CKA 模拟真题 Killer.sh | Question 10 | RBAC ServiceAccount Role RoleBinding
Use context: kubectl config use-context k8s-c1-H Create a new ServiceAccount processor in Namespace project-hamster . Create a Role and RoleBinding, both named processor as well. These should allow the new SA to only create Secrets and ConfigMaps in that Namespace. 译文在namespace project-hamster 中创建一个新的 ServiceAccount processor 。创建一个 角色 和 RoleBinding ,这两个都是命名的 processor 。这些应该允许新的 SA 只在该命名空间中创建 Secrets 和 ConfigMaps 。 解答 有4种不同的RBAC组合和3种有效的组合。 Role +...
CKA 模拟真题 Killer.sh | Question 9 | Kill Scheduler, Manual Scheduling
Use context: kubectl config use-context k8s-c2-AC Ssh into the controlplane node with ssh cluster2-controlplane1 . Temporarily stop the kube-scheduler, this means in a way that you can start it again afterwards. Create a single Pod named manual-schedule of image httpd:2.4-alpine , confirm it’s created but not scheduled on any node. Now you’re the scheduler and have all its power, manually schedule that Pod on node cluster2-controlplane1. Make sure it’s running. Start the kube-scheduler...
CKA 模拟真题 Killer.sh | Question 8 | Get Controlplane Information
Use context: kubectl config use-context k8s-c1-H Ssh into the controlplane node with ssh cluster1-controlplane1 . Check how the controlplane components kubelet, kube-apiserver, kube-scheduler, kube-controller-manager and etcd are started/installed on the controlplane node. Also find out the name of the DNS application and how it’s started/installed on the controlplane node. Write your findings into file /opt/course/8/controlplane-components.txt . The file should be structured...
CKA 模拟真题 Killer.sh | Question 7 | Node and Pod Resource Usage
Use context: kubectl config use-context k8s-c1-H The metrics-server has been installed in the cluster. Your college would like to know the kubectl commands to: show Nodes resource usage show Pods and their containers resource usage Please write the commands into /opt/course/7/node.sh and /opt/course/7/pod.sh . 译文在集群中已经安装了metrics-server。你们学院想知道使用 kubectl 的命令获取如下信息。 显示节点资源使用情况 显示Pod和其容器的资源使用情况 请将这些命令写入/opt/course/7/node.sh 和 /opt/course/7/pod.sh 。 解答参考: kubectl top node -h kubectl top...
CKA 模拟真题 Killer.sh | Question 6 | Storage, PV, PVC, Pod volume
Use context: kubectl config use-context k8s-c1-H Create a new PersistentVolume named safari-pv . It should have a capacity of 2Gi , accessMode ReadWriteOnce , hostPath /Volumes/Data and no storageClassName defined. Next create a new PersistentVolumeClaim in Namespace project-tiger named safari-pvc . It should request 2Gi storage, accessMode ReadWriteOnce and should not define a storageClassName. The PVC should bound to the PV correctly. Finally create a new Deployment safari in Namespace...
CKA 模拟真题 Killer.sh | Question 5 | Kubectl sorting
Use context: kubectl config use-context k8s-c1-H There are various Pods in all namespaces. Write a command into /opt/course/5/find_pods.sh which lists all Pods sorted by their AGE ( metadata.creationTimestamp ). Write a second command into /opt/course/5/find_pods_uid.sh which lists all Pods sorted by field metadata.uid . Use kubectl sorting for both commands. 译文在所有命名空间中都有各种Pod。在 /opt/course/5/find_pods.sh 中写一条命令,列出所有按AGE metadata.createTimestamp 排序的Pod。在 /opt/course/5/find_pods_uid.sh...
CKA 模拟真题 Killer.sh | Question 4 | Pod Ready if Service is reachable
Task weight: 4% Use context: kubectl config use-context k8s-c1-H Do the following in Namespace default. Create a single Pod named ready-if-service-ready of image nginx:1.16.1-alpine . Configure a LivenessProbe which simply executes command true . Also configure a ReadinessProbe which does check if the url http://service-am-i-ready:80 is reachable, you can use wget -T2 -O- http://service-am-i-ready:80 for this. Start the Pod and confirm it isn’t ready because of the ReadinessProbe. Create...
CKA 模拟真题 Killer.sh | Question 3 | Scale down StatefulSet
Use context: kubectl config use-context k8s-c1-H There are two Pods named o3db-** in Namespace project-c13. C13 management asked you to scale the Pods down to one replica to save resources. 译文名称空间 project-c13 中有两个名为 o3db-** 的Pod。C13管理层要求你将Pods缩减到一个副本,以节省资源。 解答检查pods k -n project-c13 get pod | grep o3db 检查常用资源 k -n project-c13 get deploy,ds,sts | grep o3db 查看pod标签,可以看到statefulset字段 k -n project-c13 get pod --show-labels | grep o3db 对statefulset中3db进行缩容 k -n project-c13 scale sts...
CKA 模拟真题 Killer.sh | Question 2 | Schedule Pod on Controlplane Node
Task weight: 3% Use context: kubectl config use-context k8s-c1-H Create a single Pod of image httpd:2.4.41-alpine in Namespace default . The Pod should be named pod1 and the container should be named pod1-container . This Pod should only be scheduled on a controlplane node, do not add new labels any nodes. 译文在namespace default 中创建一个 httpd:2.4.41-alpine 的Pod。这个Pod应该被命名为 pod1 ,容器应该被命名为 pod1-container 。这个Pod应该只被安排在控制平面节点上,不要在任何节点上添加新的标签。 解答切换集群环境 kubectl config use-context...
CKA 模拟真题 Killer.sh | Question 1 | Contexts
Task weight: 1% You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl. Finally write a second command doing the same thing into /opt/course/1/context_default_no_kubectl.sh , but without the use of kubectl. 译文你可以通过 kubectl contexts 从你的主终端访问多个集群。把所有这些上下文的名字写进 ...
