[Dec 12, 2023] Get New CKA Practice Test Questions Answers
CKA Dumps and Exam Test Engine
NEW QUESTION # 22
What is the maximum number of samples that can be submitted to WildFire manually per day?
- A. 2,000
- B. 1,000
- C. 5,000
- D. 15,000
Answer: B
NEW QUESTION # 23
Get list of all the pods showing name and namespace with a jsonpath expression.
Answer:
Explanation:
See the solution below.
Explanation
kubectl get pods -o=jsonpath="{.items[*]['metadata.name'
, 'metadata.namespace']}"
NEW QUESTION # 24
Label a node as app=test and verify
Answer:
Explanation:
kubectl label node node-name app=test // Verify kubectl get no -show-labels kubectl get no -l app=test
NEW QUESTION # 25
Score: 4%
Task
Create a persistent volume with name app-data , of capacity 1Gi and access mode ReadOnlyMany. The type of volume is hostPath and its location is /srv/app-data .
Answer:
Explanation:
See the solution below.
Explanation
Solution:
#vi pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: app-config
spec:
capacity:
storage: 1Gi
accessModes:
- ReadOnlyMany
hostPath:
path: /srv/app-config
#
kubectl create -f pv.yaml
NEW QUESTION # 26
Score: 4%
Task
Scale the deployment presentation
Answer:
Explanation:
See the solution below.
Explanation
Solution:
kubectl get deployment
kubectl scale deployment.apps/presentation --replicas=6
NEW QUESTION # 27
Create a pod with environment variables as var1=value1.Check the environment variable in pod
- A. kubectl run nginx --image=nginx --restart=Never --env=var1=value1
# then
kubectl exec -it nginx -- env
# or
kubectl exec -it nginx -- sh -c 'echo $var1'
# or
kubectl describe po nginx | grep value1 - B. kubectl run nginx --image=nginx --restart=Never --env=var1=value1
# then
kubectl exec -it nginx -- env
# or
kubectl describe po nginx | grep value1
Answer: A
NEW QUESTION # 28
Create a busybox pod that runs the command "env" and save the output to "envpod" file
Answer:
Explanation:
See the solution below.
Explanation
kubectl run busybox --image=busybox --restart=Never --rm -it -- env > envpod.yaml
NEW QUESTION # 29
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state, ensuring that any changes are made permanent.
You can ssh to the failed node using:
[student@node-1] $ | ssh Wk8s-node-0
You can assume elevated privileges on the node with the following command:
[student@w8ks-node-0] $ | sudo -i
Answer:
Explanation:
solution
NEW QUESTION # 30
Get IP address of the pod - "nginx-dev"
- A. Kubect1 get po -o wide
Using JsonPath
kubect1 get pods -o=jsonpath='{range
.items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}' - B. Kubect1 get po -o wide
Using JsonPath
kubect1 get pods
.items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'
Answer: A
NEW QUESTION # 31
Create a deployment named "myapp" that having 2 replicas with
nginx image and expose deployment as service named "myservice"
- A. // Create a YAML Template
kubectl create deploy myapp --image=nginx --dry-run -o yaml >
myapp.yaml
//Update replicas=2 in myapp.yaml file
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myapp
name: myapp
spec:
replicas: 2
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: nginx
name: nginx
// Create deployment
kubectl create -f myapp.yaml
// Creating YAML template for service
kubectl expose deployment myapp --type=ClusterIP --port=60 --
target-port=60 --name=myservice --dry-run -o yaml >
myservice.yaml
YAML File:
apiVersion: v1
kind: Service
metadata:
labels:
app: myapp
name: myservice
spec:
ports:
- port: 60
protocol: TCP
targetPort: 80
selector:
app: myapp
type: ClusterIP
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
kubernetes ClusterIP 10.2.0.1 <none> 443/TCP
158d
myservice ClusterIP 10.2.96.175 <none> 80/TCP
40s - B. // Create a YAML Template
kubectl create deploy myapp --image=nginx --dry-run -o yaml >
myapp.yaml
//Update replicas=2 in myapp.yaml file
