Browse Exams Pricing

ExamsCKAQuestions

CKA Exam Questions

103 real CKA exam questions with expert-verified answers and explanations. Page 2 of 3.

Question #35Cluster Architecture, Installation & Configuration
Context: You have been asked to create a new ClusterRole for a deployment pipeline and bind it to a specific ServiceAccount scoped to a specific namespace. Task: Create a new Clust...
RBACClusterRoleServiceAccountRoleBinding
Question #35Cluster Architecture, Installation & Configuration
Next, restore an existing, previous snapshot located at /var/lib/backup/etcd-snapshot-previo us.db
etcdsnapshot restorecluster maintenancecontrol plane
Question #36Services & Networking
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo. Ensure that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000...
NetworkPolicyKubernetes NetworkingIngress RulesNamespace Selectors
Question #36Cluster Architecture, Installation & Configuration
Given an existing Kubernetes cluster running version 1.20.0, upgrade all of the Kubernetes control plane and node components on the master node only to version 1.20.1. Be sure to d...
Kubernetes upgradeControl plane upgradeNode drainingkubeadm
Question #37Services and Networking
Reconfigure the existing deployment front-end and add a port specification named http exposing port 80/tcp of the existing container nginx. Create a new service named front-end-svc...
DeploymentServiceNodePortContainer ports
Question #37Cluster Architecture, Installation & Configuration
First, create a snapshot of the existing etcd instance running at https://127.0.0.1:2379, saving the snapshot to /srv/data/etcd-snapshot.db.
etcdsnapshotbackupetcdctl
Question #38Services & Networking
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo. Ensure that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000...
NetworkPolicyNetworkingKubernetes SecurityNamespaces
Question #38Services & Networking
Create a new nginx ingress resource as follows: • Name: ping • Namespace: ing-internal • Exposing service hi on path /hi using service port 5678
Ingressnginx ingress controllerService exposureNetworking
Question #39Workloads and Scheduling
Schedule a pod as follows: • Name: nginx-kusc00401 • Image: nginx • Node selector: disk=ssd
Pod schedulingNode selectorPod creation
Question #39Workloads and Scheduling
Scale the deployment presentation to 6 pods.
DeploymentScalingkubectlPods
Question #40Workloads and Scheduling
Check to see how many nodes are ready schedulable (not including nodes tainted NoSchedule ) and write the number to /opt/KUSC00402/kusc00402.txt.
Node StatusNode TaintsKubernetes Schedulingkubectl
Question #41Storage
Create a persistent volume with name app-data , of capacity 1Gi and access mode ReadOnlyMany. The type of volume is hostPath and its location is /srv/app-data .
Persistent VolumehostPathStorage ClassAccess Modes
Question #42Storage
Create a new PersistentVolumeClaim • Name: pv-volume • Class: csi-hostpath-sc • Capacity: 10Mi Create a new Pod which mounts the PersistentVolumeClaim as a volume: • Name: web-serv...
PersistentVolumeClaimPodsVolumesVolume Expansion
Question #42Workloads and Scheduling
Create a pod named kucc8 with a single app container for each of the following images running inside (there may be between 1 and 4 images specified): nginx + redis + memcached + co...
Pod CreationMulti-Container PodsKubernetes ManifestsContainers
Question #43Troubleshooting
Monitor the logs of pod bar and: • Extract log lines corresponding to error file-not-found • Write them to /opt/KUTR00101/bar
Log ManagementPod Troubleshootingkubectl logsLog Filtering
Question #44Storage
Create a new PersistentVolumeClaim • Name: pv-volume • Class: csi-hostpath-sc • Capacity: 10Mi Create a new Pod which mounts the PersistentVolumeClaim as a volume: • Name: web-serv...
PersistentVolumeClaimVolume ExpansionStorageClassPod Volume Mount
Question #44Workloads & Scheduling
Add a sidecar container named sidecar, using the busybox image, to the existing Pod big-corp-app. The new sidecar container has to run the following command: /bin/sh -c tail -n+1 -...
sidecar containerPod modificationvolume mountscontainer logging
Question #45Troubleshooting
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state, ensuring t...
Node TroubleshootingKubelet ManagementSystemdConfiguration Persistence
Question #46Workloads and Scheduling
Scale the deployment webserver to 3 pods. Set configuration context: [student@node-1] $ kubectl config use-context k8s
Deployment scalingkubectl scaleReplicasWorkload management
Question #46
Add a sidecar container named sidecar, using the busybox Image, to the existing Pod big-corp-app. The new sidecar container has to run the following command: /bin/sh -c tail -n+1 -...
Question #47Troubleshooting
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state, ensuring t...
Node TroubleshootingKubeletSystemdPersistent Configuration
Question #47Workloads and Scheduling
Schedule a Pod as follows: * Name: kucc1 * App Containers: 2 * Container Name/Images: o nginx o consul Set configuration context: [student@node-1] $ kubectl config use-context k8s
Pod creationMulti-container Podkubectl runWorkload deployment
Question #48Workloads and Scheduling
Schedule a Pod as follows: . Name: kucc1 . App Containers : 2 . Container Name/Images : redis Memcached
PodsMulti-containerkubectl
Question #48Workloads and Scheduling
Scale the deployment webserver to 3 pods.
Deployment scalingkubectlReplicasPods
Question #49Workloads and Scheduling
Create a new HorizontalPodAutoscaler (HPA) named apache-server in the autoscale namespace. This HPA must target the existing Deployment called apache-server in the autoscale namesp...
HorizontalPodAutoscalerScalingDeploymentsCPU metrics
Question #49Workloads and Scheduling
Schedule a Pod as follows: Name: kucc1 App Containers: 2 Container Name/Images: o nginx o consul
Pod schedulingPod definitionMulti-container PodsContainer images
Question #50Workloads and Scheduling
Schedule a Pod as follows: Name: kucc1 App Containers : 2 Container Name/Images : redis Memcached
Pod DefinitionMulti-Container PodsWorkloads
Question #50Services & Networking
