available and it has not been mounted yet. This status willchange when we mount the persistentVolume to a persistentVolumeClaim.
PersistentVolumeClaim
In a real ecosystem, a system admin will create the PersistentVolume then a developer will create a PersistentVolumeClaim which will be referenced in a pod. A PersistentVolumeClaim is created by specifying the minimum size and the access mode they require from the persistentVolume.
Challenge
* Create a Persistent Volume Claim that requests the Persistent Volume we had created above. The claim should request 2Gi. Ensurethat the Persistent Volume Claim has the same storageClassName as the persistentVolume you had previously created.
kind: PersistentVolumeapiVersion: v1metadata:name:
spec:
accessModes:-ReadWriteManyresources:
requests:storage:2Gi
storageClassName:shared
2. Save and create the pvc
njerry191@cloudshell:~(extreme-clone-2654111)$ kubect1 create -f app-data.yaml persistentvolumeclaim/app-data created
3. View the pvc
Image for post

4. Let's see what has changed in the pv we had initially created.
Image for post

Our status has now changed fromavailabletobound.
5. Create a new pod named myapp with image nginx that will be used to Mount the Persistent Volume Claim with the path /var/app/config.
Mounting a Claim
apiVersion: v1kind: Podmetadata:creationTimestamp: nullname: app-dataspec:volumes:- name:congigpvcpersistenVolumeClaim:claimName: app-datacontainers:- image: nginxname:
appvolumeMounts:- mountPath: "


NEW QUESTION # 32
List all configmap and secrets in the cluster in all namespace and write it to a file /opt/configmap-secret

Answer:

Explanation:
kubectl get configmap,secrets --all-namespaces > /opt/configmap-secret // Verify Cat /opt/configmap-secret


NEW QUESTION # 33
Score: 4%

Task
Scale the deployment presentation

Answer:

Explanation:
See the solution below.
Explanation
Solution:
kubectl get deployment
kubectl scale deployment.apps/presentation --replicas=6


NEW QUESTION # 34
Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where nginx also represents the Image name which has to be used. Do not override any taints currently in place.
Use DaemonSet to complete this task and use ds-kusc00201 as DaemonSet name.

Answer:

Explanation:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 B.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 C.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 D.JPG

F:\Work\Data Entry Work\Data Entry\20200827\CKA\3 E.JPG


NEW QUESTION # 35
Score: 4%

Task
Check to see how many nodes are ready (not including nodes tainted NoSchedule ) and write the number to
/opt/KUSC00402/kusc00402.txt

Answer:

Explanation:
See the solution below.
Explanation
Solution:
kubectl describe nodes | grep ready|wc -l
kubectl describe nodes | grep -i taint | grep -i noschedule |wc -l
echo 3 > /opt/KUSC00402/kusc00402.txt
#
kubectl get node | grep -i ready |wc -l
# taintsnoSchedule
kubectl describe nodes | grep -i taints | grep -i noschedule |wc -l
#
echo 2 > /opt/KUSC00402/kusc00402.txt


NEW QUESTION # 36
Score: 5%

Task
From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name of the pod consuming most CPU to the file /opt/KUTR00401/KUTR00401.txt (which already exists).

Answer:

Explanation:
Solution:
kubectl top -l name=cpu-user -A
echo 'pod name' >> /opt/KUT00401/KUT00401.txt


NEW QUESTION # 37
Create a deployment as follows:
* Name: nginx-app
* Using container nginx with version 1.11.10-alpine
* The deployment should contain 3 replicas
Next, deploy the application with new version 1.11.13-alpine, by performing a rolling update.
Finally, rollback that update to the previous version 1.11.10-alpine.

Answer:

Explanation:
See the solution below.
Explanation
solution



NEW QUESTION # 38
Delete the above pod and create again from the same yaml file
and verifies there is no "test-file.txt" in the path /data/redis
(Since non-persistent storage "emptyDir" is used).