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myapp
name: myapp
spec:
replicas: 2
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: nginx
name: nginx
// Create deployment
kubectl create -f myapp.yaml
// Creating YAML template for service
kubectl expose deployment myapp --type=ClusterIP --port=80 --
target-port=80 --name=myservice --dry-run -o yaml >
myservice.yaml
YAML File:
apiVersion: v1
kind: Service
metadata:
labels:
app: myapp
name: myservice
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: myapp
type: ClusterIP
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
kubernetes ClusterIP 10.2.0.1 <none> 443/TCP
158d
myservice ClusterIP 10.2.96.175 <none> 80/TCP
40s
Answer: B
NEW QUESTION # 32
Create a daemonset named "Prometheus-monitoring" using image=prom/Prometheus which runs in all the nodes in the cluster. Verify the pod running in all the nodes
- A. vim promo-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: prometheus-monitoring
spec:
selector:
matchLabels:
name: prometheus
template:
metadata:
labels:
name: prometheus
spec:
tolerations:
# remove it if your masters can't run pods
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: prometheus-container
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: varlog
emptyDir: {}
- name: varlibdockercontainers
emptyDir: {}
kubectl apply -f promo-ds.yaml
NOTE: Deamonset will get scheduled to "default" namespace, to
schedule deamonset in specific namespace, then add
"namespace" field in metadata
//Verify
kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE
AVAILABLE NODE SELECTOR AGE
prometheus-monitoring 8 8 0 6
0 <none> 7s
kubectl get no # To get list of nodes in the cluster
// There are 6 nodes in the cluster, so a pod gets scheduled to
each node in the cluster - B. vim promo-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: prometheus-monitoring
spec:
selector:
matchLabels:
name: prometheus
template:
metadata:
labels:
name: prometheus
spec:
tolerations:
# remove it if your masters can't run pods
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: prometheus-container
image: prom/prometheus
volumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: varlog
emptyDir: {}
- name: varlibdockercontainers
emptyDir: {}
kubectl apply -f promo-ds.yaml
NOTE: Deamonset will get scheduled to "default" namespace, to
schedule deamonset in specific namespace, then add
"namespace" field in metadata
//Verify
kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE
AVAILABLE NODE SELECTOR AGE
prometheus-monitoring 6 6 0 6
0 <none> 7s
kubectl get no # To get list of nodes in the cluster
// There are 6 nodes in the cluster, so a pod gets scheduled to
each node in the cluster
Answer: B
NEW QUESTION # 33
Remove taint added to node "worker-2"
Answer:
Explanation:
kubectl taint nodes worker-2 key:NoSchedule- // Verify You will see a message "node/worker-2 untainted" kubectl get nodes -o customcolumns=NAME:.metadata.name,TAINTS:.spec.taints --no-headers
NEW QUESTION # 34
Create a pod with environment variables as var1=value1.Check the environment variable in pod
Answer:
Explanation:
kubectl run nginx --image=nginx --restart=Never --env=var1=value1
# then
kubectl exec -it nginx -- env
# or
kubectl exec -it nginx -- sh -c 'echo $var1'
# or
kubectl describe po nginx | grep value1
NEW QUESTION # 35
Get list of PVs and order by size and write to file - /opt/pvlist.txt
Answer:
Explanation:
kubectl get pv --sort-by=.spec.capacity.storage > /opt/pvlist.txt
NEW QUESTION # 36
Create a pod with image nginx called nginx and allow traffic on port 80
Answer:
Explanation:
See the solution below.
Explanation
kubectlrun nginx --image=nginx --restart=Never --port=80
NEW QUESTION # 37
Score: 5%
Task
From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name of the pod consuming most CPU to the file /opt/KUTR00401/KUTR00401.txt (which already exists).
