Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

K8S Certification > K8s Object Management > Flashcards

K8s Object Management Flashcards

1
Q

What is kubectl?

A

kubectl is a command line tool that allows you to interact with Kubernetes. Kubectl uses the Kubernetes API to communicate with the cluster and carry out your commands.

“You can use kubectl to deploy applications, inspect and manage cluster resources, and view logs.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does ‘kubectl get’ do?

A

‘kubectl get’ is used to list objects in the Kubernetes cluster.

$ kubectl get <object-type> <object-name> -o <output> --sort-by <JSONPath> --selector <selector></selector></JSONPath></output></object-name></object-type>

  • -o : Set output format
  • –sort-by : Sort the output using JSONPath expression
  • –selector : Filter results by label
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does ‘kubectl describe’ do?

A

‘kubectl describe’ allows you to get detailed information about Kubernetes objects.

$ kubectl describe <object-type> <object-name></object-name></object-type>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does ‘kubectl delete’ do?

A

‘kubectl delete’ is used to delete objects from the cluster.

$ kubectl delete <object-type> <object-name></object-name></object-type>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does ‘kubectl create’ do?

A

‘kubectl create’ allows you to create Kubernetes objects.

$ kubectl create -f <file-name></file-name>

Supply a YAML file with -f to create an object from a YAML descriptor stored in the file.

**Note: If you attempt to create an object that already exists, an error will occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does ‘kubectl apply’ do?

A

‘kubectl apply’ is similar to ‘kubectl create.’ However, if you use ‘kubectl apply’ on an existing object, it will modify the existing object, if possible.

$ kubectl apply -f <file-name></file-name>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does ‘kubectl exec’ do?

A

‘kubectl exec’ is used to run commands inside containers.

Keep in mind that in order for a command to succeed, the necessary software must exist within the container to run it.

$ kubectl exec <pod-name> -- <command></command></pod-name>

**For pods with multiple containers:

$ kubectl exec <pod-name> -c <container-name> -- <command></command></container-name></pod-name>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does this command do?

$ kubectl get pods -o wide –sort-by .spec.nodeName

A

Allows you to see which pods are running on which node.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is RBAC in K8s?

A

Role-based access control (RBAC) in K8s allows you to control what users are allowed to do and access within your cluster

For example, you can use RBAC to allow developers to read metadata and logs from K8s pods but not make changes to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Kubernetes Metrics Server?

A

In order to view metrics about the resources pods and containers are using, we need an add-on to collect and provide the data. One such add-on is Kubernetes Metrics Server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is ‘kubectl top’ ?

A

With kubectl top, you can view data about resource usage in your pods and nodes.

Kubectl top also supports flags like –sort-by and selector

$ kubectl top pod –sort-by <JSONPath> --selector <selector></selector></JSONPath>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How would you enable the Kubernetes Metrics Server add-on?

A

kubectl apply -f https://ram.githubusercontent.com/linuxacademy/content-cka-resources/master/metrics-server-components.yaml

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Query the metrics server api?

A

$ kubectl get –raw /apis/metrics.k8s.io/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Check CPU usage of the pods in a cluster, sorted by the ones using the most CPU.

A

$ kubectl top pod –sort-by cpu

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Check the resource usage of a pod based on a label called ‘metrics-test’

A

$ kubectl top pod –selector app=metrics-test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Check resource usage by node.

A

kubectl top node

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which flag allows you to save the command that was used to make a change?

A. –save-command

B. –record

C. –log

D. –dry-run

A

B. –record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which flag allows you to see what would happen when creating an object without actually creating the object?

A. -o test

B. –record

C. –dry-run=client

D. –test

A

C. –dry-run=client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which Kubernetes object defines a set of permissions and exists outside of any Namespace?

A. Role

B. ClusterRole

C. RBAC

D. ClusterRoleBinding

A

B. ClusterRole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which Kubernetes object can apply a Role to a user or ServiceAccount, but only within a particular Namespace?

A. NetworkPolicy

B. ClusterRoleBinding

C. ClusterRole

D. RoleBinding

A

D. RoleBinding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

When using kubectl get, which flag allows you to filter results by label?

A. –sort-by

B. –filter-by

C. –label

D. –selector

A

D. –selector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which flag allows you to save the command that was used to make a change?

A. –record

B. –save-command

C. –log

D. –dry-run

A

A. –record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which Kubernetes object can apply a Role to a user or ServiceAccount, but only within a particular Namespace?

