This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Mon Feb 24 21:09:50 2025 / +0000 GMT ___________________________________________________ Title: [Feb-2025] The Best Kubernetes Application Developer CKAD Professional Exam Questions [Q17-Q38] --------------------------------------------------- [Feb-2025] The Best Kubernetes Application Developer CKAD Professional Exam Questions Try 100% Updated CKAD Exam Questions [2025] The CKAD certification is an essential certification for professionals who want to demonstrate their expertise in Kubernetes and its ecosystem. CKAD exam is designed for developers who are working on cloud-native applications or DevOps engineers who are responsible for deploying and managing Kubernetes clusters. Linux Foundation Certified Kubernetes Application Developer Exam certification validates a candidate's skills and knowledge in Kubernetes, Docker, and cloud-native application development, making them stand out in the job market.   QUESTION 17ContextA project that you are working on has a requirement for persistent data to be available.TaskTo facilitate this, perform the following tasks:* Create a file on node sk8s-node-0 at /opt/KDSP00101/data/index.html with the content Acct=Finance* Create a PersistentVolume named task-pv-volume using hostPath and allocate 1Gi to it, specifying that the volume is at /opt/KDSP00101/data on the cluster’s node. The configuration should specify the access mode of ReadWriteOnce . It should define the StorageClass name exam for the PersistentVolume , which will be used to bind PersistentVolumeClaim requests to this PersistenetVolume.* Create a PefsissentVolumeClaim named task-pv-claim that requests a volume of at least 100Mi and specifies an access mode of ReadWriteOnce* Create a pod that uses the PersistentVolmeClaim as a volume with a label app: my-storage-app mounting the resulting volume to a mountPath /usr/share/nginx/html inside the pod See the solution below.ExplanationSolution:QUESTION 18Refer to Exhibit.Task:1) Create a secret named app-secret in the default namespace containing the following single key-value pair:Key3: value12) Create a Pod named ngnix secret in the default namespace.Specify a single container using the nginx:stable image.Add an environment variable named BEST_VARIABLE consuming the value of the secret key3. Solution:QUESTION 19ContextTask:Modify the existing Deployment named broker-deployment running in namespace quetzal so that its containers.1) Run with user ID 30000 and2) Privilege escalation is forbiddenThe broker-deployment is manifest file can be found at: Solution:QUESTION 20ContextContextA project that you are working on has a requirement for persistent data to be available.TaskTo facilitate this, perform the following tasks:* Create a file on node sk8s-node-0 at /opt/KDSP00101/data/index.html with the content Acct=Finance* Create a PersistentVolume named task-pv-volume using hostPath and allocate 1Gi to it, specifying that the volume is at /opt/KDSP00101/data on the cluster’s node. The configuration should specify the access mode of ReadWriteOnce . It should define the StorageClass name exam for the PersistentVolume , which will be used to bind PersistentVolumeClaim requests to this PersistenetVolume.* Create a PefsissentVolumeClaim named task-pv-claim that requests a volume of at least 100Mi and specifies an access mode of ReadWriteOnce* Create a pod that uses the PersistentVolmeClaim as a volume with a label app: my-storage-app mounting the resulting volume to a mountPath /usr/share/nginx/html inside the pod Solution:QUESTION 21Refer to Exhibit.Set Configuration Context:[student@node-1] $ | kubectlConfig use-context k8sContextA pod is running on the cluster but it is not responding.TaskThe desired behavior is to have Kubemetes restart the pod when an endpoint returns an HTTP 500 on the /healthz endpoint. The service, probe-pod, should never send traffic to the pod while it is failing. Please complete the following:* The application has an endpoint, /started, that will indicate if it can accept traffic by returning an HTTP 200. If the endpoint returns an HTTP 500, the application has not yet finished initialization.* The application has another endpoint /healthz that will indicate if the application is still working as expected by returning an HTTP 200. If the endpoint returns an HTTP 500 the application is no longer responsive.* Configure the probe-pod pod provided to use these endpoints* The probes should use port 8080 Solution:To have Kubernetes automatically restart a pod when an endpoint returns an HTTP 500 on the /healthz endpoint, you will need to configure liveness and readiness probes on the pod.First, you will need to create a livenessProbe and a readinessProbe in the pod’s definition yaml file. The livenessProbe will check the /healthz endpoint, and if it returns an HTTP 500, the pod will be restarted. The readinessProbe will check the /started endpoint, and if it returns an HTTP 500, the pod will not receive traffic.Here’s an example of how you can configure the liveness and readiness probes in the pod definition yaml file:apiVersion: v1kind: Podmetadata:name: probe-podspec:containers:– name: probe-podimage: <image-name>ports:– containerPort: 8080livenessProbe:httpGet:path: /healthzport: 8080initialDelaySeconds: 15periodSeconds: 10failureThreshold: 3readinessProbe:httpGet:path: /startedport: 8080initialDelaySeconds: 15periodSeconds: 