Acing the Certified Kubernetes Administrator Exam (Final) 9781633439092
Becoming a Kubernetes administrator is a big accomplishment—and passing the Certified Kubernetes Administrator (CKA) exa
133 42 15MB
English Pages 386 Year 2023
Table of contents :
inside front cover
Acing the Certified Kubernetes Administrator Exam
Copyright
dedication
contents
front matter
preface
acknowledgments
about this book
Who should read this book
How this book is organized: A road map
About the exercises
About the code
liveBook discussion forum
Other online resources
about the author
about the cover illustration
1 First steps
1.1 Introducing the CKA exam
1.2 What’s in store
1.2.1 What is a Kubernetes administrator?
1.3 Meeting Kubernetes
1.3.1 Cluster architecture, installation, and configuration
1.3.2 Workloads and scheduling
1.3.3 Services and networking
1.3.4 Storage
1.3.5 Troubleshooting
1.4 Control plane node
1.5 Worker nodes
1.6 API model and PKI
1.7 Linux system services
1.8 Declarative syntax
1.9 Exam exercises
Summary
2 Kubernetes cluster
2.1 Kubernetes cluster components
2.1.1 Kubernetes version upgrade
2.1.2 The control plane
2.1.3 Taints and tolerations
2.1.4 Nodes
2.2 Datastore etcd
2.2.1 Working with etcdctl
2.2.2 Client and server certificates
2.3 Exam exercises
Summary
3 Identity and access management
3.1 Role-based access control
3.1.1 Roles and Role bindings
3.1.2 System Roles and groups
3.2 Users and groups
3.3 Service Accounts
Summary
4 Deploying applications in Kubernetes
4.1 Scheduling applications
4.1.1 Node selectors
4.1.2 Node and Pod affinity
4.2 Using Helm
4.3 Pod metadata
4.3.1 Resource requests and limits
4.3.2 Multicontainer Pods
4.3.3 ConfigMaps and Secrets
Summary
5 Running applications in Kubernetes
5.1 Orchestrating applications
5.1.1 Modifying running applications
5.1.2 Application maintenance
5.1.3 Application rollouts
5.1.4 Exposing Deployments
5.2 Application maintenance
5.2.1 Cordoning and draining nodes
5.2.2 Adding application resources (nodes)
Summary
6 Communication in a Kubernetes cluster
6.1 Configuring DNS
6.2 CoreDNS
6.2.1 Config files
6.2.2 Replicating DNS
6.2.3 Pod-to-Pod connectivity
6.3 Ingress and Ingress controllers
6.4 Services
6.4.1 ClusterIP Service
6.4.2 NodePort Service
6.4.3 LoadBalancer Service
6.5 Cluster node networking configuration
Summary
7 Storage in Kubernetes
7.1 Persistent volumes
7.1.1 The problem with hostPath
7.1.2 Volume modes
7.1.3 Access modes
7.1.4 Reclaim policies
7.2 Persistent volume claim
7.3 Storage class
7.3.1 Inheriting from the storage class
7.4 Nonpersistent volumes
Summary
8 Troubleshooting Kubernetes
8.1 Understanding application logs
8.1.1 Container log detail
8.1.2 Troubleshooting from inside the container
8.2 Cluster component failure
8.2.1 Troubleshooting cluster events
8.2.2 Worker node failure
8.2.3 Did you specify the right host or port?
8.2.4 Troubleshooting kubeconfig
8.3 Network troubleshooting
8.3.1 Troubleshooting the config
8.3.2 Troubleshooting Services
8.3.3 Troubleshooting cluster-wide communications
Summary
9 Taking the test
9.1 Exam basics
9.1.1 Competencies condensed
9.1.2 Exam clusters
9.2 Chapter reviews
9.2.1 Quick review of chapter 2
9.2.2 Quick review of chapter 3
9.2.3 Quick review of chapter 4
9.2.4 Quick review of chapter 5
9.2.5 Quick review of chapter 6
9.2.6 Quick review of chapter 7
9.2.7 Quick review of chapter 8
9.3 Kubernetes documentation review
9.4 Practice exam
9.5 Additional tips for the exam
Summary
Appendix A. Creating a Kubernetes cluster with kind
A.1 Installing the required packages
A.1.1 Install Docker Desktop
A.1.2 Installing kind
A.1.3 Creating a kind Kubernetes cluster
A.1.4 Install kubectl (optional)
A.2 Creating a multinode cluster
A.3 Advanced configuration for kind
Appendix B. Setting the context for a kind cluster
B.1 Setting the context with kubeconfig
B.2 Setting an alias for kubectl
B.3 Setting kubectl autocomplete
Appendix C. Installing a CNI in a kind cluster
C.1 Creating a kind cluster without CNI
C.2 Installing a bridge CNI plugin
C.3 Installing Flannel CNI
C.4 Creating a new kind cluster
C.5 Installing the Calico CNI
Appendix D. Solving the exam practice exercises
D.1 Chapter 1 exam exercises
D.1.1 Listing API resources
D.1.2 Listing services
D.1.3 The status of the kubelet service
D.1.4 Using declarative syntax
D.1.5 Listing Kubernetes services
D.2 Chapter 2 exam exercises
D.2.1 Shortening the kubectl command
D.2.2 Listing running Pods
D.2.3 Viewing the kubelet client certificate
D.2.4 Backing up etcd
D.2.5 Restoring etcd
D.2.6 Upgrading the control plane
D.3 Chapter 3 exam exercises
D.3.1 Creating a Role
D.3.2 Create a role binding
D.3.3 Creating a new user
D.3.4 Adding Sandra to kubeconfig
D.3.5 Creating a new Service Account
D.3.6 Creating a new cluster role
D.4 Chapter 4 exam exercises
D.4.1 Applying a label and creating a Pod
D.4.2 Editing a running Pod
D.4.3 Using node affinity for a new Pod
D.5 Chapter 5 exam exercises
D.5.1 Scaling replicas in a Deployment
D.5.2 Updating the image
D.5.3 Viewing ReplicaSet events
D.5.4 Rolling back to a previous app version
D.5.5 Changing the rollout strategy
D.5.6 Cordoning and uncordoning a node
D.5.7 Removing a taint from a node
D.6 Chapter 6 exam exercises
D.6.1 exec-ing into a Pod
D.6.2 Changing the DNS service
D.6.3 Changing the kubelet configuration
D.6.4 Editing the kubelet ConfigMap
D.6.5 Scaling the CoreDNS Deployment
D.6.6 Verifying DNS changes from a Pod
D.6.7 Creating a Deployment and Service
D.6.8 Changing the ClusterIP Service to NodePort
D.6.9 Installing Ingress controller and Ingress resource
D.6.10 Installing a container network interface (CNI)