A. RoleBinding

B. ClusterRole

C. NetworkPolicy

D. ClusterRoleBinding

A

A. RoleBinding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which tool collects data about resource usage by each container/Pod?

A. Metrics Server

B. Resource Inspector

C. API Server

D. Kubernetes Scheduler

A

A. Metrics Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which command can be used to display resource usage data for Pods?

A. kubectl top

B. kubectl metrics

C. kubectl usage

D. kubectl cpu

A

A. kubectl top

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which flag allows you to see what would happen when creating an object without actually creating the object?

A. –record

B. –test

C. -o test

D. –dry-run=client

A

D. –dry-run=client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

When using kubectl get, which flag allows you to filter results by label?

A. –sort-by

B. –selector

C. –label

D. –filter-by

A

B. –selector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which Kubernetes object defines a set of permissions and exists outside of any Namespace?

A. Role

B. ClusterRole

C. RBAC

D. ClusterRoleBinding

A

B. ClusterRole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How can you assign permissions to ServiceAccounts?

A. ServiceAccountRole

B. PodSecurityPolicies

C. RBAC

D. NetworkPolicies

A

C. RBAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which command shows detailed information about a Kubernetes object in a human-readable format?

A. kubectl get -o readable

B. kubectl describe

C. kubectl get -o describe

D. kubectl view

A

B. kubectl describe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What object allows you to create an account used by Pods to access the Kubernetes API?

A. Role

B. ServiceAccount

C. Principal

D. User

A

B. ServiceAccount

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

QUESTION 1

Which of the following situations could init containers be used for? (select all that apply)

Choose 3

A. Perform startup steps involving sensitive data outside the main container(s).

B. Put data into a shared volume so that the main container(s) can access it.

C. Interact with the main container during runtime.

D. Make a Pod wait for another resource to be available before finishing startup.

A

A. Perform startup steps involving sensitive data outside the main container(s).

B. Put data into a shared volume so that the main container(s) can access it.

D. Make a Pod wait for another resource to be available before finishing startup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which object should you use to store non-sensitive configuration data?

A. ClusterRole

B. ConfigMap

C. Secret

D. Pod

A

B. ConfigMap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What does a resource request do (select all that apply)?

Choose 2

A. Throttles containers attempting to use more than the requested resources.

B. Stops a container that is using more than the requested resources.

C. Allows you to define the amount of resources you expect a container to use.

D. Prevents Pods from being scheduled on Nodes without sufficient resources.

A

C. Allows you to define the amount of resources you expect a container to use.

D. Prevents Pods from being scheduled on Nodes without sufficient resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What object should you use to store a password?

A. SecureConfigMap

B. ConfigMap

C. Secret

D. Password

A

C. Secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What Kubernetes feature can you use to prevent containers from using more than a set amount of resources?

A. Resource requests

B. Metrics server

C. Resource limits

D. Restart policies

A

C. Resource limits

37
Q

You have a container that is designed to run a batch job. It needs to run successfully, but should not be run again once it succeeds. Which restart policy should you use?

A. Always

B. OnCompletion

C. Never

D. OnFailure

A

D. OnFailure

38
Q

What can you use to customize what happens when a container stops running?

A. Readiness Probe

B. Container Status

C. Restart Policy

D. Liveness Probe

A

C. Restart Policy

39
Q

Which of the following probes run only during the container startup process?

A. Readiness probes

B. Container status probes

C. Liveness probes

D. Startup probes

A

D. Startup probes

40
Q

How many containers can you have per Pod?

A. Any number

B. At least one or more

C. Zero or more

D. At least two or more

A

B. At least one or more

41
Q

What can you use to customize how Kubernetes measures the health of a container?

A. Readiness probe

B. Liveness probe

C. Startup probe

D. Restart policy

A

B. Liveness probe

42
Q

When do init containers run?

A. Set up Services.

B. Run when the cluster Node starts up.

C. Run when the Kubernetes API Server starts up.

D. Run to completion before the main container(s) start.

A

D. Run to completion before the main container(s) start.

43
Q

Which of the following are ways containers sharing the same Pod can interact? (choose all that apply)

Choose 2

A. Network ports that are not exposed to the cluster

B. Shared ConfigMaps.

C. Shared storage volumes.

D. Shared Secrets.

A

A. Network ports that are not exposed to the cluster
C. Shared storage volumes.

44
Q

What is a Mirror Pod?