10failureThreshold: 3The httpGet specifies the endpoint to check and the port to use. The initialDelaySeconds is the amount of time the pod will wait before starting the probe. periodSeconds is the amount of time between each probe check, and the failureThreshold is the number of failed probes before the pod is considered unresponsive.You can use kubectl to create the pod by running the following command:kubectl apply -f <filename>.yamlOnce the pod is created, Kubernetes will start monitoring it using the configured liveness and readiness probes. If the /healthz endpoint returns an HTTP 500, the pod will be restarted. If the /started endpoint returns an HTTP 500, the pod will not receive traffic.Please note that if the failure threshold is set to 3, it means that if the probe fails 3 times consecutively it will be considered as a failure.The above configuration assumes that the application is running on port 8080 and the endpoints are available on the same port.QUESTION 22ContextContextYou are tasked to create a ConfigMap and consume the ConfigMap in a pod using a volume mount.TaskPlease complete the following:* Create a ConfigMap named another-config containing the key/value pair: key4/value3* start a pod named nginx-configmap containing a single container using the nginx image, and mount the key you just created into the pod under directory /also/a/path Solution:QUESTION 23ContextYou are asked to prepare a Canary deployment for testing a new application release.Task:A Service named krill-Service in the goshark namespace points to 5 pod created by the Deployment named current-krill-deployment1) Create an identical Deployment named canary-kill-deployment, in the same namespace.2) Modify the Deployment so that:-A maximum number of 10 pods run in the goshawk namespace.-40% of the krill-service ‘s traffic goes to the canary-krill-deployment pod(s) See the solution below.ExplanationSolution:Text Description automatically generatedQUESTION 24Exhibit:ContextA user has reported an aopticauon is unteachable due to a failing livenessProbe .TaskPerform the following tasks:* Find the broken pod and store its name and namespace to /opt/KDOB00401/broken.txt in the format:The output file has already been created* Store the associated error events to a file /opt/KDOB00401/error.txt, The output file has already been created. You will need to use the -o wide output specifier with your command* Fix the issue.  Solution:Create the Pod:kubectl create -f http://k8s.io/docs/tasks/configure-pod-container/exec-liveness.yamlWithin 30 seconds, view the Pod events:kubectl describe pod liveness-execThe output indicates that no liveness probes have failed yet:FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-24s 24s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker023s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “gcr.io/google_containers/busybox”23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image “gcr.io/google_containers/busybox”23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id 86849c15382e; Security:[seccomp=unconfined]23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id 86849c15382eAfter 35 seconds, view the Pod events again:kubectl describe pod liveness-execAt the bottom of the output, there are messages indicating that the liveness probes have failed, and the containers have been killed and recreated.FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-37s 37s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker036s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “gcr.io/google_containers/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image “gcr.io/google_containers/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id 86849c15382e; Security:[seccomp=unconfined]36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id 86849c15382e2s 2s 1 {kubelet worker0} spec.containers{liveness} Warning Unhealthy Liveness probe failed: cat: can’t open ‘/tmp/healthy’: No such file or directoryWait another 30 seconds, and verify that the Container has been restarted:kubectl get pod liveness-execThe output shows that RESTARTS has been incremented:NAME READY STATUS RESTARTS AGEliveness-exec 1/1 Running 1 m  Solution:Create the Pod:kubectl create -f http://k8s.io/docs/tasks/configure-pod-container/exec-liveness.yamlWithin 30 seconds, view the Pod events:kubectl describe pod liveness-execThe output indicates that no liveness probes have failed yet:FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-24s 24s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker023s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “gcr.io/google_containers/busybox”kubectl describe pod liveness-execAt the bottom of the output, there are messages indicating that the liveness probes have failed, and the containers have been killed and recreated.FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-37s 37s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker036s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “gcr.io/google_containers/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image “gcr.io/google_containers/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id 86849c15382e; Security:[seccomp=unconfined]36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id 86849c15382e2s 2s 1 {kubelet worker0} spec.containers{liveness} Warning Unhealthy Liveness probe failed: cat: can’t open ‘/tmp/healthy’: No such file or directoryWait another 30 seconds, and