D.7 Chapter 7 exam exercises
D.7.1 Creating a persistent volume
D.7.2 Creating a persistent volume claim
D.7.3 Creating a Pod to use the claim
D.7.4 Creating a storage class
D.7.5 Creating a persistent volume claim for a storage class
D.7.6 Creating a Pod from a storage class
D.8 Chapter 8 exam exercises
D.8.1 Fixing the Pod YAML
D.8.2 Fixing the Pod image
D.8.3 Fixing a completed Pod
D.8.4 Fixing the Kubernetes scheduler
D.8.5 Fixing the kubelet
index
inside front cover
Acing the Certified Kubernetes Administrator Exam
Copyright
dedication
contents
front matter
preface
acknowledgments
about this book
Who should read this book
How this book is organized: A road map
About the exercises
About the code
liveBook discussion forum
Other online resources
about the author
about the cover illustration
1 First steps
1.1 Introducing the CKA exam
1.2 What’s in store
1.2.1 What is a Kubernetes administrator?
1.3 Meeting Kubernetes
1.3.1 Cluster architecture, installation, and configuration
1.3.2 Workloads and scheduling
1.3.3 Services and networking
1.3.4 Storage
1.3.5 Troubleshooting
1.4 Control plane node
1.5 Worker nodes
1.6 API model and PKI
1.7 Linux system services
1.8 Declarative syntax
1.9 Exam exercises
Summary
2 Kubernetes cluster
2.1 Kubernetes cluster components
2.1.1 Kubernetes version upgrade
2.1.2 The control plane
2.1.3 Taints and tolerations
2.1.4 Nodes
2.2 Datastore etcd
2.2.1 Working with etcdctl
2.2.2 Client and server certificates
2.3 Exam exercises
Summary
3 Identity and access management
3.1 Role-based access control
3.1.1 Roles and Role bindings
3.1.2 System Roles and groups
3.2 Users and groups
3.3 Service Accounts
Summary
4 Deploying applications in Kubernetes
4.1 Scheduling applications
4.1.1 Node selectors
4.1.2 Node and Pod affinity
4.2 Using Helm
4.3 Pod metadata
4.3.1 Resource requests and limits
4.3.2 Multicontainer Pods
4.3.3 ConfigMaps and Secrets
Summary
5 Running applications in Kubernetes
5.1 Orchestrating applications
5.1.1 Modifying running applications
5.1.2 Application maintenance
5.1.3 Application rollouts
5.1.4 Exposing Deployments
5.2 Application maintenance
5.2.1 Cordoning and draining nodes
5.2.2 Adding application resources (nodes)
Summary
6 Communication in a Kubernetes cluster
6.1 Configuring DNS
6.2 CoreDNS
6.2.1 Config files
6.2.2 Replicating DNS
6.2.3 Pod-to-Pod connectivity
6.3 Ingress and Ingress controllers
6.4 Services
6.4.1 ClusterIP Service
6.4.2 NodePort Service
6.4.3 LoadBalancer Service
6.5 Cluster node networking configuration
Summary
7 Storage in Kubernetes
7.1 Persistent volumes
7.1.1 The problem with hostPath
7.1.2 Volume modes
7.1.3 Access modes
7.1.4 Reclaim policies
7.2 Persistent volume claim
7.3 Storage class
7.3.1 Inheriting from the storage class
7.4 Nonpersistent volumes
Summary
8 Troubleshooting Kubernetes
8.1 Understanding application logs
8.1.1 Container log detail
8.1.2 Troubleshooting from inside the container
8.2 Cluster component failure
8.2.1 Troubleshooting cluster events
8.2.2 Worker node failure
8.2.3 Did you specify the right host or port?
8.2.4 Troubleshooting kubeconfig
8.3 Network troubleshooting
8.3.1 Troubleshooting the config
8.3.2 Troubleshooting Services
8.3.3 Troubleshooting cluster-wide communications
Summary
9 Taking the test
