CKA certification exam Zhenti resolve

The adoption of CKA (Certified Kubernetes Administration) exam, the exam remember the title out to share

The trick is to test for kubectl native command must be familiar with, or write yaml file a waste of time.

I have been in the cluster configuration used in the test of a good auto-complete.

I began to pay attention to the subject when the handover command cluster.

 

1. Place all the files according to name pv sort and output the results to the development of

This question is the main test for kubectl command sort-by use

kubectl get pv --sort-by=.metadata.name

2. Start a daemonset named daemon-test, the inside of the pod name nginx, use nginx image

This question exam is daemonset, here sir can become a deployment of yaml, and then to modify this yaml achieve their goals, pay attention to the need to ensure that this name pod container is nginx

#先生成一个deploy的yaml

kubectl run daemon-test --image=nginx -o yaml --dry-run >deploy.yaml

#修改一下yaml文件
apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    run: daemon-test
  name: daemon-test
spec:
  selector:
    matchLabels:
      run: daemon-test
  template:
    metadata:
      name: nginx
      labels:
        run: daemon-test
    spec:
      containers:
      - image: nginx:latest
        name: nginx

3. Start contains pod nginx, redis, ubuntu's

kubectl run yaml can generate a pod, we add another container in the yaml can. Do not use kubectl run --image = nginx --image = redis this will only generate the final container, without generating three container

 

#先生成单个container的pod
kubectl run test-pod --image=nginx  -o yaml --dry-run --restart=Never>pod.yaml
#修改yaml文件

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: test-pod
  name: test-pod
spec:
  containers:
  - image: nginx
    name: nginx
  - image: redis
    name: redis
  - image: ubuntu
    name: ubuntu

4. Start nginx contains a deployment of POD, the initial version 1.9.1, 1.13.1 and recorded to upgrade, the upgrade version of the finished roll back to the original

This question is examined upgrade deployment, the main use of rollout

#生成deployment
kubectl run deploy-nginx --image=nginx:1.9.1
#升级到1.13.1
kubectl set image deployment deploy-nginx deploy-nginx=nginx:1.13.1 --record
#查看升级历史
kubectl rollout history deployment deploy-nginx
#回滚
kubectl rollout undo deployment deploy-nginx

5. Start a Container, when determining the presence of the directory / data a.txt continues to run, if there is no exit. a.txt need to create initcontainer

Test volume mount and init container, to be used here to mount emptydir

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: test-file
  name: test-file
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'if [ -f /data/a.txt ];then sleep 3000;fi']
    volumeMounts:
    - mountPath: /data
      name: cache-volume
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', 'touch /data/a.txt']
    volumeMounts:
    - mountPath: /data
      name: cache-volume
  volumes:
  - name: cache-volume
    emptyDir: {}

6. Examples loadbalncer deployment extended to 3

Deploy the expansion test, used as the command line

kubectl scale deployment loadbalancer --replicas=3

 

7. pod front-app to create the corresponding service will expose it

The pod is to examine the binding service

需要找到pod的端口
kubectl describe pod xxxx
绑定service
kubectl expose pod front-app  --type=ClusterIp --port=80 --target-port=80

8. The deployment my-nginx binding nodeport service type, and outputs the parsed service and pod log dns

Examine deploy binding service, and dns resolve cluster

#创建service
kubectl expose deployment my-nginx --type=NodePort --port=80 --target-port=80
#dns解析使用nslookup,需要启动一个pod来协助
wget http://kubernetes.io/examples/admin/dns/busybox.yaml
kubectl apply -f busybox.yaml
#使用nslookup解析service
kubectl exec -it busybox nslookup my-nginx
#使用nslookup解析pod
kubectl get pods -owide | grep my-nginx 查看到pod对应的ip
kubectl exec -it busybox nslookup 查到的对应的ip

9.pod redis mount a volume, mount the directory / data / redis, requires the directory is non-presist

non-presist on the note is a type emptydir

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: redis
  name: redis
spec:
  containers:
  - name: redis
    image: redis
    volumeMounts:
    - mountPath: /data/redis
      name: cache-volume
  volumes:
  - name: cache-volume
    emptyDir: {}

10. The pod nginx is scheduled to label the disk = ssd node

Examine nodeselector

kubectl run nginx --image=nginx -o yaml --dry-run >nginx.yml
在nginx.yml中加入nodeselector即可

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    env: test
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  nodeSelector:
    disk: ssd

11. Create a deployment started 10 redis example, label and start to check = test, do not need real, in the specified directory only need to store yaml

Directly on the command file to generate yaml

kubectl run redis --image=redis --replicas=10 --labels=check=test  -o yaml --dry-run > redis.yaml

12. Create a mount pv size of the local directory / data / pv for 2G, policy WRO

apiVersion: v1
kind: PersistentVolume
metadata:
  name: task-pv-volume
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 2Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data/pv"

13. The node node1 will not participate in scheduling and assign all of his pod to the other node

kubectl drain node1 --ignore-daemonsets --delete-local-data

14. Statistics all available nodes in the cluster, the node does not contain a non-scheduled, the number of writes to the corresponding file

Get to the node Note that there is no taints the noscheduler

kubectl get nodes
kubectl describe node_name查看taint

15 are listed as the pod log file-not-found row and written to the specified file

kubectl logs my-app | grep 'file-not-found' >a.txt

16. List service my-app corresponding to the pod, a file is written to the corresponding

#查看service的label
kubectl get service -o wide
#根据label去获取pod
kubectl get pods --selector=查出来的label

17. identify pod service my-app corresponding to the highest cpu used pod, the pod is written into the corresponding file name

Examine kubectl top

#查看service的label
kubectl get service -o wide
#根据label去处理
kubectl top node --selector=查出来的label

18. Create a sercert called my-secret, content username = test, were he to mount pod1 the / data / secret, pod2 set environment variables AUTHUSER

And examine the secret environment variables and file mount

#创建secret
kubectl create secret generic my-secret --from-file=./username.txt
#pod1
apiVersion: v1
kind: Pod
metadata:
  name: pod1
spec:
  containers:
  - name: mypod
    image: nginx
    volumeMounts:
    - name: mysecret
      mountPath: "/data/secret"
      readOnly: true
  volumes:
  - name: mysecret
    secret:
      secretName: my-secret
#pod2
apiVersion: v1
kind: Pod
metadata:
  name: pod2
spec:
  containers:
  - name: mycontainer
    image: redis
    env:
      - name: AUTHUSER
        valueFrom:
          secretKeyRef:
            name: mysecret
            key: username

19. Use etcd backup, backup files will be stored to the specified path, providing endpoints, ca, cert, key

#所有需要的key的位置都已经告诉我们
ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=ca.pem --cert=cert.pem --key=key.pem snapshot save snapshotdb

20. The start of the static configuration node pod guarantee that modifications are permanent

In two steps: 1. Start Configuration kubelet static command with the start of the pod 2. The static pod yaml file into the required directory to

参考
https://kubernetes.io/docs/tasks/configure-pod-container/static-pod/

 

21. The node will not start to solve the situation, and make the changes permanent.

View to the node is not started kubelet

systemctl start kubelet
systemctl enable kubelet

22. will join a cluster node

did not do

23. to solve the problem in a cluster

Did not do too

There is also a question forgotten