Create a new Ingress resource as follows: - Name: echo - Namespace: sound-repeater
IngressNetworkingkubectlResource Creation
Question #51Workloads and Scheduling
Create a new HorizontalPodAutoscaler (HPA) named apache-server in the autoscale namespace. This HPA must target the existing Deployment called apache-server in the autoscale namesp...
Horizontal Pod AutoscalerAutoscalingDeploymentCPU utilization
Question #51Cluster Architecture, Installation & Configuration
You manage a WordPress application. Some Pods are not starting because resource requests are too high. Your task is to prepare a Linux system for Kubernetes. Docker is already inst...
cri-dockerdKubernetes prerequisitesSystemdKernel parameters
Question #52Services & Networking
Create a new Ingress resource as follows: - Name: echo - Namespace: sound-repeater The availability of Service echoserver-service can be checked using the following command, which...
IngressNetworkingKubernetes Manifests
Question #52Workloads and Scheduling
You manage a WordPress application. Some Pods are not starting because resource requests are too high. A WordPress application in the relative-fawn namespace consists of: A WordPre...
Resource requestsCPU/MemoryDeploymentsPod configuration
Question #53Cluster Architecture, Installation & Configuration
You must connect to the correct host. Failure to do so may result in a zero score. Context: You manage a WordPress application. Some Pods are not starting because resource requests...
cri-dockerd installationsystemd service managementkernel parameter configurationKubernetes prerequisites
Question #53Workloads and Scheduling
You must connect to the correct host. Failure to do so may result in a zero score. Context: A legacy app needs to be integrated into the Kubernetes built-in logging architecture (i...
DeploymentSidecar patternVolumesInter-container communication
Question #54Cluster Architecture, Installation & Configuration
You must connect to the correct host. Failure to do so may result in a zero score. Context: Your cluster 's CNI has failed a security audit. It has been removed. You must install a...
CNINetwork PolicyKubernetes NetworkingCluster Configuration
Question #54Workloads and Scheduling
You must connect to the correct host. Failure to do so may result in a zero score. Context: You manage a WordPress application. Some Pods are not starting because resource requests...
Resource ManagementPod ResourcesDeploymentCPU Memory Requests
Question #55Workloads and Scheduling
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh cka000037 Context A legacy app needs to be integrated into the Kubernetes...
DeploymentSidecar patternVolumesContainer configuration
Question #55Storage
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh Cka000046 Task First, create a new StorageClass named local-path for an ex...
StorageClassDynamic Volume ProvisioningDefault StorageClassVolume Binding Mode
Question #56Services and Networking
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh Cka000022 Task Reconfigure the existing Deployment front-end in namespace...
DeploymentsServicesNodePortContainer Port Exposure
Question #56Cluster Architecture, Installation & Configuration
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh cka000054 Context Your cluster 's CNI has failed a security audit. It has...
CNI installationNetwork PoliciesKubernetes networkingCluster configuration
Question #57Storage
First, create a new StorageClass named local-path for an existing provisioner named rancher.io/local-path. Set the volume binding mode to WaitForFirstConsumer. Not setting the volu...
StorageClassProvisionerVolume Binding ModeDefault StorageClass
Question #57Workloads & Scheduling
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh Cka000049 Task Perform the following tasks: Create a new PriorityClass nam...
PriorityClassSchedulingDeploymentWorkload Management
Question #58Services & Networking
Reconfigure the existing Deployment front-end in namespace spline-reticulator to expose port 80/tcp of the existing container nginx. Create a new Service named front-end-svc to exp...
DeploymentsServicesNodePortContainer exposure
Question #58Services & Networking
Review and apply the appropriate NetworkPolicy from the provided YAML samples. Ensure that the chosen NetworkPolicy is not overly permissive, but allows communication between the f...
NetworkPolicyKubernetes NetworkingInter-namespace CommunicationDeployment
Question #59Workloads and Scheduling
Perform the following tasks: Create a new PriorityClass named high-priority for user-workloads with a value that is one less than the highest existing user-defined priority class v...
PriorityClassSchedulingDeploymentsWorkload management
Question #59Troubleshooting
Fix a single-node cluster that got broken during machine migration. First, identify the broken cluster components and investigate what breaks them. The decommissioned cluster used...
TroubleshootingControl Plane ConfigurationetcdNode Migration
Question #60Cluster Architecture, Installation & Configuration
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base]$ $ ssh cka000059 Task Verify the cert-manager application has been deployed to y...
kubectlCustom Resource Definitions (CRDs)API documentationcert-manager
Question #60Workloads and Scheduling
You must connect to the correct host. Failure to do so may result in a zero score. [candidate@base] $ ssh Cka000060 Task Install Argo CD in the cluster by performing the following...
HelmApplication DeploymentArgo CDHelm Chart Configuration
Question #61Workloads and Scheduling
SIMULATION Quick Reference ConfigMaps, Documentation Deployments, Namespace You must connect to the correct host . Failure to do so may result in a zero score. [candidate@base]$ $...
ConfigMapsDeploymentsNamespacesTLS
Question #61Storage
You must connect to the correct host. Failure to do so may result in a zero score. A MariaDB Deployment in the mariadb namespace has been deleted by mistake. Your task is to restor...
PersistentVolumeClaimPersistentVolumeDeploymentData Persistence

PreviousPage 2 of 3Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.