CKA-2025-Important-Notes

Part-1   Create a Deployment named memory-demo in the default namespace with the following specifications: It must create 4 replicas (pods). Each pod must have: A single container using the image nginx:alpine A fair enough memory and cpu request  to set limit should be  (exactly double the request) The pods must run successfully without hitting memory scheduling constraints . Part-2 A  Deployment named   memory-demo  in the  default  namespace with the following specifications: four pod should be running but few pod is not running  troubleshoot and fix the issue A fair enough  memory and cpu request  to set limit should be  (exactly  double  the request) fair overhead be there  you can scaledown and down deployment to 0 The pods must  run successfully without hitting memory scheduling constraints .

 Generate a PriorityClass named urgent-priority for urgent workloads,  setting the value to 10 less than the highest current user-defined priority class value.  Patch the Deployment mysql-writer in the database namespace to use the urgent-priority class and verify a successful rollout.   Note – Pods from other Deployments in the database namespace should be evicted if resources Cruch kubectl create namespace database # redis-cache Deployment cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: redis-cache   namespace: database spec:   replicas: 2   selector:     matchLabels:       app: redis-cache   template:     metadata:       labels:         app: redis-cache     spec:       containers:       - name: redis         image: redis:7         resources: ...

5 Mock Questions on Horizontal Pod Autoscaler (HPA) 🔶 Question 1: Scale Based on Custom CPU Target and Scale-Up Cooldown You have a Deployment named api-backend in the default namespace. Task: Create an HPA targeting 70% CPU usage Min: 1, Max: 10 replicas Set scale-up cooldown (delay before scaling up again) to 30 seconds File name: hpa-backend.yaml Bonus: Set the HPA to avoid scaling up rapidly even if CPU spikes.   cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: api-backend   namespace: default spec:   replicas: 2   selector:     matchLabels:       app: api-backend   template:     metadata:       labels:         app: api-backend     spec:       containers:   ...

 🔶 Question 1: Scale Based on Custom CPU Target and Scale-Up Cooldown You have a Deployment named api-backend in the default namespace. Task: Create an HPA targeting 70% CPU usage Min: 1, Max: 3 replicas Set scale-up cooldown (delay before scaling up again) to 30 seconds File name: hpa-backend.yaml 📌 Bonus: Set the HPA to avoid scaling up rapidly even if CPU spikes. 🔶 Question 2: Memory-Based Autoscaling You have a Deployment memory-consumer running in apps namespace. Task: Create an HPA that: Scales based on Memory usage Uses autoscaling/v2 Min: 2, Max: 8 Target Memory usage: 500Mi average per pod File: hpa-memory.yaml 🧠 Hint: Use resource metric type with memory selector. This only works if metrics-server supports memory usage (sometimes mocked in exam). 🔶 Question 3: Stabilization Window for Both Scale-Up and Scale-Down Deployment load-burst-app is deployed in dev namespace. Task: Create an HPA that: Targets CPU usage at 60% Min: 3, Max: 12 Scale-Up window: 45 seconds Scale...

  In the exam, you need to maintain a rhythmic speed —that means working fast without wasting steps . You’ll have to use shortcuts smartly and avoid repeating the same command unnecessarily . These next 5 minutes could make a huge difference in your exam, so let’s begin. Many people recommend using imperative commands in Kubernetes — like kubectl run or kubectl expose . While these can be useful for quickly creating a Pod , I personally recommend: Use imperative only for Pod creation , but for everything else — avoid it. Why? Because in the real world and exams, what really helps is: Knowing how to find the correct YAML Editing and understanding it properly Applying declarative files using kubectl apply -f So instead of relying on imperative commands, get comfortable with : The official Kubernetes documentation Using Ctrl + F + apiVersion to jump straight to YAML examples The Kubernetes cheat sheet (we’ll cover that too) Mastering how to quickly locate o...

  Variation 2 Outline the Helm CLI steps to:           https://argoproj.github.io/argo-helm Add and update the Argo Helm repo Install Argo CD v8.0.17 with CRDs enabled in argocd Install Argo CD v8.0.17 with CRDs disabled in argocd-no-crds Render both releases to argo-cd-crds-enabled.yaml and argo-cd-crds-disabled.yaml

  🔶 Mock Question: Add a Sidecar Container for Log Tailing Task You have a Deployment named myapp in the default namespace. This Deployment has a single container named myapp which writes log messages to a file at /opt/logs.txt every second. Currently, there is no mechanism to tail or view this log in real-time. Your Task : Add a sidecar container to the existing Deployment named logshipper . This container must: Use the image alpine:latest Run the following command: tail -F /opt/logs.txt Both containers must share a volume at path /opt using an emptyDir volume named data . Do not delete or modify the original myapp container. Make sure the logshipper runs as a sidecar container , not as an initContainer .

🔶 Question 1:  Task : Create a StorageClass named csi-retain-sc with the following specifications: Use provisioner: csi-driver.example-vendor.example Set this class as the default Set reclaimPolicy to Retain Allow volume expansion Add mount option discard Use WaitForFirstConsumer as the volumeBindingMode ✅ Save this configuration to a file named sc-default-retain.yaml and apply it. 🔶 Question 2:  Task : You already have a default StorageClass named old-default . You created a new class fast-csi (already applied) but forgot to mark it as default. Patch fast-csi to be the default StorageClass. Remove the default annotation from old-default . 🔶 Question 3:  Task : Create a StorageClass named perf-csi-sc using the same csi-driver.example-vendor.example provisioner but do not make it default. It must: Allow volume expansion Include the parameter guaranteedReadWriteLatency: "true" Use Immediate volumeBindingMode Use Delete ...

  1️⃣ ArgoCD Application Field Extraction 🧪 Task: Verify ArgoCD is installed in the cluster. Create a list of all CRDs related to ArgoCD and save to: ~/argocd-resources.yaml Use kubectl explain to extract .spec.syncPolicy field of Application custom resource and save to: ~/sync-policy.yaml 2️⃣ Traefik IngressRoute Field Extraction 🧪 Task: Verify Traefik Ingress Controller is deployed. List all Traefik CRDs, save to: ~/traefik-resources.yaml Extract .spec.tls field of IngressRoute custom resource and save to: ~/tls-doc.yaml 3️⃣ Linkerd ServiceProfile Field Extraction 🧪 Task: Verify Linkerd is running and control plane is healthy. List all Linkerd CRDs and save to: ~/linkerd-resources.yaml Extract .spec.routes field of ServiceProfile custom resource and save to: ~/routes-doc.yaml 4️⃣ cert-manager Issuer Field Extraction   🧪 Task: Verify cert-manager is running in the cluster. List all cert-manager CRDs and save to: ~/iss...

 Cert-manager is a Kubernetes add-on used to manage and automate the issuance, renewal, and management of TLS/SSL certificates inside a Kubernetes cluster. It helps in securing applications and services by integrating with external and internal certificate authorities (CAs) like Let’s Encrypt, HashiCorp Vault, or even self-signed issuers. Here’s how it works: CRDs (Custom Resource Definitions) : cert-manager introduces new Kubernetes resource types like Issuer , ClusterIssuer , and Certificate . These CRDs are used to define how and from where the certificates will be issued. Issuer and ClusterIssuer : Issuer is a namespaced resource that defines a certificate authority configuration usable within a single namespace. ClusterIssuer is similar but works cluster-wide and can issue certificates across all namespaces. Certificate Resource : You define a Certificate resource specifying the domain, secret name (where the certificate will be stored), and which Issuer ...