CKA 模拟真题 Killer.sh | Question 25 | Etcd Snapshot Save and Restore
Task weight: 8%
Use context: kubectl config use-context k8s-c3-CCC
Make a backup of etcd running on cluster3-controlplane1 and save it on the controlplane node at /tmp/etcd-backup.db .
Then create a Pod of your kind in the cluster.
Finally restore the backup, confirm the cluster is still working and that the created Pod is no longer with us.
译文
备份运行在 cluster3-controlplane1 上的 etcd,并将其保存在 controlplane 节点上的 /tmp/etcd-backup.db 中。
然后在集群中创建一个 Pod。
最后还原备份,确认集群仍在运行,且创建的 Pod 已不复存在。
解答
kubectl config use-context k8s-c3-CCC |
远程连接cluster3-controlplane1后 检查etcd配置文件,查找证书文件等
ssh cluster3-controlplane1 |
备份etcd
root@cluster3-controlplane1:~# ETCDCTL_API=3 etcdctl snapshot save /tmp/etcd-backup.db \ |
恢复etcd
创建pod
root@cluster3-controlplane1:~# kubectl run test --image=nginx |
停止所有控制面板组件
root@cluster3-controlplane1:~# cd /etc/kubernetes/manifests/ |
恢复etcd
root@cluster3-controlplane1:~# ETCDCTL_API=3 etcdctl snapshot restore /tmp/etcd-backup.db \ |
编辑etcd文件
root@cluster3-controlplane1:~# vim /etc/kubernetes/etcd.yaml |
etcd.yaml
# /etc/kubernetes/etcd.yaml |
恢复yaml文件,并检查容器和pod
root@cluster3-controlplane1:/etc/kubernetes/manifests# mv ../*.yaml . |
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来源 Hao DevSecOps!
微信
相关推荐
2023-01-09
CKA 模拟真题 Killer.sh | Question 1 | Contexts
Task weight: 1% You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl. Finally write a second command doing the same thing into /opt/course/1/context_default_no_kubectl.sh , but without the use of kubectl. 译文你可以通过 kubectl contexts 从你的主终端访问多个集群。把所有这些上下文的名字写进 ...
2023-01-10
CKA 模拟真题 Killer.sh | Question 24 | NetworkPolicy
Task weight: 9% Use context: kubectl config use-context k8s-c1-H There was a security incident where an intruder was able to access the whole cluster from a single hacked backend Pod. To prevent this create a NetworkPolicy called np-backend in Namespace project-snake . It should allow the backend-* Pods only to: connect to db1-* Pods on port 1111 connect to db2-* Pods on port 2222 Use the app label of Pods in your policy. After implementation, connections from backend-* Pods to vault-* Pods...
2023-01-09
CKA 模拟真题 Killer.sh | Question 7 | Node and Pod Resource Usage
Use context: kubectl config use-context k8s-c1-H The metrics-server has been installed in the cluster. Your college would like to know the kubectl commands to: show Nodes resource usage show Pods and their containers resource usage Please write the commands into /opt/course/7/node.sh and /opt/course/7/pod.sh . 译文在集群中已经安装了metrics-server。你们学院想知道使用 kubectl 的命令获取如下信息。 显示节点资源使用情况 显示Pod和其容器的资源使用情况 请将这些命令写入/opt/course/7/node.sh 和 /opt/course/7/pod.sh 。 解答参考: kubectl top node -h kubectl top...
2023-01-09
CKA 模拟真题 Killer.sh | Question 8 | Get Controlplane Information
Use context: kubectl config use-context k8s-c1-H Ssh into the controlplane node with ssh cluster1-controlplane1 . Check how the controlplane components kubelet, kube-apiserver, kube-scheduler, kube-controller-manager and etcd are started/installed on the controlplane node. Also find out the name of the DNS application and how it’s started/installed on the controlplane node. Write your findings into file /opt/course/8/controlplane-components.txt . The file should be structured...
2023-01-09
CKA 模拟真题 Killer.sh | Question 11 | DaemonSet on all Nodes
Use context: kubectl config use-context k8s-c1-H Use Namespace project-tiger for the following. Create a DaemonSet named ds-important with image httpd:2.4-alpine and labels id=ds-important and uuid=18426a0b-5f59-4e10-923f-c0e078e82462 . The Pods it creates should request 10 millicore cpu and 10 mebibyte memory. The Pods of that DaemonSet should run on all nodes, also controlplanes. 译文在命名空间 project-tiger 进行如下操作。创建一个名为 ds-important 的 DaemonSet ,镜像为 httpd:2.4-alpine ,标签 id=ds-important ,...
2023-01-10
CKA 模拟真题 Killer.sh | Preview Question 3
Use context: kubectl config use-context k8s-c2-AC Create a Pod named check-ip in Namespace default using image httpd:2.4.41-alpine . Expose it on port 80 as a ClusterIP Service named check-ip-service . Remember/output the IP of that Service. Change the Service CIDR to 11.96.0.0/12 for the cluster. Then create a second Service named check-ip-service2 pointing to the same Pod to check if your settings did take effect. Finally check if the IP of the first Service has...
评论