A. A representation of a static Pod in the Kubernetes API.

B. A replica of the primary Pod in a DaemonSet.

C. A replica of the primary Pod in a Deployment.

D. A Pod that copies the settings of another Pod.

A

A. A representation of a static Pod in the Kubernetes API.

45
Q

Which of the following PodSpec attributes is guaranteed to cause a Pod to run on a specific node, regardless of that Node’s labels?

A. nodeTarget

B. nodeSelector

C. nodeName

D. node

A

C. nodeName

46
Q

You need to run exactly one Pod replica on each worker Node. What would you use to accomplish this?

A. Static Pod

B. Deployment

C. DaemonSet

D. ReplicaSet

A

C. DaemonSet

47
Q

You have a DaemonSet running a replica on each Node. Assuming you have no special taints on your Nodes, what happens when you add a new Node to the cluster?

A. The Node cannot be added since it does not have a replica for the DaemonSet.

B. A new replica is created to run on the new Node.

C. The DaemonSet will give an error message.

D. Nothing.

A

B. A new replica is created to run on the new Node.

48
Q

How can you create a Pod that will run on a Node even if there is no Kubernetes API Server present?

A. DaemonSet

B. Static Pod

C. Static Deployment

D. Mirror Pod

A

B. Static Pod

49
Q

What PodSpec attribute can you use to limit which node(s) a Pod will run on based upon Node labels?

A. Pod labels

B. nodeSelector

C. nodeLimit

D. nodeName

A

B. nodeSelector

50
Q

What does a Deployment’s template do?

A. Specifies which Pods are managed by the Deployment.

B. Specifies the number of replicas in the Deployment.

C. Specifies settings to be used by multiple Deployments.

D. Provides a specification which will be used to create new Pods.

A

D. Provides a specification which will be used to create new Pods.

51
Q

Which command(s) can be used to scale a deployment? (select all that apply)

Choose 2

A. kubectl get deployment –set-replicas

B. kubectl edit deployment

C. kubectl set-replicas

D. kubectl scale

A

B. kubectl edit deployment
D. kubectl scale

52
Q

Which term refers to the process of gradually implementing new changes across a Deployment’s replica Pods?

A. Rolling Update

B. Rollback

C. Scaling

D. ReplicaSet

A

A. Rolling Update

53
Q

What Kubernetes object allows you to specify a desired state for a set of replica Pods?

A. Deployment

B. Multi-Container Pod

C. Static Pod

D. Services do not specify a desired state for multiple replicas.

A

A. Deployment

54
Q

Which term refers to changing the number of replicas in a Deployment.

A. Rollout

B. ReplicaSet

C. Scaling

D. Rolling Updates

A

C. Scaling

55
Q

You have performed a rolling update of one of your apps, but there are issues with the new code. How can you return to the previous, working state?

A. Kubernetes does not support this functionality.

B. Throw the issue over the wall to the developers and wait for them to supply a fix.

C. Perform a rollback on the Deployment

D. Delete and re-create the Deployment

A

C. Perform a rollback on the Deployment

56
Q

Which of the following statements about the Kubernetes Network Model is true? (select all that apply)

Choose 2

A. Each Pod has a unique IP address.

B. There is a single virtual network for the entire cluster.

C. Pods can have the same IP address if they are on different Nodes.

D. Each Node has its own virtual network.

A

A. Each Pod has a unique IP address.
B. There is a single virtual network for the entire cluster.

57
Q

What allows Pods to locate other Pods and Services using a domain name?

A. DNS

B. kube-controller-manager

C. kube-proxy

D. CNI plugin

A

A. DNS

58
Q

Which of the following types of traffic can a single NetworkPolicy object control?

A. Ingress only

B. Egress only

C. Neither Ingress or Egress

D. Both Ingress and Egress

A

D. Both Ingress and Egress

59
Q

What happens to a cluster when no CNI plugin has been installed?

A. Nodes cannot join the cluster.

B. Nodes will remain in the NotReady state.

C. Kubernetes objects cannot be created.

D. Nodes will fail to start up.

A

B. Nodes will remain in the NotReady state.

60
Q

What do CNI plugins do?

A. Provide network connectivity between containers within the same Pod.

B. Provide network connectivity between Nodes

C. Provide custom functionality for Pod scheduling.

D. Implement the Kubernetes Network Model.

A

D. Implement the Kubernetes Network Model.

61
Q

Which of the following could be a valid domain name for a Pod?