9.1 Exam basics
9.1.1 Competencies condensed
9.1.2 Exam clusters
9.2 Chapter reviews
9.2.1 Quick review of chapter 2
9.2.2 Quick review of chapter 3
9.2.3 Quick review of chapter 4
9.2.4 Quick review of chapter 5
9.2.5 Quick review of chapter 6
9.2.6 Quick review of chapter 7
9.2.7 Quick review of chapter 8
9.3 Kubernetes documentation review
9.4 Practice exam
9.5 Additional tips for the exam
Summary
Appendix A. Creating a Kubernetes cluster with kind
A.1 Installing the required packages
A.1.1 Install Docker Desktop
A.1.2 Installing kind
A.1.3 Creating a kind Kubernetes cluster
A.1.4 Install kubectl (optional)
A.2 Creating a multinode cluster
A.3 Advanced configuration for kind
Appendix B. Setting the context for a kind cluster
B.1 Setting the context with kubeconfig
B.2 Setting an alias for kubectl
B.3 Setting kubectl autocomplete
Appendix C. Installing a CNI in a kind cluster
C.1 Creating a kind cluster without CNI
C.2 Installing a bridge CNI plugin
C.3 Installing Flannel CNI
C.4 Creating a new kind cluster
C.5 Installing the Calico CNI
Appendix D. Solving the exam practice exercises
D.1 Chapter 1 exam exercises
D.1.1 Listing API resources
D.1.2 Listing services
D.1.3 The status of the kubelet service
D.1.4 Using declarative syntax
D.1.5 Listing Kubernetes services
D.2 Chapter 2 exam exercises
D.2.1 Shortening the kubectl command
D.2.2 Listing running Pods
D.2.3 Viewing the kubelet client certificate
D.2.4 Backing up etcd
D.2.5 Restoring etcd
D.2.6 Upgrading the control plane
D.3 Chapter 3 exam exercises
D.3.1 Creating a Role
D.3.2 Create a role binding
D.3.3 Creating a new user
D.3.4 Adding Sandra to kubeconfig
D.3.5 Creating a new Service Account
D.3.6 Creating a new cluster role
D.4 Chapter 4 exam exercises
D.4.1 Applying a label and creating a Pod
D.4.2 Editing a running Pod
D.4.3 Using node affinity for a new Pod
D.5 Chapter 5 exam exercises
D.5.1 Scaling replicas in a Deployment
D.5.2 Updating the image
D.5.3 Viewing ReplicaSet events
D.5.4 Rolling back to a previous app version
D.5.5 Changing the rollout strategy
D.5.6 Cordoning and uncordoning a node
D.5.7 Removing a taint from a node
D.6 Chapter 6 exam exercises
D.6.1 exec-ing into a Pod
D.6.2 Changing the DNS service
D.6.3 Changing the kubelet configuration
D.6.4 Editing the kubelet ConfigMap
D.6.5 Scaling the CoreDNS Deployment
D.6.6 Verifying DNS changes from a Pod
D.6.7 Creating a Deployment and Service
D.6.8 Changing the ClusterIP Service to NodePort
D.6.9 Installing Ingress controller and Ingress resource
D.6.10 Installing a container network interface (CNI)
D.7 Chapter 7 exam exercises
D.7.1 Creating a persistent volume
D.7.2 Creating a persistent volume claim
D.7.3 Creating a Pod to use the claim
D.7.4 Creating a storage class
D.7.5 Creating a persistent volume claim for a storage class
D.7.6 Creating a Pod from a storage class
D.8 Chapter 8 exam exercises
D.8.1 Fixing the Pod YAML
D.8.2 Fixing the Pod image
D.8.3 Fixing a completed Pod
D.8.4 Fixing the Kubernetes scheduler
D.8.5 Fixing the kubelet
index
![AWS Certified SysOps Administrator - Associate (SOA-C02) Exam Cram [1 ed.]
0137509588, 9780137509584](https://ebin.pub/img/200x200/aws-certified-sysops-administrator-associate-soa-c02-exam-cram-1nbsped-0137509588-9780137509584.jpg)
