Skip to main content

CKA 2025 - Q16 CRD LIST

 

1️⃣ ArgoCD Application Field Extraction

🧪 Task:

  • Verify ArgoCD is installed in the cluster.

  • Create a list of all CRDs related to ArgoCD and save to:
    ~/argocd-resources.yaml

  • Use kubectl explain to extract .spec.syncPolicy field of Application custom resource and save to:
    ~/sync-policy.yaml




2️⃣ Traefik IngressRoute Field Extraction

🧪 Task:

  • Verify Traefik Ingress Controller is deployed.

  • List all Traefik CRDs, save to:
    ~/traefik-resources.yaml

  • Extract .spec.tls field of IngressRoute custom resource and save to:
    ~/tls-doc.yaml



3️⃣ Linkerd ServiceProfile Field Extraction

🧪 Task:

  • Verify Linkerd is running and control plane is healthy.

  • List all Linkerd CRDs and save to:
    ~/linkerd-resources.yaml

  • Extract .spec.routes field of ServiceProfile custom resource and save to:
    ~/routes-doc.yaml


4️⃣ cert-manager Issuer Field Extraction 

🧪 Task:

  • Verify cert-manager is running in the cluster.

  • List all cert-manager CRDs and save to:
    ~/issuer-resources.yaml

  • Extract .spec.acme field of Issuer custom resource and save to:
    ~/acme-doc.yaml

  • Extract .spec.subject field of Certificate custom resource and save to:
    ~/subject-doc.yaml



5️⃣ Istio VirtualService Field Extraction

🧪 Task:

  • Verify Istio control plane is installed.

  • List all Istio CRDs and save to:
    ~/istio-resources.yaml

  • Extract .spec.http field of VirtualService custom resource and save to:
    ~/http-doc.yaml


1️⃣ ArgoCD Application Field Extraction

✅ Install ArgoCD:

kubectl create namespace argocd

kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml


✅ Solve the question:

# List CRDs
kubectl get crds | grep argoproj.io > ~/argocd-resources.yaml

# Extract .spec.syncPolicy field
kubectl explain applications.argoproj.io.spec.syncPolicy > ~/sync-policy.yaml


2️⃣ Traefik IngressRoute Field Extraction

✅ Install Traefik CRDs:


kubectl create namespace traefik

kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml

kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml

✅ Solve the question:



# List CRDs
kubectl get crds | grep traefik > ~/traefik-resources.yaml

# Extract .spec.tls field
kubectl explain ingressroutes.traefik.containo.us.spec.tls > ~/tls-doc.yaml


3️⃣ Linkerd ServiceProfile Field Extraction

✅ Install Linkerd CRDs:
curl -sL https://run.linkerd.io/install | sh

export PATH=$PATH:$HOME/.linkerd2/bin

linkerd version

kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.1/standard-install.yaml

linkerd install --crds | kubectl apply -f -





✅ Solve the question:


# List CRDs
kubectl get crds | grep linkerd > ~/linkerd-resources.yaml

# Extract .spec.routes field
kubectl explain serviceprofiles.linkerd.io.spec.routes > ~/routes-doc.yaml

4️⃣ cert-manager Issuer Field Extraction
✅ Install cert-manager:


kubectl create namespace cert-manager

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.2/cert-manager.yaml

✅ Solve the question:


# List CRDs
kubectl get crds | grep cert-manager > ~/issuer-resources.yaml

# Extract .spec.acme field
kubectl explain issuers.cert-manager.io.spec.acme > ~/acme-doc.yaml

kubectl explain issuers.cert-manager.io.spec.subject > ~/subject-doc.yaml


5️⃣ Istio VirtualService Field Extraction
✅ Install Istio CRDs:
controlplane:~$ curl -L https://istio.io/downloadIstio | sh -

controlplane:~$ ls

Desktop    Downloads  Pictures  Templates  filesystem
Documents  Music      Public    Videos     istio-1.26.1

controlplane:~$ cd istio-1.26.1/

controlplane:~/istio-1.26.1$ ls bin
istioctl


controlplane:~/istio-1.26.1$ export PATH=$PATH:$istio-1.26.1/bin
controlplane:~/istio-1.26.1$ istioctl version
Istio is not present in the cluster: no running Istio pods in namespace "istio-system"
client version: 1.26.1
controlplane:~/istio-1.26.1$ istioctl install --set profile=demo -y
        |\          
        | \         
        |  \        
        |   \       
      /||    \      
     / ||     \     
    /  ||      \    
   /   ||       \   
  /    ||        \  
 /     ||         \ 
/______||__________\
____________________
  \__       _____/  
     \_____/        

✔ Istio core installed ⛵️                                                               
✔ Istiod installed 🧠                                                                   
✔ Egress gateways installed 🛫                                                          
✔ Ingress gateways installed 🛬                                                         
✔ Installation complete                                                                 




✅ Solve the question:

# List CRDs
kubectl get crds | grep istio.io > ~/istio-resources.yaml

# Extract .spec.http field
kubectl explain virtualservices.networking.istio.io.spec.http > ~/http-doc.yaml

Comments

Post a Comment

Popular posts from this blog

CKA 2025 MOCK Q -11 TLS

  You’re managing a web server running in a Kubernetes Deployment called secure-site , located in the web-zone namespace. Its NGINX configuration comes from a ConfigMap called site-tls-config . 🧩 Task: Update the ConfigMap ( site-tls-config ) to ensure that only TLS version 1.3 is accepted by the server. Older versions like TLS 1.2 should be blocked completely. Once the ConfigMap is updated: Make sure the secure-site deployment picks up the changes. You might need to restart or roll it out again. Test it with this command: curl --tls-max 1.2 -k https://neokloud.in:32443 The command should fail , because the server should now reject anything below TLSv1.3.   echo "[1/8] Creating namespace: web-zone" kubectl create ns web-zone || true echo "[2/8] Generating TLS certificate for neokloud.in" mkdir -p /tmp/tls && cd /tmp/tls openssl req -x509 -nodes -days 365 \   -newkey rsa:2048 \   -keyout tls.key \   -out tls.crt \   -su...
Post a Comment
Read more

CKA-2025 MOCK Q-06 PRIORITY

 Generate a PriorityClass named urgent-priority for urgent workloads,  setting the value to 10 less than the highest current user-defined priority class value.  Patch the Deployment mysql-writer in the database namespace to use the urgent-priority class and verify a successful rollout.   Note – Pods from other Deployments in the database namespace should be evicted if resources Cruch kubectl create namespace database # redis-cache Deployment cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: redis-cache   namespace: database spec:   replicas: 2   selector:     matchLabels:       app: redis-cache   template:     metadata:       labels:         app: redis-cache     spec:       containers:       - name: redis         image: redis:7         resources: ...
Post a Comment
Read more

CKA 2025 MOCK Q-05 HPA

5 Mock Questions on Horizontal Pod Autoscaler (HPA) 🔶 Question 1: Scale Based on Custom CPU Target and Scale-Up Cooldown You have a Deployment named api-backend in the default namespace. Task: Create an HPA targeting 70% CPU usage Min: 1, Max: 10 replicas Set scale-up cooldown (delay before scaling up again) to 30 seconds File name: hpa-backend.yaml Bonus: Set the HPA to avoid scaling up rapidly even if CPU spikes.   cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: api-backend   namespace: default spec:   replicas: 2   selector:     matchLabels:       app: api-backend   template:     metadata:       labels:         app: api-backend     spec:       containers:   ...
Post a Comment
Read more