Skip to main content

CKA 2025 Mock Question Q-09

 You are managing a Kubernetes cluster where a Deployment named ui-app already exists in the namespace dev-lab. The container image used is nginx.

Your task is to:

  1. Update the Deployment ui-app in the dev-lab namespace to ensure the nginx container exposes port 80/tcp explicitly.

  2. Create a Service named ui-service in the same namespace to expose the pod(s) of the Deployment on port 80/tcp.

  3. Ensure that the Service is of type NodePort, so the application is accessible externally via any node IP and a static port.

 Note:

  • Do not recreate the Deployment—only modify it.

  • Use standard port range if assigning nodePort manually (30000–32767)

# Create namespace
kubectl create ns dev-lab

# Create Deployment named ui-app with nginx image (no port exposed yet)
cat <<EOF > ui-app-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ui-app
  namespace: dev-lab
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ui-app
  template:
    metadata:
      labels:
        app: ui-app
    spec:
      containers:
      - name: nginx
        image: nginx
EOF

# Apply the Deployment
kubectl apply -f ui-app-deploy.yaml

Comments

Post a Comment

Popular posts from this blog

CKA 2025 MOCK Q -11 TLS

  You’re managing a web server running in a Kubernetes Deployment called secure-site , located in the web-zone namespace. Its NGINX configuration comes from a ConfigMap called site-tls-config . 🧩 Task: Update the ConfigMap ( site-tls-config ) to ensure that only TLS version 1.3 is accepted by the server. Older versions like TLS 1.2 should be blocked completely. Once the ConfigMap is updated: Make sure the secure-site deployment picks up the changes. You might need to restart or roll it out again. Test it with this command: curl --tls-max 1.2 -k https://neokloud.in:32443 The command should fail , because the server should now reject anything below TLSv1.3.   echo "[1/8] Creating namespace: web-zone" kubectl create ns web-zone || true echo "[2/8] Generating TLS certificate for neokloud.in" mkdir -p /tmp/tls && cd /tmp/tls openssl req -x509 -nodes -days 365 \   -newkey rsa:2048 \   -keyout tls.key \   -out tls.crt \   -su...
Post a Comment
Read more

CKA-2025 MOCK Q-06 PRIORITY

 Generate a PriorityClass named urgent-priority for urgent workloads,  setting the value to 10 less than the highest current user-defined priority class value.  Patch the Deployment mysql-writer in the database namespace to use the urgent-priority class and verify a successful rollout.   Note – Pods from other Deployments in the database namespace should be evicted if resources Cruch kubectl create namespace database # redis-cache Deployment cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: redis-cache   namespace: database spec:   replicas: 2   selector:     matchLabels:       app: redis-cache   template:     metadata:       labels:         app: redis-cache     spec:       containers:       - name: redis         image: redis:7         resources: ...
Post a Comment
Read more

CKA 2025 MOCK Q-05 HPA

5 Mock Questions on Horizontal Pod Autoscaler (HPA) 🔶 Question 1: Scale Based on Custom CPU Target and Scale-Up Cooldown You have a Deployment named api-backend in the default namespace. Task: Create an HPA targeting 70% CPU usage Min: 1, Max: 10 replicas Set scale-up cooldown (delay before scaling up again) to 30 seconds File name: hpa-backend.yaml Bonus: Set the HPA to avoid scaling up rapidly even if CPU spikes.   cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata:   name: api-backend   namespace: default spec:   replicas: 2   selector:     matchLabels:       app: api-backend   template:     metadata:       labels:         app: api-backend     spec:       containers:   ...
Post a Comment
Read more