Answer:
Explanation:
See the solution below.
Explanation
Solution:
kubectl top -l name=cpu-user -A
echo 'pod name' >> /opt/KUT00401/KUT00401.txt
NEW QUESTION # 38
Get IP address of the pod - "nginx-dev"
Answer:
Explanation:
See the solution below.
Explanation
Kubect1 get po -o wide
Using JsonPath
kubect1 get pods -o=jsonpath='{range
items[*]}{.metadata.name}{"\t"}{.status.podIP}{"\n"}{end}'
NEW QUESTION # 39
From the pod label name=cpu-utilizer, find pods running high CPU workloads and write the name of the pod consuming most CPU to the file /opt/KUTR00102/KUTR00102.txt (which already exists).
Answer:
Explanation:
See the solution below.
Explanation
solution
NEW QUESTION # 40
A bootstrap USB flash drive has been prepared using a Windows workstation to load the initial configuration of a Palo Alto Networks firewall that was previously being used in a lab. The USB flash drive was formatted using file system FAT32 and the initial configuration is stored in a file named init-cfg.txt. The firewall is currently running PAN-OS 10.0 and using a lab config. The contents of init-cgf.txt in the USB flash drive are as follows:
type=dhcp-client
Ip-address=
default-gateway=
netmask=
Ipv6-address=
Ipv6-default-gateway=
hostname=Ca-FW-DC1
panorama-server=10.5.107.20
panorama-server-2=10.5.107.21
tplname=FINANCE_TG4
dgname=finance_dg
dns-primary=10.5.6.6
dns-secondary=10.5.6.7
op-command-modes-multi-vsys.jumbo-frame
dhcp-send-hostname=yes
dhcp-send-client-id=yes
dhcp-accept-server-hostname=yes
dhcp-accept-server-domain=yes
The USB flash drive has been inserted in the firewalls' USB port, and the firewall has been restarted using command> request restart system Upon restart, the firewall fails to begin the bootstrapping process. The failure is caused because:
- A. PAN-OS version must be 9.1 x at a minimum, but the firewall is running 10.0x
- B. Firewall must be in factory default state or have all private data deleted for bootstrapping
- C. The USB must be formatted using the exi3 file system, FAT32 is
- D. The hostname is a required parameter, but it is missing in init-cfg.txt
- E. The bootstrap xml file is a required file, but it is missing
Answer: C
NEW QUESTION # 41
List all the pods sorted by created timestamp
Answer:
Explanation:
kubect1 get pods--sort-by=.metadata.creationTimestamp
NEW QUESTION # 42
Create the deployment redis with image=redis and expose it with "NodePort" service redis-service
- A. kubectl create deploy redis --image=redis --dry-run -o yaml >
redis-deploy.yaml
Edit redis-deploy.yaml file
vim redis-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: redis
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- image: redis
name: redis
//Creating Service
kubectl expose deploy redis --type=NodePort --port=6379 --
target-port=6379 --name redis-service
// Verify
kubectl get deploy,svc - B. kubectl create deploy redis --image=redis --dry-run -o yaml >
redis-deploy.yaml
Edit redis-deploy.yaml file
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- image: redis
name: redis
//Creating Service
kubectl expose deploy redis --type=NodePort --port=6379 --
target-port=6379 --name redis-service
// Verify
kubectl get deploy,svc
Answer: A
NEW QUESTION # 43
An Administrator is configuring Authentication Enforcement and they would like to create an exemption rule to exempt a specific group from authentication. Which authentication enforcement object should they select?
- A. default-no-captive-port
- B. default-web-form
- C. default-authentication-bypass
- D. default-browser-challenge
Answer: A
NEW QUESTION # 44
......
2023 New RealValidExam CKA PDF Recently Updated Questions: https://officialdumps.realvalidexam.com/CKA-real-exam-dumps.html