verify that the Container has been restarted:kubectl get pod liveness-execThe output shows that RESTARTS has been incremented:NAME READY STATUS RESTARTS AGEliveness-exec 1/1 Running 1 m QUESTION 25Refer to Exhibit.Task:The pod for the Deployment named nosql in the craytisn namespace fails to start because its container runs out of resources.Update the nosol Deployment so that the Pod:1) Request 160M of memory for its Container2) Limits the memory to half the maximum memory constraint set for the crayfah name space. Solution:QUESTION 26Exhibit:TaskCreate a new deployment for running.nginx with the following parameters;* Run the deployment in the kdpd00201 namespace. The namespace has already been created* Name the deployment frontend and configure with 4 replicas* Configure the pod with a container image of lfccncf/nginx:1.13.7* Set an environment variable of NGINX__PORT=8080 and also expose that port for the container above  Solution:  Solution: QUESTION 27Refer to Exhibit.ContextYou have been tasked with scaling an existing deployment for availability, and creating a service to expose the deployment within your infrastructure.TaskStart with the deployment named kdsn00101-deployment which has already been deployed to the namespace kdsn00101 . Edit it to:* Add the func=webFrontEnd key/value label to the pod template metadata to identify the pod for the service definition* Have 4 replicasNext, create ana deploy in namespace kdsn00l01 a service that accomplishes the following:* Exposes the service on TCP port 8080* is mapped to me pods defined by the specification of kdsn00l01-deployment* Is of type NodePort* Has a name of cherry Solution:QUESTION 28ContextGiven a container that writes a log file in format A and a container that converts log files from format A to format B, create a deployment that runs both containers such that the log files from the first container are converted by the second container, emitting logs in format B.Task:* Create a deployment named deployment-xyz in the default namespace, that:* Includes a primarylfccncf/busybox:1 container, named logger-dev* includes a sidecar Ifccncf/fluentd:v0.12 container, named adapter-zen* Mounts a shared volume /tmp/log on both containers, which does not persist when the pod is deleted* Instructs the logger-devcontainer to run the commandwhich should output logs to /tmp/log/input.log in plain text format, with example values:* The adapter-zen sidecar container should read /tmp/log/input.log and output the data to /tmp/log/output.* in Fluentd JSON format. Note that no knowledge of Fluentd is required to complete this task: all you will need to achieve this is to create the ConfigMap from the spec file provided at /opt/KDMC00102/fluentd-configma p.yaml , and mount that ConfigMap to /fluentd/etc in the adapter-zen sidecar container Solution:QUESTION 29ContextContextAs a Kubernetes application developer you will often find yourself needing to update a running application.TaskPlease complete the following:* Update the app deployment in the kdpd00202 namespace with a maxSurge of 5% and a maxUnavailable of 2%* Perform a rolling update of the web1 deployment, changing the Ifccncf/ngmx image version to 1.13* Roll back the app deployment to the previous version Solution:QUESTION 30TaskCreate a new deployment for running.nginx with the following parameters;* Run the deployment in the kdpd00201 namespace. The namespace has already been created* Name the deployment frontend and configure with 4 replicas* Configure the pod with a container image of lfccncf/nginx:1.13.7* Set an environment variable of NGINX__PORT=8080 and also expose that port for the container above See the solution below. ExplanationSolution:QUESTION 31ContextTask:Update the Pod ckad00018-newpod in the ckad00018 namespace to use a NetworkPolicy allowing the Pod to send and receive traffic only to and from the pods web and db Solution:QUESTION 32Task:1) Fix any API depreciation issues in the manifest file -/credible-mite/www.yaml so that this application can be deployed on cluster K8s.2) Deploy the application specified in the updated manifest file -/credible-mite/www.yaml in namespace cobra See the solution below. ExplanationSolution:Text Description automatically generatedText Description automatically generatedQUESTION 33ContextYou are tasked to create a secret and consume the secret in a pod using environment variables as follow:Task* Create a secret named another-secret with a key/value pair; key1/value4* Start an nginx pod named nginx-secret using container image nginx, and add an environment variable exposing the value of the secret key key 1, using COOL_VARIABLE as the name for the environment variable inside the pod Solution:QUESTION 34Task:Create a Deployment named expose in the existing ckad00014 namespace running 6 replicas of a Pod. Specify a single container using the ifccncf/nginx: 1.13.7 image Add an environment variable named NGINX_PORT with the value 8001 to the container then expose port8001 See the solution below.ExplanationSolution:Text Description automatically generatedText Description automatically generatedQUESTION 35ContextTaskYou are required to create a pod that requests a certain amount of CPU and memory, so it gets scheduled to-a node that has those resources available.