• Home
  • Articles
  • [Q33-Q54] Exam Questions and Answers for CKA Study Guide Questions and Answers!

[Q33-Q54] Exam Questions and Answers for CKA Study Guide Questions and Answers!

Share

Exam Questions and Answers for CKA Study Guide Questions and Answers!

Certified Kubernetes Administrator (CKA) Program Exam Certification Sample Questions and Practice Exam

NEW QUESTION # 33
Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where nginx also represents the Image name which has to be used. Do not override any taints currently in place.
Use DaemonSet to complete this task and use ds-kusc00201 as DaemonSet name.

Answer:

Explanation:
See the solution below.
Explanation
solution




NEW QUESTION # 34
Resume the rollout of the deployment

Answer:

Explanation:
kubectl rollout resume deploy webapp


NEW QUESTION # 35
Perform the following tasks:
* Add an init container tohungry-bear(which has beendefined in spec file
/opt/KUCC00108/pod-spec-KUCC00108.yaml)
* The init container should createan empty file named/workdir/calm.txt
* If/workdir/calm.txtis notdetected, the pod should exit
* Once the spec file has beenupdatedwith the init containerdefinition, the pod should becreated

Answer:

Explanation:
See the solution below.
Explanation
solution



NEW QUESTION # 36
Score: 4%

Task
Create a persistent volume with name app-data , of capacity 1Gi and access mode ReadOnlyMany. The type of volume is hostPath and its location is /srv/app-data .

Answer:

Explanation:
Solution:
#vi pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: app-config
spec:
capacity:
storage: 1Gi
accessModes:
- ReadOnlyMany
hostPath:
path: /srv/app-config
#
kubectl create -f pv.yaml


NEW QUESTION # 37
How can an administrator configure the NGFW to automatically quarantine a device using Global Protect?

  • A. by using security policies, log forwarding profiles, and log settings.
  • B. by exporting the list of quarantined devices to a pdf or csv file by selecting PDF/CSV at the bottom of the Device Quarantine page and leveraging the appropriate XSOAR playbook.
  • C. There is no native auto-quarantine feature so a custom script would need to be leveraged.
  • D. by adding the device's Host ID to a quarantine list and configure GlobalProtect to prevent users from connecting to the GlobalProtect gateway from a quarantined device.

Answer: D


NEW QUESTION # 38
List all service account and create a service account called "admin"

  • A. kubectl get sa
    kubectl get sa --all-namespaces
    kubectl create sa admin
    //Verify
    kubectl get sa admin -o yaml
  • B. kubectl get sa
    kubectl get sa --all-namespaces
    //Verify
    kubectl get sa admin -o yaml

Answer: A


NEW QUESTION # 39
Create a pod with environment variables as var1=value1.Check the environment variable in pod

Answer:

Explanation:
See the solution below.
Explanation
kubectl run nginx --image=nginx --restart=Never --env=var1=value1
# then
kubectl exec -it nginx -- env
# or
kubectl exec -it nginx -- sh -c 'echo $var1'
# or
kubectl describe po nginx | grep value1


NEW QUESTION # 40
Get list of all the pods showing name and namespace with a jsonpath expression.

Answer:

Explanation:
See the solution below.
Explanation
kubectl get pods -o=jsonpath="{.items[*]['metadata.name'
, 'metadata.namespace']}"


NEW QUESTION # 41
Create an nginx pod with containerPort 80 and with a PersistentVolumeClaim "task-pv-claim" and has a mouth path "/usr/share/nginx/html"

  • A. vim nginx-pvc-pod.yaml
    apiVersion: v1
    kind: Pod
    metadata:
    name: task-pv-pod
    spec:
    volumes:
    - name: task-pv-storage
    persistentVolumeClaim:
    claimName: task-pv-claim
    containers:
    - name: task-pv-container
    image: nginx
    ports:
    - containerPort: 60
    name: "http"
    volumeMounts:
    - mountPath: "/usr/share/nginx/html"
    name: task-pv-storage
    kubectl apply -f nginx-pvc-pod.yaml
    // Verify
    kubectl describe po "POD-Name" | grep -i volumes -A4
    Volumes:
    task-pv-storage:
    Type: PersistentVolumeClaim (a reference to a
    PersistentVolumeClaim in the same namespace)
    ClaimName: task-pv-claim
    ReadOnly: false
  • B. vim nginx-pvc-pod.yaml
    apiVersion: v1
    kind: Pod
    metadata:
    name: task-pv-pod
    spec:
    volumes:
    - name: task-pv-storage
    persistentVolumeClaim:
    claimName: task-pv-claim
    containers:
    - name: task-pv-container
    image: nginx
    ports:
    - containerPort: 80
    name: "http"
    volumeMounts:
    - mountPath: "/usr/share/nginx/html"
    name: task-pv-storage
    kubectl apply -f nginx-pvc-pod.yaml
    // Verify
    kubectl describe po "POD-Name" | grep -i volumes -A5
    Volumes:
    task-pv-storage:
    Type: PersistentVolumeClaim (a reference to a
    PersistentVolumeClaim in the same namespace)
    ClaimName: task-pv-claim
    ReadOnly: false

