Kubernetes Flashcards
What is the “imperative” command to create a config map?
kubectl create configmap {configmap name} –from-literal={key}={value}
ex: kubectl create configmap app-config –from-literal=APP_COLOR=blue
ex: kubectl create configmap app-config –from-file=app_config.properties
What is the “declarative” command to create a config map?
kubectl create -f config-map.yaml
What is the “imperative” command to create a secret with key-value pairs?
kubectl create secret generic {secriet-name} –from-literal={key}={value}
ex: kubectl create secret generic app-secrect –from-literal=DB_Host=mysql –from-literal=DB_user=root –from-literal=DB_Password=paswr
What is the “imperative” command to create a secret in usage with a file?
kubectl create secret generic app-secret –from-file=app_secret.properties
What command can be used to view logs on a pod?
kubectl exec -it {pod-name} -n {namespace} cat /log/app.log
What are the steps in upgrading the master components to exact version v1.18.0?
1 - Drain the control plane node: kubectl drain {node-name} –ignore daemonsets
2 - apt install kubeadm=1.18.0-00
3 - kubeadm upgrade apply v1.18.0
4 - apt install kubelet=1.18.0-00
What is the command used to know what the latest stable version?
kubectl upgrade plan
kubectl upgrade plan | grep -i stable
What is the command used to create a snapshot of the etcd database?
ETCDCTL_API=3 etcdctl snapshot save –cacert=/etc/kubernetes/pki/etcd/ca.crt –cert=/etc/kubernetes/pki/etcd/server.crt –key=/etc/kubernetes/pki/etcd/server.key –endpoints=127.0.0.1:2379
What is the command used to check the members of the cluster?
ETCDCTL_API=3 etcdctl member list –cacert=/etc/kubernetes/pki/etcd/ca.crt –cert=/etc/kubernetes/pki/etcd/server.crt –key=/etc/kubernetes/pki/etcd/server.key –endpoints=127.0.0.1:2379
What are the 4 options needed to take a snapshot of the etcd datastore?
(1) –cacert
(2) –cert
(3) –endpoints
(4) –key
When performing a restore of the etcd database what are the options that are needed for the restore?
(1) –cacert
(2) –cert
(3) –endpoints
(4) –key
(5) –data-dir
(6) –initial-cluster
(7) –name
(8) –initial-advertise-peer-urls
(9) –initial-cluster-token
What is the CNI plugin configured to be used on this kubernetes cluster?
ls /etc/cni/net.d/
What binary executable file will be run by kubelet after a container and its associated namespace are created.
Look at the type field in file /etc/cni/net.d/10-weave.conf
cat /etc/cni/net.d/10-weave.conflist | grep -i type
Deploy weave-net networking solution to the cluster
kubectl apply -f “https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d ‘\n’)”
What is the Networking Solution used by this cluster?
ls /etc/cni/net.d/
What is the POD IP address range configured by weave?
Run the command ‘ip addr show weave’
What is the POD IP address range configured by weave?
Run the command ‘ip addr show weave’
What is the range of IP addresses configured for PODs on this cluster?
kubectl logs weave -n kube-system
and look for ipalloc-range
kc logs weave-net-brpnv weave -n kube-system | grep -i ipallo
What is the IP Range configured for the services within the cluster?
Inspect the setting on kube-api server by running on command cat /etc/kubernetes/manifests/kube-apiserver.yaml | grep cluster-ip-range
What type of proxy is the kube-proxy configured to use?
Check the logs of the kube-proxy pods. Command: kubectl logs kube-proxy-ft6n7 -n kube-system
Where does CoreDnS store its file?
/etc/coredns/Corefile
./Coredns
Identify the DNS solution implemented in this cluster.
Run the command kubectl get pods -n kube-system and look for the DNS pods
What is the IP of the CoreDNS server that should be configured on PODs to resolve services?
Run the command kubectl get service -n kube-system and look for cluster IP value.
Where is the configuration file located for configuring the CoreDNS service?
Inspect the Args of the coredns deployment and check the file used, example: kubectl -n kube-system describe deployments.apps coredns | grep -A2 Args | grep Corefile
What is the name of the ConfigMap object created for Corefile?
Run the command kubectl get configmap -n kube-system
What is the root domain/zone configured for this kubernetes cluster?
Run the command kubectl describe configmap coredns -n kube-system and look for the entry after kubernetes
cluster.local
From the hr pod nslookup the mysql service and redirect the output to a file /root/nslookup.out
Run the command kubectl exec -it hr nslookup mysql.payroll > /root/nslookup.out
What is the Host configured on the ingress-resource?
Run the command ‘kubectl describe ingress –namespace app-space’ and look at Host under the Rules section.
What is the command to create a namespace?
kubectl create namespace ingress-space
The NGINX Ingress Controller requires a ConfigMap object. Create a ConfigMap object in the ingress-space.
Run the command ‘kubectl create configmap nginx-configuration –namespace ingress-space’
The NGINX Ingress Controller requires a ServiceAccount. Create a ServiceAccount in the ingress-space.
Run the command ‘kubectl create serviceaccount ingress-serviceaccount –namespace ingress-space’
kc create serviceaccount ingress-serviceaccount -n ingress-space
We have created the Roles and RoleBindings for the ServiceAccount. Check it out!
Run the command ‘kubectl get roles,rolebindings –namespace ingress-space’
Let us now create a service to make Ingress available to external users.
