kubernetes学习:CKA考试题
<h3>1. 列出环境内所有的pv 并以 name字段排序(使用kubectl自带排序功能)</h3><p class="cnblogs_code">kubectl get pv --<span style="color: rgba(0, 0, 255, 1)">sort</span>-by=.metadata.name</p>
<h3>2. 列出指定pod的日志中状态为Error的行,并记录在指定的文件上</h3>
<div class="cnblogs_code">
<pre class="hljs bash"><code class="bash">kubectl logs <podname> | grep bash > /opt/KUCC000xxx/KUCC000xxx.txt</code></pre>
</div>
<h3>3.列出k8s可用的节点,不包含不可调度的 和 NoReachable的节点,并把数字写入到文件里</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#笨方法,人工数
kubectl get nodes</span></pre>
</div>
<p>参考:kubernetes备忘:https://kubernetes.io/docs/reference/kubectl/cheatsheet/</p>
<h3>4.创建一个pod名称为nginx,并将其调度到节点为 disk=stat上</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
</span><span style="color: rgba(0, 0, 255, 1)">env</span><span style="color: rgba(0, 0, 0, 1)">: test
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: nginx
image: nginx
imagePullPolicy: IfNotPresent
nodeSelector:
disktype: ssd</span><span style="color: rgba(0, 0, 255, 1)"><br></span></pre>
</div>
<p>参考:将pod分配给节点,https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/</p>
<h3>5. 提供一个pod的yaml,要求添加Init Container,Init Container的作用是创建一个空文件,pod的Containers判断文件是否存在,不存在则退出</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Pod
metadata:
name: init</span>-<span style="color: rgba(0, 0, 0, 1)">demo
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name:nginx
image:busybox:</span><span style="color: rgba(128, 0, 128, 1)">1.28</span><span style="color: rgba(0, 0, 0, 1)">
ports:
</span>- containerPort: <span style="color: rgba(128, 0, 128, 1)">80</span><span style="color: rgba(0, 0, 0, 1)">
command:[</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">sh</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">-c</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">if [ ! -e "/opt/myfile"]; then exit;fi;</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: workdir
mountPath: </span>/opt/<span style="color: rgba(0, 0, 0, 1)">
# These containers are run during pod initialization
initContainers:
</span>- name: <span style="color: rgba(0, 0, 255, 1)">install</span><span style="color: rgba(0, 0, 0, 1)">
image: busybox
command: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">sh</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">-c</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">touch -p /opt/myfile</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">]
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: workdir
mountPath: </span>/opt/<span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: workdir
emptyDir: {}</span></pre>
</div>
<p>参考:Init Container https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-initialization/#creating-a-pod-that-has-an-init-container</p>
<p> https://kubernetes.io/docs/concepts/workloads/pods/init-containers/</p>
<h3>6. 指定在命名空间内创建一个pod名称为test,内含四个指定的镜像nginx、redis、memcached、busybox</h3>
<div class="cnblogs_code">
<pre>必须自己写 yaml</pre>
</div>
<h3> 7.创建一个pod名称为test,镜像为nginx,Volume名称cache-volume为挂在在/data目录下,且Volume是non-Persistent的</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Pod
metadata:
name: test</span>-<span style="color: rgba(0, 0, 0, 1)">pod
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: test
image: nginx
volumeMounts:
</span>- mountPath: /<span style="color: rgba(0, 0, 0, 1)">data
name: cache</span>-<span style="color: rgba(0, 0, 0, 1)">volume
volumes:
</span>- name: cache-<span style="color: rgba(0, 0, 0, 1)">volume
emptyDir: {}</span></pre>
</div>
<p>参考:volume : https://kubernetes.io/docs/concepts/storage/volumes/#local</p>
<p> </p>
<h3>8. 列出Service名为test下的pod 并找出使用CPU使用率最高的一个,将pod名称写入文件中</h3>
<div class="cnblogs_code">
<p>#使用-<span style="color: rgba(0, 0, 0, 1)">o wide 获取service test的SELECTOR </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">kubectl get svc test </span>-<span style="color: rgba(0, 0, 0, 1)">o wide </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">##获取结果我就随便造了 </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">NAME TYPE CLUSTER</span>-IP EXTERNAL-<span style="color: rgba(0, 0, 0, 1)">IP PORT(S) AGE SELECTOR </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">test ClusterIP None </span><none> <span style="color: rgba(128, 0, 128, 1)">3306</span>/TCP 50d app=wordpress,tier=<span style="color: rgba(0, 0, 0, 1)">mysql </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">#获取对应SELECTOR的pod使用率,找到最大那个写入文件中 </span></p>
<p><span style="color: rgba(0, 0, 0, 1)">kubectl top <span style="color: rgba(255, 0, 0, 1)">pods </span></span>-l <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">app=wordpress,tier=mysql</span><span style="color: rgba(128, 0, 0, 1)">'</span></p>
</div>
<h3>9.创建一个Pod名称为nginx-app,镜像为nginx,并根据pod创建名为nginx-app的Service,type为NodePort </h3>
<div class="cnblogs_code">
