1. Can Kubernetes master nodes run without kubelet
a. True
b. False
2. How many major releases the Kubernetes project provides full support for?
a. Two major releases, including the latest one
b. Three major releases, including the latest one
c. Only the latest release is supported
3. What happens when you issue kubectl delete node NODE_NAME
?
a. Node NODE_NAME is deleted from Etcd, becomes unschedulable, but old workloads continue to run on it.
b. Node NODE_NAME It is completely removed from Kubernetes; all Kubernetes pods are also removed from it.
4. How to efficiently make sure that Helm release is properly rolled back in case of failure?
a. Use --verify
flag to helm upgrade
b. Use --atomic
flag to helm upgrade
c. Use --cleanup-on-fail
flag to helm upgrade
5. How is it possible to make adjustments to Kubernetes objects before they are created (for example, add some predefined labels based on user’s group)
a. It is not possible, users have to adjust the objects themselves
b. It is possible using Validating Admission Webhook
c. It is possible using Mutating Admission Webhook
6. What is the cleanest way to schedule a pod on some particular node
a. spec.nodeSelector
b. Taints and tolerations
c. spec.nodeName
7. How can we mount a single persistentVolume to several pods in read-write mode (assuming that the volume supports this feature)?
a. Create multiple persistentVolumeClaims to the persistentVolume and use them in podSpec
b. Use ReadWriteMany AccessMode for persistentVolume
c. Use WriteMany AccessMode for persistentVolume
d. It is not possible using Kubernetes instruments, should be done manually inside each pod
8. Kubernetes Pods run to completion.
a. True
b. False
9. What sidecar containers are used for?
a. Sidecar containers start and finish before the start of main container, allowing for startup environment bootstrap
b. Sidecar containers are used internally by Kubernetes to perform liveness and readiness probe checks
c. Sidecar containers run in parallel with the main container allowing to add various agents and helper software
10. Can Kubernetes worker nodes run without kubelet
a. True
b. False
11. You are running the software inside Kubernetes that relies on hostname persistence across restarts. What Kubernetes object is most suitable for running such a software
a. StatefulSet
b. Deployment
c. ReplicaSet
d. Pod
12. You are running a two-container pod. The application inside the first container fails, but the pod continues to run, causing disruption to service. What needs to be done in order to restart the pod in case of application failure?
a. Configure Pod spec.restartPolicy
to “OnFailure”
b. Configure application container spec.restartPolicy
to “OnFailure”
c. Configure a livenessProbe for your application container
d. Configure a readinessProbe for your application container
13. You want to run two monitoring agents per each Kubernetes worker node. Each monitoring agent should run in its own container. What is the best way of accomplishing this task?
a. Create DaemonSet with spec.replicas: 2
and specify two monitoring containers in spec.template.spec.containers.
b. Create two DaemonSets, each with its own monitoring container.
c. Create two Deployments, each with its own monitoring container and adjust spec.nodeSelector
to run on all nodes.
14. You are running a StatefulSet with 4 replicas. There is a new application version and you want to test it only on 1 replica of StatefulSet (other 3 replicas should stay on the previous version of application at all times). How can you perform such a change to statefulSet?
a. Set StatefulSet spec.strategy.rollingUpdate.maxSurge
to 3, allowing to keep 3 previous version pods
b. Set StatefulSet spec.updateStrategy.rollingUpdate.partition
to 3, allowing to keep 3 previous version pods
c. Set StatefulSet spec.updateStrategy.type
to “OnDelete” and manually update one pod to the latest version, while keeping 3 other pods at previous version.
15. You run Kubernetes on a cloud platform which supports Load Balancers. However, when you create a Kubernetes Service with type LoadBalancer you notice that Service ExternalIP stays in “Pending” state forever. What is most likely the cause of it?
a. You didn’t provide enough cloud permissions to Kubernetes Controller Manager, so it cannot create Load Balancer resource in cloud
b. You should configure firewall rules for your Kubernetes worker nodes NodePort range to allow Load Balancer health checks
c. You forgot to add cloud credentials to cloud-creds Secret in kube-system namespace
d. You should first configure Nginx Ingress Controller to integrate Kubernetes with your cloud provider
16. You’ve configured Kubernetes Service with a type of LoadBalancer for the publicly facing application and it’s working fine. However, the application team is complaining that they are not seeing the client IP addresses in the application logs. Instead they see Kubernetes worker nodes IP addresses. How can you possibly fix this issue?
a. Works as expected, there is no easy solution.
b. Tell the application team to use X-Forwarded-For HTTP header as a source of client IP address.
c. Set service.spec.externalTrafficPolicy
to “Local”.
d. Configure Kubernetes worker nodes firewall to allow NodePort range health checks from the Load Balancer.