Answer: B


NEW QUESTION # 42
Install a kubernetes cluster with one master and one worker using kubeadm

  • A. This is a straightforward question, you need to install kubernetes cluster using kubeadm with one master and one worker.
    Installation is considered success once both master and worker
    nodes become available.
    Refer : https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/
  • B. This is a straightforward question, you need to install kubernetes cluster using kubeadm with one master and one worker.
    Refer : https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/

Answer: A


NEW QUESTION # 43
Create a Pod nginx and specify both CPU, memory requests and limits together and verify.

  • A. kubectl run nginx-request --image=nginx --restart=Always --dryrun -o yaml > nginx-request.yml
    // add the resources section and create
    apiVersion: v1
    kind: Pod
    metadata:
    labels:
    run: nginx
    name: nginx
    resources:
    requests:
    memory: "100Mi"
    cpu: "0.4"
    limits:
    memory: "200Mi"
    cpu: "7"
    restartPolicy: Always
    k kubectl apply -f nginx-request.yaml
    // Verify
    Kubectl top po
  • B. kubectl run nginx-request --image=nginx --restart=Always --dryrun -o yaml > nginx-request.yml
    // add the resources section and create
    apiVersion: v1
    kind: Pod
    metadata:
    labels:
    run: nginx
    name: nginx-request
    spec:
    containers:
    - image: nginx
    name: nginx
    resources:
    requests:
    memory: "100Mi"
    cpu: "0.5"
    limits:
    memory: "200Mi"
    cpu: "1"
    restartPolicy: Always
    k kubectl apply -f nginx-request.yaml
    // Verify
    Kubectl top po

Answer: B


NEW QUESTION # 44
A bootstrap USB flash drive has been prepared using a Windows workstation to load the initial configuration of a Palo Alto Networks firewall that was previously being used in a lab. The USB flash drive was formatted using file system FAT32 and the initial configuration is stored in a file named init-cfg.txt. The firewall is currently running PAN-OS 10.0 and using a lab config. The contents of init-cgf.txt in the USB flash drive are as follows:
type=dhcp-client
Ip-address=
default-gateway=
netmask=
Ipv6-address=
Ipv6-default-gateway=
hostname=Ca-FW-DC1
panorama-server=10.5.107.20
panorama-server-2=10.5.107.21
tplname=FINANCE_TG4
dgname=finance_dg
dns-primary=10.5.6.6
dns-secondary=10.5.6.7
op-command-modes-multi-vsys.jumbo-frame
dhcp-send-hostname=yes
dhcp-send-client-id=yes
dhcp-accept-server-hostname=yes
dhcp-accept-server-domain=yes
The USB flash drive has been inserted in the firewalls' USB port, and the firewall has been restarted using command> request restart system Upon restart, the firewall fails to begin the bootstrapping process. The failure is caused because:

  • A. The USB must be formatted using the exi3 file system, FAT32 is
  • B. The hostname is a required parameter, but it is missing in init-cfg.txt
  • C. The bootstrap xml file is a required file, but it is missing
  • D. PAN-OS version must be 9.1 x at a minimum, but the firewall is running 10.0x
  • E. Firewall must be in factory default state or have all private data deleted for bootstrapping

Answer: A


NEW QUESTION # 45
Get list of all the nodes with labels

Answer:

Explanation:
kubectl get nodes --show-labels


NEW QUESTION # 46
Get the DNS records for the service and pods for the deployment redis and the put the value in /tmp/dnsrecordpod and /tmp/dnsrecord-service

  • A. // Get Pod Ip
    kubectl get po -o wide
    // Get Service Name
    kubectl get svc
    // Create a temporary pod and execute nslookup command
    Note: POD IP format should be a-b-c-d and not a.b.c.d
    kubectl run busybox --image=busybox:1.28 --restart=Never -
    -rm -it -- nslookup 192-168-0-69.default.pod >
    /tmp/dnsrecord-pod
    kubectl run busybox1 --image=busybox:1.28 --restart=Never
    --rm -it -- nslookup redis-service > /tmp/dnsrecordservice
    //Verify
    cat /tmp/dnsrecord-pod
    Server: 10.2.0.10
    Address 1: 10.2.0.10 kube-dns.kube system.svc.cluster.local Name: 192-168-0-69.default.pod Address 1: 192.168.0.69 192-168-0-69.redis service.default.svc.cluster.local cat /tmp/dnsrecord-pod Server: 10.2.0.10 Address 1: 10.2.0.10 kube-dns.kube system.svc.cluster.local Name: 192-168-0-69.default.pod Address 1: 192.168.0.69 192-168-0-69.redis service.default.svc.cluster.local
  • B. // Get Pod Ip
    kubectl get po -o wide
    // Get Service Name
    kubectl get svc
    // Create a temporary pod and execute nslookup command
    Note: POD IP format should be a-b-c-d and not a.b.c.d
    kubectl run busybox --image=busybox:1.28 --restart=Never -
    -rm -it -- nslookup 192-168-0-69.default.pod >
    /tmp/dnsrecord-pod
    kubectl run busybox1 --image=busybox:1.26 --restart=Never
    --rm -it -- nslookup redis-service > /tmp/dnsrecordservice
    //Verify
    cat /tmp/dnsrecord-pod
    Server: 10.2.8.10
    Address 1: 10.2.0.10 kube-dns.kube system.svc.cluster.local Name: 192-168-0-69.default.pod Address 1: 192.168.0.69 192-166-0-69.redis service.default.svc.cluster.local cat /tmp/dnsrecord-pod Server: 10.2.0.10 Address 1: 10.2.0.10 kube-dns.kube system.svc.cluster.local Name: 192-168-0-69.default.pod Address 1: 192.168.0.69 192-168-0-69.redis service.default.svc.cluster.local

Answer: A


NEW QUESTION # 47
Watch the job that runs 10 times one by one and verify 10 pods are created and delete those after it's completed

Answer:

Explanation:
kubectl get job -w kubectl get po kubectl delete job hello-job


NEW QUESTION # 48
Scale the deploymentwebserverto6pods.

Answer:

Explanation:
See the solution below.
Explanation
solution


NEW QUESTION # 49
List "nginx-dev" and "nginx-prod" pod and delete those pods

Answer:

Explanation:
kubect1 get pods -o wide
kubectl delete po "nginx-dev" kubectl delete po "nginx-prod"


NEW QUESTION # 50
List all persistent volumes sorted by capacity, saving the full kubectl output to
/opt/KUCC00102/volume_list. Use kubectl 's own functionality for sorting the output, and do not manipulate it any further.

Answer:

Explanation:
See the solution below.
Explanation
solution


NEW QUESTION # 51
Create a snapshot of the etcd instance running at https://127.0.0.1:2379, saving the snapshot to the file path
/srv/data/etcd-snapshot.db.
The following TLS certificates/key are supplied for connecting to the server with etcdctl:
CA certificate: /opt/KUCM00302/ca.crt
Client certificate: /opt/KUCM00302/etcd-client.crt
Client key: Topt/KUCM00302/etcd-client.key

Answer:

Explanation:
See the solution below.
Explanation
solution
F:\Work\Data Entry Work\Data Entry\20200827\CKA\18 C.JPG


NEW QUESTION # 52
Monitor the logs of pod foo and:
Extract log lines corresponding to error
unable-to-access-website
Write them to /opt/KULM00201/foo

Answer:

Explanation:
solution


NEW QUESTION # 53
Create a pod with image nginx called nginx and allow traffic on port 80

Answer:

Explanation:
See the solution below.
Explanation
kubectlrun nginx --image=nginx --restart=Never --port=80


NEW QUESTION # 54
......

CKA certification dumps - Kubernetes Administrator CKA guides - 100% valid: https://torrentvce.pass4guide.com/CKA-dumps-questions.html

Related Articles

more
Linux Foundation CKA Certification Practice Exam