* Create a pod named nginx-resources in the pod-resources namespace that requests a minimum of 200m CPU and 1Gi memory for its container* The pod should use the nginx image* The pod-resources namespace has already been created Solution:QUESTION 36ContextA pod is running on the cluster but it is not responding.TaskThe desired behavior is to have Kubemetes restart the pod when an endpoint returns an HTTP 500 on the/healthz endpoint. The service, probe-pod, should never send traffic to the pod while it is failing. Please complete the following:* The application has an endpoint, /started, that will indicate if it can accept traffic by returning an HTTP 200.If the endpoint returns an HTTP 500, the application has not yet finished initialization.* The application has another endpoint /healthz that will indicate if the application is still working as expected by returning an HTTP 200. If the endpoint returns an HTTP 500 the application is no longer responsive.* Configure the probe-pod pod provided to use these endpoints* The probes should use port 8080 See the solution below.ExplanationSolution:apiVersion: v1kind: Podmetadata:labels:test: livenessname: liveness-execspec:containers:– name: livenessimage: k8s.gcr.io/busyboxargs:– /bin/sh– -c– touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600livenessProbe:exec:command:– cat– /tmp/healthyinitialDelaySeconds: 5periodSeconds: 5In the configuration file, you can see that the Pod has a single Container. The periodSeconds field specifies that the kubelet should perform a liveness probe every 5 seconds. The initialDelaySeconds field tells the kubelet that it should wait 5 seconds before performing the first probe. To perform a probe, the kubelet executes the command cat /tmp/healthy in the target container. If the command succeeds, it returns 0, and the kubelet considers the container to be alive and healthy. If the command returns a non-zero value, the kubelet kills the container and restarts it.When the container starts, it executes this command:/bin/sh -c “touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600” For the first 30 seconds of the container’s life, there is a /tmp/healthy file. So during the first 30 seconds, the command cat /tmp/healthy returns a success code. After 30 seconds, cat /tmp/healthy returns a failure code.Create the Pod:kubectl apply -f https://k8s.io/examples/pods/probe/exec-liveness.yamlWithin 30 seconds, view the Pod events:kubectl describe pod liveness-execThe output indicates that no liveness probes have failed yet:FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-24s 24s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker023s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “k8s.gcr.io/busybox”23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image“k8s.gcr.io/busybox”23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id86849c15382e; Security:[seccomp=unconfined]23s 23s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id86849c15382eAfter 35 seconds, view the Pod events again:kubectl describe pod liveness-execAt the bottom of the output, there are messages indicating that the liveness probes have failed, and the containers have been killed and recreated.FirstSeen LastSeen Count From SubobjectPath Type Reason Message——— ——– —– —- ————- ——– —— ——-37s 37s 1 {default-scheduler } Normal Scheduled Successfully assigned liveness-exec to worker036s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulling pulling image “k8s.gcr.io/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Pulled Successfully pulled image“k8s.gcr.io/busybox”36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Created Created container with docker id86849c15382e; Security:[seccomp=unconfined]36s 36s 1 {kubelet worker0} spec.containers{liveness} Normal Started Started container with docker id86849c15382e2s 2s 1 {kubelet worker0} spec.containers{liveness} Warning Unhealthy Liveness probe failed: cat: can’t open‘/tmp/healthy’: No such file or directoryWait another 30 seconds, and verify that the container has been restarted:kubectl get pod liveness-execThe output shows that RESTARTS has been incremented:NAME READY STATUS RESTARTS AGEliveness-exec 1/1 Running 1 1mQUESTION 37ContextTask:1- Update the Propertunel scaling configuration of the Deployment web1 in the ckad00015 namespace setting maxSurge to 2 and maxUnavailable to 592- Update the web1 Deployment to use version tag 1.13.7 for the Ifconf/nginx container image.3- Perform a rollback of the web1 Deployment to its previous version Solution:QUESTION 38ContextTask:1) First update the Deployment cka00017-deployment in the ckad00017 namespace:To run 2 replicas of the podAdd the following label on the pod:Role userUI2) Next, Create a NodePort Service named cherry in the ckad00017 nmespace exposing the ckad00017-deployment Deployment on TCP port 8888 Solution: Loading … Linux Foundation offers a variety of training courses and resources to help developers prepare for the CKAD certification exam. These resources include online courses, study guides, practice exams, and hands-on labs. The Linux Foundation also provides a certification exam voucher that can be redeemed for the CKAD certification exam. This voucher includes one free retake if the candidate does not pass the exam on the first attempt.   CKAD Exam Questions Get Updated [2025] with Correct Answers: https://www.vceprep.com/CKAD-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2025-02-24 14:43:05 Post date GMT: 2025-02-24 14:43:05 Post modified date: 2025-02-24 14:43:05 Post modified date GMT: 2025-02-24 14:43:05