17. You are trying to run the application in Kubernetes, but after some time the pod state becomes CrashLoopBackoff. What is the problem here?
a. You specified a non-existent image for the pod
b. Kubernetes does not have enough resources to run the pod
c. Application is constantly failing the configured readinessProbe
d. There is an application error that prevents it from running
18. You configured Ingress resource for the application with hostname “example.com” and URI path “/app”, but then you noticed application HTTP 404 errors saying that URI path “/app” is not found. After some testing you found that application works fine if you specify URI path “/”. What is the most efficient way of solving ?
a. Rewrite the application to work on URI path /app
b. Configure ingress.kubernetes.io/rewrite-target
Ingress annotation.
c. Configure pathType
to be ImplementationSpecific
d. Specify the correct path in the Service object.
19. You run an application that has a very long startup and shutdown durations. What is the recommended way of running such an application in Kubernetes? (Select all that applies)
a. Configure proper initialDelaySeconds
values for livenessProbe
and readinessProbe
b. Configure preStop
hook
c. Configure proper terminationGracePeriodSeconds
value
d. Modify the application code to start and stop faster in order to fit into Kubernetes default values
e. Configure startupProbe
f. Run application as StatefulSet
g. Configure PodDisruptionBudget for the application
1. What is the most effective way of reusing the Terraform code between different environments
a. Output
b. Package
c. Module
d. Resource
2. How can you pass resources created in one module to another module?
a. You can do that using module.MODULE_NAME.resource.RESOURCE_NAME reference.
b. Use module outputs
c. Use “module” data resource
3. What terraform refresh
command does?
a. It reapplies the Terraform code fixing any configuration drift that may have occurred since the last-known state.
b. It tries to reconcile the Terraform state with the real-world infrastructure and detects any drift from the last-known state.
c. It detects any drift from the last-known state but keeps the Terraform state untouched.
4. What null_resource is useful for?
a. null_resource if useful for ensuring dependencies between resources.
b. null_resource can be used to run provisioner tasks in response to some events
c. null_resource is used for inserting time delay between resources creation
5. How to rollback changes made by Terraform?
a. Use terraform state rollback
b. Use terraform rollback
c. It is not possible using Terraform alone.
6. Keeping Terraform state file under version control is considered a good practice?
a. True
b. False
7. terraform.tfstate is a file in which format?
a. YAML
b. JSON
c. Binary
8. You created cloud resources using Terraform, but then you manually deleted one of the resources from the cloud without using Terraform. How to make Terraform aware of it in the most efficient manner?
a. Use terraform state rm RESOURCE_NAME
and delete the resource from Terraform code.
b. Delete the resource from Terraform code.
c. Run terraform apply
, then delete the resource from Terraform code and then again run terraform apply
9. What Terraform remote state lock is used for?
a. It is used in order to block any changes to Terraform state. Use terraform force-unlock
to continue making changes to it.
b. It is automatically used to avoid concurrent modifications of Terraform state (if supported).
c. It is used to let other people know that you are working with Terraform now. Use terraform force-unlock
to let others know that you’ve finished making changes.
10. Variables provided via command line -var/-var-file flag take precedence over variables defined in terraform.tfvars file.
a. True
b. False
11. Variables with "sensitive" parameter set to “true” are automatically encrypted in Terraform state.
a. True
b. False
12. How to debug the Terraform run?
a. Use -debug flag to terraform apply
b. Set “TF_LOG” environment variable to “DEBUG”.
c. Set “TF_DEBUG” environment variable to “1”.
13. How to copy a file into the cloud instance created using Terraform?
a. Put the file into some public storage and then automatically download it from the instance.
b. Use “file” provisioner
c. Use “copy” provisioner
1. Why it is considered a best practice to run application as PID 1 inside container?
a. It allows to properly forward process signals to application
b. It is needed to configure application logging properly
c. It allows to control compute resources consumption more efficiently
2. You are building Docker image using the following Dockerfile:
FROM busybox
COPY . .
COPY ../somefile.txt .
RUN cat /somefile.txt
But you are getting an error:somefile.txt: no such file or directory
a. asd
b. bcd