A. 123-123-1-1.pod.cluster.local

B. 123-123-1-1.dev.pod.cluster.local

C. 123-123-1-1.dev.cluster.local

D. my-pod.dev.pod.cluster.local

A

B. 123-123-1-1.dev.pod.cluster.local

62
Q

From within a Pod, what do you need to do in order to communicate with a Pod on another Node?

A. Use the other Node’s IP address.

B. Use a special port on the other Node.

C. You can communicate normally using only the other Pod’s IP address.

D. Use a Service.

A

C. You can communicate normally using only the other Pod’s IP address.

63
Q

You need to limit network access to a Pod so that only one other Pod can communicate with it. What Kubernetes object should you use?

A. NetworkPolicy

B. DNS

C. ClusterRoleBinding

D. SecurityGroup

A

A. NetworkPolicy

64
Q

What is the term for the entity that an Ingress routes incoming traffic to?

A. path

B. endpoint

C. egress

D. backend

A

D. backend

65
Q

You have a set of Pods running in the cluster. Which Service type would be the best choice to allow those Pods to be accessed by other Pods within the cluster?

A. LoadBalancer

B. ExternalName

C. ClusterIP

D. NodePort

A

C. ClusterIP

66
Q

You have multiple replica Pods. Which Kubernetes object can allow clients to communicate with these Pods in an abstract way?

A. Deployment

B. NetworkPolicy

C. ReplicaSet

D. Service

A

D. Service

67
Q

Which Service type exposes a Service externally by listening on a port on each cluster Node?

A. NodePort

B. ClusterIP

C. ExternalName

D. LoadBalancer

A

A. NodePort

68
Q

You have a Service called my-service in the default Namespace. The cluster domain is cluster.local. You are trying to access this Service from a Pod that is also in the default Namespace. Which of the following domain names can you use? (select all that apply)

Choose 2

A. my-service.default.svc.cluster.local

B. my-service

C. my-service.svc.cluster.local

D. my-service.default.cluster.local

A

A. my-service.default.svc.cluster.local
B. my-service

69
Q

What is an endpoint?

A. The IP address and port of a ClusterIP Service.

B. A Service’s targetPort.

C. A backend entity that a Service routes traffic to.

D. The external port used by a NodePort service.

A

C. A backend entity that a Service routes traffic to.

70
Q

Which of the following statements about Service DNS are true? (select all that apply)

Choose 2

A. Pods must be specially configured to use the cluster DNS in order to locate Services.

B. Pods can NOT reach Services in another Namespace using a fully qualified domain name.

C. Every Service has a domain name.

D. Pods can use domain names to locate Services.

A

C. Every Service has a domain name.
D. Pods can use domain names to locate Services.

71
Q

Which of the following statements accurately describes the Ingress Kubernetes object?

A. An object that exposes Pods on a specific Node.

B. An object that exposes external access to Services.

C. An object that whitelists incoming traffic in a NetworkPolicy.

D. An object that routes external traffic to Pods.

A

B. An object that exposes external access to Services.

72
Q

Which of the following statements about volumes is true? (select all that apply)

Choose 2

A. hostPath is currently the only supported volume type.

B. You can choose the path within the container where the volume will be mounted.

C. volumes are listed in the PodSpec, not the ContainerSpec.

D. You cannot mount the same volume to multiple containers.

A

B. You can choose the path within the container where the volume will be mounted.
C. volumes are listed in the PodSpec, not the ContainerSpec.

73
Q

What object is used by a Kubernetes administrator to define the types of PersistentVolume storage resources that are available in the cluster?

A. PersistentVolumeType

B. PersistentVolumeClaim

C. StorageClass

D. PersistentVolumeReclaimPolicy

A

C. StorageClass

74
Q

Which object would be used to abstractly define a storage resource that can be used by users as they are creating Pods?

A. StorageClass

B. PersistentVolumeClaim

C. Volume

D. PersistentVolume

A

D. PersistentVolume

75
Q

What happens to data on a container file system when the container is deleted?

A. It is saved to an external volume.

B. It is lost.

C. The data is kept on the container file system.

D. It is backed up to a PersistentVolume.

A

B. It is lost.

76
Q

You have two containers in a Pod, and you want them to interact by sharing data using a volume. Assuming you do not need the data to persist if the Pod is deleted, which volume type should you use?

A. configMap

B. nfs

C. emptyDir

D. hostPath

A

C. emptyDir

77
Q

What does a volume type determine?

