Kubernetes Certification- Crack the CKA with WeMakeDevOps #CKAFreehit#ExamTips5



1)

endpoints=https://[192.168.0.13]:2379
cacert=/etc/kubernetes/pki/etcd/ca.crt
key=/etc/kubernetes/pki/etcd/server.key
File Path=/tmp/test.rb

ETCDCTL_API=3 etcdctl –endpoints=[ENDPOINT] –cacert=[CA CERT] –cert=[ETCD SERVER CERT] –key=[ETCD SERVER KEY] snapshot save [BACKUP FILE NAME]

ETCDCTL_API=3 etcdctl –endpoints $ENDPOINT snapshot save snapshotdb

ETCDCTL_API=3 etcdctl –endpoints=https://[192.168.0.13]:2379 –cacert=/etc/kubernetes/pki/etcd/ca.crt –cert=/etc/kubernetes/pki/etcd/server.crt –key=/etc/kubernetes/pki/etcd/server.key snapshot status /tmp/test.rb

DIY:

1) login Here: https://labs.play-with-k8s.com/# ( Register it required )
2) Select and setup 2 node k8s Kubeadm cluster ( you will get instruction on the first node itself )
3) Run some test deployment
4) Setup ETCD client as per below guid ( might be it required to install wget via yum)

yum install wget -y

export RELEASE=”3.3.13″
wget https://github.com/etcd-io/etcd/releases/download/v${RELEASE}/etcd-v${RELEASE}-linux-amd64.tar.gz
tar xvf etcd-v${RELEASE}-linux-amd64.tar.gz
cd etcd-v${RELEASE}-linux-amd64
sudo mv etcd etcdctl /usr/local/bin

2)

Bonus questions: By doing above exercise you will get how to setup 2 node kubernetes cluster

3)
We need to use Init Container to create a file named “sharedfile.txt”
under the “work” directory. Here application container should check if the file exists and sleep for a while.
If the file does not exist the application container should exit.

Questions: ( Answer i will put in first comment)

apiVersion: v1
kind: Pod
metadata:
name: init-container-test
spec:
containers:
– name: application-container
image: alpine
command: [‘sh’, ‘-c’, ‘if [ -f /work/sharedfile.txt ]; then sleep 99999; else exit; fi’]
volumeMounts:
– name: workdir-volume
mountPath: /work
volumes:
– name: workdir-volume
emptyDir: {}

source

Avatar of WeMake

By WeMake

5 thoughts on “Kubernetes Certification- Crack the CKA with WeMakeDevOps #CKAFreehit#ExamTips5”
  1. If you are mounting /work in init container then there is no need to do mkdir /work in command section for the init-containers. It could be command: ["sh", "-c", "touch /work/sharedtext.txt"]

  2. I ran ETCDCTL_API=3 etcdctl –endpoints $ENDPOINT and the error message did not highlight –cacert. The error message was just a generic help listing.

  3. Hi,

    Where did you take the value of "–cert" in the ETCD backup process if it's not provided by the question?

  4. Init Container Answer

    Answer

    apiVersion: v1
    kind: Pod
    metadata:
    name: init-container-test
    spec:
    containers:
    – name: application-container
    image: alpine
    command: ['sh', '-c', 'if [ -f /work/sharedfile.txt ]; then sleep 99999; else exit; fi']
    volumeMounts:
    – name: workdir-volume
    mountPath: /work
    initContainers:
    – name: init-container
    image: busybox:1.28
    command: ['sh', '-c', 'mkdir /work; echo>/work/sharedfile.txt']
    volumeMounts:
    – name: workdir-volume
    mountPath: /work
    volumes:
    – name: workdir-volume
    emptyDir: {}

Leave a Reply

Your email address will not be published.

Captcha loading...