CNCF CKA - Certified Kubernetes Administrator Exam
Page: 1 / 5
Total 23 questions
Question #1 (Topic: Single Topic)
SIMULATION
Context
You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a specific ServiceAccount scoped to a specific namespace.
Task
Create a new ClusterRole named deployment-clusterrole, which only allows to create the following resource types:
✑ Deployment
✑ Stateful Set
✑ DaemonSet
Create a new ServiceAccount named cicd-token in the existing namespace app-team1.
Bind the new ClusterRole deployment-clusterrole to the new ServiceAccount cicd-token, limited to the namespace app-team1.
Context
You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a specific ServiceAccount scoped to a specific namespace.
Task
Create a new ClusterRole named deployment-clusterrole, which only allows to create the following resource types:
✑ Deployment
✑ Stateful Set
✑ DaemonSet
Create a new ServiceAccount named cicd-token in the existing namespace app-team1.
Bind the new ClusterRole deployment-clusterrole to the new ServiceAccount cicd-token, limited to the namespace app-team1.
Answer: 
Question #2 (Topic: Single Topic)
SIMULATION
Task
Set the node named ek8s-node-0 as unavailable and reschedule all the pods running on it.
Task
Set the node named ek8s-node-0 as unavailable and reschedule all the pods running on it.
Answer: 
Question #3 (Topic: Single Topic)
SIMULATION
Task
Given an existing Kubernetes cluster running version 1.22.1, upgrade all of the Kubernetes control plane and node components on the master node only to
version 1.22.2.
Be sure to drain the master node before upgrading it and uncordon it after the upgrade.
You are also expected to upgrade kubelet and kubectl on the master node.
Task
Given an existing Kubernetes cluster running version 1.22.1, upgrade all of the Kubernetes control plane and node components on the master node only to
version 1.22.2.
Be sure to drain the master node before upgrading it and uncordon it after the upgrade.
You are also expected to upgrade kubelet and kubectl on the master node.
Answer: 
Question #4 (Topic: Single Topic)
SIMULATION
Task
First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379,
saving the snapshot to /var/lib/backup/etcd-snapshot.db.
Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previous.db.
Task
First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379,
saving the snapshot to /var/lib/backup/etcd-snapshot.db.
Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previous.db.
Answer: 
Question #5 (Topic: Single Topic)
SIMULATION
Task
Create a new NetworkPolicy named allow-port-from-namespace in the existing
namespace fubar.
Ensure that the new NetworkPolicy allows Pods in namespace internal to connect to port 9000 of Pods in namespace fubar.
Further ensure that the new NetworkPolicy:
✑ does not allow access to Pods, which don't listen on port 9000
✑ does not allow access from Pods, which are not in namespace internal
Task
Create a new NetworkPolicy named allow-port-from-namespace in the existing
namespace fubar.
Ensure that the new NetworkPolicy allows Pods in namespace internal to connect to port 9000 of Pods in namespace fubar.
Further ensure that the new NetworkPolicy:
✑ does not allow access to Pods, which don't listen on port 9000
✑ does not allow access from Pods, which are not in namespace internal
Answer: 