Use the command kubectl expose deployment -n ingress-space ingress-controller –type=NodePort –port=80 –name=ingress –dry-run -o yaml >ingress.yaml
(Install a 3 node cluster)
In all three terminal, run the following command to get the Docker gpg key:
(In all three terminals)
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
(Install a 3 node cluster)
How would you add the docker gpg key to your repository?
(In all three terminals)
sudo add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable”
(Install a 3 node cluster)
How would you download the Kubernetes gpg key?
(In all three terminals)
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
(Install a 3 node cluster)
How would you add the Kubernetes gpg key to your repository?
cat «_space;EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
sudo apt update
Install Docker, Kubelet, kuceadm, kubectl on all three terminals
sudo apt install -y docker-ce=5:19.03.10~3-0~ubuntu-focal kubelet=1.18.5-00 kubeadm=1.18.5-00 kubectl=1.18.5-00
How do you initialize the Kubernetes cluster?
In the Controller server terminal, run the following command to initialize the cluster using kubeadm:
sudo kubeadm init –pod-network-cidr=10.244.0.0/16
In what way do you set up local kubeconfig?
In the Controller server terminal, run the following commands to set up local kubeconfig:
sudo mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
In what way do you apply the flannel CNI plugin as a network overlay?
In the Controller server terminal, run the following command to apply flannel:
kubectl apply -f https://docs.projectcalico.org/v3.14/manifests/calico.yaml
How would you Join the worker nodes to the cluster, and verify they have joined successfully?
When we ran sudo kubeadm init on the Controller node, there was a kubeadmin join command in the output. You’ll see it right under this text:
You can now join any number of machines by running the following on each node as root:
To join worker nodes to the cluster, we need to run that command, as root (we’ll just preface it with sudo) on each of them. It should look something like this:
sudo kubeadm join
How would you create a deployment?
In the Controller server terminal, run the following command to run a deployment of ngnix:
kubectl create deployment nginx –image=nginx
What is the command to check the release version of the OS in linux?
cat /etc/os-release
What ways are there to check to see if there is a container runtime installed on the linux machine?
check /var/run/ directory
ex: /var/run/docker.sock
/var/run/crio/crio.sock
What is the command to check the version of kubeadm on the master node?
kubeadm version -o short
How do you get to another node prompt from the master or other nodes?
ssh
What is the command to see the version of the kubelet?
kubelet –version
if you have lost the kubeadmin join command you can have another one created by using the following command?
kubeadmin token create –print-join-command
What is the command to show all components within a namespace?
kubectl -n alpha get all
When a pod is appened by the node that it is running on what does this mean?
Ex: kube-scheduler-master
That it is a static pod. Because it is appended by the name of where it is running. In the example in the question you see that it is running on the master node becuase of the -master. It is a control pane component.
Another way to confirm this is to check to see if there is a directory created for a static pod in the kubelet service.
cat /etc/systemd/system/kubelet.service.d/
What is the directly where the static pods are located?
/etc/kubernetes/manifests/
What is the component responsible for managing deployments and replicasets?
Check the kube-controller-manager configuratin at /etc/kubernetes/manifests/kube-controller-manager.yaml
Create a new pod with the name ‘redis’ and with the image ‘redis123’
kubectl run redis –image=redis123
What does kubeadm do?
Simplifies the process of building Kubernetes clusters.
Which Kubernetes component manages containers on an individual node?
kubelet is the agent that manages containers on each node
What is a Namespace?
Namespaces are virtual clusters running on the same physical cluster.
What is the Kubernetes control plane?
The control plane consists of multiple components that manage the cluster itself
What is the primary feature of Kubernetes?
Kubernetes provides tools and functionality around orchestrating container workloads.
Which flag can you use with kubeadm to supply a custom configuration file?
–config This flag allows you to pass in your own config file
What is Draining?
When performing maintenance, you may sometimes need to remove a Kubernetes node from service.
Containers running on the node will be gracefully terminated (and potentially rescheduled on another node).
What is the official etcd ports?
The official etcd ports are 2379 for client requests and 2380 for peer communication.
What software does Kubernetes use to store data about the state of the cluster?
Etcd
What command can you use to allow Pods to be scheduled on a previously-drained node after Node maintenance is complete?
kubectl uncordon
Which command allows you to upgrade control plane components?
kubeadm upgrade apply (This command will upgrade the control plane.)
.
Which tool can help you perform a Kubernetes upgrade?
kubeadm includes functionality to help you upgrade Kubernetes clusters.
How can you make Kubernetes highly available?
An HA setup for Kubernetes involved multiple control plane nodes
Which tool provides a command-line interface for Kubernetes?
kubectl provides a command-line interface to the Kubernetes API.
Which of the following are options for a highly-available Etcd architecture?
Why is this correct?
Stacked etcd, or managing Etcd alongside other control plane components, is one option for an HA setup.
Why is this correct?
External etcd, or managing Etcd separately from other control plane components, is one option for an HA setup.
Which tool(s) allow you to create Kubernetes clusters?
Why is this correct?
kubeadm allows you to build Kubernetes clusters.
Correct Answer: C
Why is this correct?
Minikube allows you to easily create single-node clusters.
Which command-line tool allows you to interact with Etcd and perform backups?
etcdctl is the command-line tool for Etcd.