A. The type of container the volume can be used with.

B. How many containers can access the data.

C. The underlying storage mechanism.

D. The type of data that will be stored in the volume.

A

C. The underlying storage mechanism.

78
Q

There is a PersistentVolume in the cluster, and its PersistentVolumeClaim is deleted, since the user no longer needs to use the PersistentVolume. Which of the following must be true in order for the PersistentVolume to be automatically re-usable?

A. The StorageClass must have allowVolumeExpansion set to true.

B. The PersistentVolume must have reusable set to true.

C. The PersistentVolume must have persistentVolumeReclaimPolicy set to Recycle.

D. The PersistentVolumeClaim must be deleted using the –reclaim flag.

A

C. The PersistentVolume must have persistentVolumeReclaimPolicy set to Recycle.

79
Q

Which of the following statements about PersistentVolumeClaims is true? (select all that apply)

Choose 3

A. PersistentVolumeClaims can be added to Pods as a volume.

B. PersistentVolumeClaims can sometimes be resized.

C. PersistentVolumeClaims reference a StorageClass.

D. You can’t expand PersistentVolumeClaims without interrupting applications that are using them.

A

A. PersistentVolumeClaims can be added to Pods as a volume.
B. PersistentVolumeClaims can sometimes be resized.
C. PersistentVolumeClaims reference a StorageClass.

80
Q

In a cluster built with kubeadm, how can you find logs for the Kubernetes API Server?

A. kubectl logs -n kube-system <api-server-pod-name></api-server-pod-name>

B. cat /var/log/kube-apiserver.log

C. kubectl apiserver get logs

D. kubectl logs -n kube-apiserver

A

A. kubectl logs -n kube-system <api-server-pod-name></api-server-pod-name>

81
Q

Your kubeadm cluster is having issues resolving Service DNS names. Where would you look to make sure the cluster DNS is up and running?

A. Check the DNS log on the control plane Node with journalctl.

B. Check the status of the kube-dns service with systemctl.

C. Use the kubeadm dns status command.

D. Look for DNS Pods in the kube-system Namespace.

A

D. Look for DNS Pods in the kube-system Namespace.

82
Q

How can you explore the Kubernetes network from inside that network?

A. Use kubeadm proxy to connect to the cluster network.

B. Create a ClusterIP Service

C. Create a Pod and run commands inside that Pod.

D. Create a NodePort Service

A

C. Create a Pod and run commands inside that Pod.

83
Q

What command can you use to view a container’s logs?

A. kubectl logs

B. kubectl view logs

C. kubectl log

D. kubectl get logs

A

A. kubectl logs

84
Q

In a cluster built with kubeadm, how can you check the status of cluster components such as kube-apiserver?

A. Check the status of Pods in the kube-system Namespace.

B. Delete and re-create the kube-apiserver manifest file.

C. Restart kubelet.

D. Check the status of the kube-apiserver service with systemctl.

A

A. Check the status of Pods in the kube-system Namespace.

85
Q

What command can you use to view the status of all Nodes in the cluster?

A. kubectl list nodes

B. kubectl describe node

C. kubectl get nodes

D. kubectl status –nodes

A

C. kubectl get nodes

86
Q

You have a Pod called my-pod in the dev Namespace with multiple containers. There is one container called busybox within the Pod. How can you execute the ls command inside that container?

A. kubectl exec -n dev my-pod -c busybox – ls

B. kubectl exec -n dev my-pod – ls

C. kubectl run -n dev my-pod -c busybox – ls

D. kubectl exec my-pod -c busybox – ls

A

A. kubectl exec -n dev my-pod -c busybox – ls

87
Q

Which command allows you to get detailed information about a Pod’s status in a human-readable format?

A. kubeadm inspect pod

B. kubectl get pod

C. kubectl get pod -o json

D. kubectl describe pod

A

D. kubectl describe pod

88
Q

In a cluster built with kubeadm, which of the following commands would let you view the logs for kubelet?

A. kubectl logs kubelet -n kube-system

B. cat /etc/kubernetes/manifests/kube-apiserver.yaml

C. sudo journalctl -u kubelet

D. kubectl logs kubelet

A

C. sudo journalctl -u kubelet

89
Q

Which of the following statements is true about container logs in Kubernetes? (select all that apply)

Choose 2

A. You can access container logs using kubectl.

B. When retrieving logs, you must specify the container name if the Pod has only one container.

C. When retrieving logs, you must specify the container name if the Pod has multiple containers.

D. Only data written to standard output (stdout) will appear in container logs.

A

A. You can access container logs using kubectl.
C. When retrieving logs, you must specify the container name if the Pod has multiple containers.

K8S Certification (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions