CKS EXAM

  • Tips

  • Tricks

  • Strategy

URLs to read through before the Exam - 1

https://docs.linuxfoundation.org/tc-docs/certification/certification-resources-allowed#certified-kubernetes-administrator-cka-and-certified-kubernetes-application-developer-ckad-and-certified-kubernetes-security-specialist-cks

URLs to read through before the Exam - 2

https://docs.linuxfoundation.org/tc-docs/certification/important-instructions-cks

16 Clusters = 16 Contexts = 16 Questions

Each Cluster is 1 Master and 1 Worker

You are on client terminal

context=ak8s

context=bk8s

context=ck8s

context=pk8s

you are here first

client terminal

k config use-context ak8s

k config use-context bk8s

k config use-context ck8s

master

worker

ssh master

ssh worker

master

worker

master

worker

master

worker

Contexts

# List all contexts
k config get-contexts
# What is the current context
k config current-context
# Use this context from all kubectl commands from now on
k config use-context ck8s 
k get po -A
# Change context
k config use-context dk8s 
k get po -A

Terminal, Master, Worker

# Always start in client terminal
k get po -A
# Go to master
ssh master
# Modify some file
# Restart some service etc.
exit
# Now you are back to client terminal

# Go to worker
ssh worker
# Modify some file
# Restart some service etc.
exit
# Now you are back to client terminal

Sudo if you can 

sudo -i

Backup and Edit Strategy

F=/etc/kubernetes/manifests/kube-apiserver.yaml
G=/etc/kubernetes/manifests/kube-controller-manager.yaml
echo $F, $G
mkdir 7 ; cd 7
cp $F .
vi $F

File names and paths to remember

cd /etc/kubernetes/manifests ; ls
/etc/kubernetes/manifests/kube-apiserver.yaml
/etc/kubernetes/manifests/kube-controller-manager.yaml
/etc/kubernetes/manifests/etcd.yaml
---
cd /var/lib/kubelet ; ls
/var/lib/kubelet/config.yaml
---
cd /var/log/containers ; ls
/etc/kubernetes/etcd.yaml
/var/log/kubernetes/audit.log
---
cd /etc/falco ; ls
/etc/falco/falco.yaml
/etc/falco/falco_rules.yaml
/etc/falco/falco_rules.local.yaml
/etc/falco/k8s_audit_rules.yaml
/etc/falco/rules.d
---
log file location
cd /var/log/containers ; ls
---
service file
/etc/systemd/system/kubelet.service.d/10-kubeadm.conf

Some command line tools

falco --help
apparmor_status --help
apparmor_parser --help
trivy --help
trivy image --help
trivy image --severity 'CRITICAL,HIGH' amazonlinux:1
trivy image --severity 'CRITICAL,HIGH' \
k8s.gcr.io/kube-controller-manager:v1.18.6

THANKS

FOR

WATCHING

N=quetzal
k -n $N delete deploy broker-deployment
k delete ns $N
k create ns $N
k -n $N create deployment broker-deployment --image redis:alpine \
--port 6379 --dry-run=client -oyaml > /tmp/broker-deployment.yaml
k create -f /tmp/broker-deployment.yaml

Lab Preparation