Answer:

Explanation:
kubectl delete pod test-redis kubectl create -f test-redis.yaml kubectl exec -it test-redis /bin/sh cat /data/redis/file.txt // file doesn't exist


NEW QUESTION # 39
Create a pod named kucc8 with a single app container for each of the following images running inside (there may be between 1 and 4 images specified):
nginx + redis + memcached.

Answer:

Explanation:
solution



NEW QUESTION # 40
Schedule a pod as follows:
Name: nginx-kusc00101
Image: nginx
Node selector: disk=ssd

Answer:

Explanation:
solution



NEW QUESTION # 41
Create a namespace called 'development' and a pod with image nginx called nginx on this namespace.

Answer:

Explanation:
See the solution below.
Explanation
kubectl create namespace development
kubectl run nginx --image=nginx --restart=Never -n development


NEW QUESTION # 42
Create a persistent volume with name app-data, of capacity 2Gi and access mode ReadWriteMany. The type of volume is hostPath and its location is /srv/app-data.

Answer:

Explanation:
See the solution below.
Explanation
solution
Persistent Volume
A persistent volume is a piece of storage in a Kubernetes cluster. PersistentVolumes are a cluster-level resource like nodes, which don't belong to any namespace. It is provisioned by the administrator and has a particular file size. This way, a developer deploying their app on Kubernetes need not know the underlying infrastructure. When the developer needs a certain amount of persistent storage for their application, the system administrator configures the cluster so that they consume the PersistentVolume provisioned in an easy way.
Creating Persistent Volume
kind: PersistentVolumeapiVersion: v1metadata: name: spec: capacity: # defines the capacity of PV we are creating storage: 2Gi #the amount of storage we are tying to claim accessModes: # defines the rights of the volume we are creating - ReadWriteMany " # path to which we are creating the volume Challenge Create a Persistent Volume named ReadWriteMany, storage classname shared, 2Gi of storage capacity and the host path

2. Save the file and create the persistent volume.
Image for post

3. View the persistent volume.

Our persistent volume status is available meaning it is available and it has not been mounted yet. This status will change when we mount the persistentVolume to a persistentVolumeClaim.
PersistentVolumeClaim
In a real ecosystem, a system admin will create the PersistentVolume then a developer will create a PersistentVolumeClaim which will be referenced in a pod. A PersistentVolumeClaim is created by specifying the minimum size and the access mode they require from the persistentVolume.
Challenge
Create a Persistent Volume Claim that requests the Persistent Volume we had created above. The claim should request 2Gi. Ensure that the Persistent Volume Claim has the same storageClassName as the persistentVolume you had previously created.
kind: PersistentVolumeapiVersion: v1metadata: name:
spec:
accessModes: - ReadWriteMany
requests: storage: 2Gi
storageClassName: shared
2. Save and create the pvc
njerry191@cloudshell:~ (extreme-clone-2654111)$ kubect1 create -f app-data.yaml persistentvolumeclaim/app-data created
3. View the pvc
Image for post

4. Let's see what has changed in the pv we had initially created.
Image for post

Our status has now changed from available to bound.
5. Create a new pod named myapp with image nginx that will be used to Mount the Persistent Volume Claim with the path /var/app/config.
Mounting a Claim
apiVersion: v1kind: Podmetadata: creationTimestamp: null name: app-dataspec: volumes: - name:congigpvc persistenVolumeClaim: claimName: app-data containers: - image: nginx name: app volumeMounts: - mountPath: "/srv/app-data " name: configpvc


NEW QUESTION # 43
Change the label for one of the pod to env=uat and list all the pods to verify

Answer:

Explanation:
kubectl label pod/nginx-dev3 env=uat --overwrite kubectl get pods --show-labels


NEW QUESTION # 44
......

Practice CKA Questions With Certification guide Q&A from Training Expert ITCertMagic: https://passitsure.itcertmagic.com/Linux-Foundation/real-CKA-exam-prep-dumps.html

Related Articles

more
Linux Foundation CKA Certification Practice Exam