Login

u/ImplementWonderful82

▲ 48 r/CKAExam

Study Material: 
* Completed KodeKloud CKA course on Udemy
* Practiced all 3 labs multiple times
* Used KodeKloud `Ultimate CKA Mock Exam Series (5 tests)` optional if budget is a constraint, instead Watch IT Kiddie and Dumb IT Guy YouTube videos, for practice questions from GitHub repo:(
https://github.com/markdjones82/CKA-PREP-2025-v2/tree/custom-main
)

---
You can memorize this:
Use sudo to edit files in /etc/kubernetes/manifests/
Use sudo for kubelet restart and system-level debugging
Use provided documentation links in Question it's self(No need to search again) → copy required YAML/commands
SSH into the correct node as per the question
Ensure you are working in the correct namespace
Always verify namespace before applying changes
---
## **1. Argo CD Setup**

* Add a Git repository to Argo CD.
* Generate a Kubernetes manifest template **without installing CRDs** on correct namespace.
* Save the generated output to a file.
* Install Argo CD in the cluster.
---
## **2. Multi-Container Pod (Co-located Containers)**

* Update an existing Deployment to include a **sidecar is name of container (co-located) container**.
* Configure:

  * Shared volume between containers
  * Volume mounts for both containers
* Ensure:

  * One container writes logs
  * Second container uses `tail -f` to read logs from the shared volume
* Verify logs from the second container.

> Note: Ignore error logs papulating from second container (it is just CKA trick) unless the pod is failing.
---

## **3. MariaDB with Persistent Storage**

* Create a **PersistentVolumeClaim (PVC)** using:
  * Given PV name
  * Matching StorageClass
* Ensure PVC status becomes **Bound**
* Update the provided Deployment YAML to:
  * Use the PVC
* Deploy and verify application is running.

---
## **4. Resource Distribution Across Pods**

* Update a Deployment to:
  * Run **3 replicas**
  * Ensure application runs successfully
* Adjust **resource requests** so pods can be scheduled properly.

> ⚠️ Important:
* Divide **node allocatable resources evenly across replicas**
Divide resources equally across replicas
If pods don’t schedule:
 Check kubectl describe pod / events
 Reduce requests slightly and retry
Do NOT rely on fixed rules like 10% or 20% (In my case 10% ovehead didn't work)
Adjust based on cluster availability and errors
---
## **5. Horizontal Pod Autoscaler (HPA)**

* Update an existing HPA configuration to include:
  * **stabilization window of 30 seconds**

---

## **6. Custom Resource Definitions (CRDs)**
* List all CRDs related to **cert-manager**
* Save the output to a file
* Explain:
  * `spec.subject` field in Certificate resource
* Save explanation to a file

---
## **7. PriorityClass and Deployment Update**
* Create a PriorityClass with value:
  * One less than `1000000` (expr 1000000 - 1)

* Update an existing Deployment:
  * Add `priorityClassName`
* Use:
  * **kubectl patch only**

---
## **8. CNI Installation (Calico / Tigera Operator)**
Note: This link was provided in exam
https://docs.tigera.io/calico/latest/getting-started/kubernetes/self-managed-onprem/onpremises

* Install CNI plugin using:
  * Tigera operator YAML
  * Custom resources YAML
* Update:
  * Cluster CIDR in custom resources (from kube-controller-manager)
* Apply configuration
* Ensure networking works
> ⚠️ Important:
* Restart kubelet after applying changes
---

## **9. Install cri-dockerd**
* Install `cri-dockerd` using `.deb` package
* Configure system:
  * Enable IP forwarding using sysctl
* Verify configuration

Ref link:
https://kubernetes.io/docs/setup/production-environment/container-runtimes/
---
## **10. Storage Setup (SC, PV, PVC)**

* Create:
  * StorageClass (with `WaitForFirstConsumer`)
  * PersistentVolume (PV)
  * PersistentVolumeClaim (PVC)
* Observe:
  * PVC remains **Pending** due to WaitForFirstConsumer added in storage class

* Create a Pod/Deployment using PVC
* Verify:
  * PVC becomes **Bound**
---
## **11. Ingress Configuration**

* Create an Ingress resource with: (update the values as per the question)
  * use exist `ingress class` name
  * Hostname: `example.com`
  * Path: `/echo`
  * Backend service and port (given)
* Verify connectivity
---
## **12. Migrate from Ingress to Gateway API**

* Create a **Gateway**:
  * use exist `gateway class` name
  * Port: 443
  * TLS with secret
  * Hostname

* Create an **HTTPRoute**:
  * Same routing rules as Ingress
* Delete existing Ingress
---
## **13. Network Policy**

* Apply NetworkPolicy to:

  * Allow traffic from **frontend → backend**
* Ensure:
  * Correct pod selectors
  * Correct ingress rules 
ex: ingress rule should apply to backend and all pods of fronend (verify fronend label )
---
## **14. Troubleshoot Broken Cluster**

* Fix control plane issue:
  * Update incorrect etcd endpoint in API-server manifest (verify the IP and port from etcd.yaml manifest)
* Verify:
  * Cluster components are healthy
  * Pods are scheduling again
---
## **15. Expose Pod via NodePort**

* Create a Pod
* Expose it using:
  * NodePort Service
* Verify access
---
## **16. TLS Configuration Update**

* Update ConfigMap:
  * Add support for TLS 1.2 (existing had TLS 1.3) (In my case both should be available)
* Restart Deployment
* Verify:
  * TLS 1.2 connectivity using given URL
u/ImplementWonderful82 — 18 days ago