<pre>kubectl run nginx-app --image=nginx </pre>
</div>
<p>之后创建service</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Service
metadata:
name: nginx</span>-<span style="color: rgba(0, 0, 0, 1)">app
spec:
selector:
run: nginx</span>-<span style="color: rgba(0, 0, 0, 1)">app
ports:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: http
protocol: TCP
port: </span><span style="color: rgba(128, 0, 128, 1)">80</span><span style="color: rgba(0, 0, 0, 1)">
targetPort: </span><span style="color: rgba(128, 0, 128, 1)">9376</span>
-<span style="color: rgba(0, 0, 0, 1)"> name: https
protocol: TCP
port: </span><span style="color: rgba(128, 0, 128, 1)">443</span><span style="color: rgba(0, 0, 0, 1)">
targetPort: </span><span style="color: rgba(128, 0, 128, 1)">9377</span><span style="color: rgba(0, 0, 0, 1)">
type: NodePort</span></pre>
</div>
<p>参考:service https://kubernetes.io/docs/concepts/services-networking/service/</p>
<h3>10.创建一个nginx的Workload,保证其在每个节点上运行,注意不要覆盖节点原有的Tolerations </h3>
<p> 这道题直接复制文档的yaml太长了,由于damonSet的格式和Deployment格式差不多,我用旁门左道的方法 先创建Deploy,再修改,这样速度会快一点</p>
<div class="cnblogs_code">
<pre>kubectl run nginx --image=nginx:<span style="color: rgba(128, 0, 128, 1)">1.17</span>.<span style="color: rgba(128, 0, 128, 1)">1</span> -oyaml > nginx-daemonset.yaml<br># 修改yaml文件<br>vi nginx-daemonset.yaml</pre>
</div>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#修改apiVersion和kind
#apiVersion: extensions</span>/<span style="color: rgba(0, 0, 0, 1)">v1beta1
#kind: Deployment
apiVersion:apps</span>/<span style="color: rgba(0, 0, 0, 1)">v1
kind: DaemonSet
metadata:
creationTimestamp: </span><span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">
labels:
run: nginx
name: nginx
spec:
#去掉replicas
# replicas: </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
selector:
matchLabels:
run: nginx
strategy: {}
template:
metadata:
creationTimestamp: </span><span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">
labels:
run: nginx
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> image: nginx
name: nginx
resources: {}
status: {}</span></pre>
</div>
<h3>11. 将deployment为nginx-app的副本数从1变成4。</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#方法1
kubectl scale</span>--replicas=<span style="color: rgba(128, 0, 128, 1)">4</span> deployment nginx-<span style="color: rgba(0, 0, 0, 1)">app
#方法2,使用edit命令将replicas改成4
kubectl edit deploy nginx</span>-app</pre>
</div>
<p>参考: https://kubernetes.io/docs/tasks/run-application/run-stateless-application-deployment/#scaling-the-application-by-increasing-the-replica-count</p>
<p> https://kubernetes.io/docs/reference/kubectl/cheatsheet/</p>
<h3>12. 创建nginx-app的deployment ,使用镜像为nginx:1.11.0-alpine ,修改镜像为1.11.3-alpine,并记录升级,再使用回滚,将镜像回滚至nginx:1.11.0-alpine </h3>
<div class="cnblogs_code">
<pre># 创建nginx-<span style="color: rgba(0, 0, 0, 1)">app的deployment
kubectl run nginx</span>-app --image=nginx:<span style="color: rgba(128, 0, 128, 1)">1.11</span>.<span style="color: rgba(128, 0, 128, 1)">0</span>-alpine --<span style="color: rgba(0, 0, 0, 1)">record
# 修改镜像,nginx</span>-<span style="color: rgba(0, 0, 0, 1)">app为container的名字
kubectl set image deployment nginx</span>-app nginx-app=nginx:<span style="color: rgba(128, 0, 128, 1)">1.11</span>.<span style="color: rgba(128, 0, 128, 1)">3</span>-<span style="color: rgba(0, 0, 0, 1)">alipne
# 回滚
kubectl rollout undo deployment nginx</span>-app</pre>
</div>
<p>参考:https://kubernetes.io/docs/reference/kubectl/cheatsheet/</p>
<h3>13. 根据已有的一个nginx的pod、创建名为nginx的svc、并使用nslookup查找出service dns记录,pod的dns记录并分别写入到指定的文件中</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#创建一个服务
kubectl create svc nodeport nginx </span>--tcp=<span style="color: rgba(128, 0, 128, 1)">80</span>:<span style="color: rgba(128, 0, 128, 1)">80</span><span style="color: rgba(0, 0, 0, 1)">
#创建一个指定版本的busybox,用于执行nslookup
kubectl create </span>-f https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">k8s.io/examples/admin/dns/busybox.yaml</span>
<span style="color: rgba(0, 0, 0, 1)">#将svc的dns记录写入文件中
kubectl exec </span>-ti busybox -- nslookup nginx ><span style="color: rgba(0, 0, 0, 1)"> 指定文件
#获取pod的ip地址
kubectl get pod nginx </span>-<span style="color: rgba(0, 0, 0, 1)">o yaml
#将获取的pod ip地址使用nslookup查找dns记录
kubectl exec </span>-ti busybox -- nslookup <Pod ip></pre>
</div>
<p>考点:网络相关,DNS解析</p>
<p>参考:https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/<br></p>
<h3>14. 创建Secret 名为mysecret,内含有password字段,值为bob,然后 在pod1里 使用ENV进行调用,Pod2里使用Volume挂载在/data 下</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#将密码值使用base64加密,记录在Notepad里
</span><span style="color: rgba(0, 0, 255, 1)">echo</span> -n <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">bob</span><span style="color: rgba(128, 0, 0, 1)">'</span> | base64</pre>
</div>
<p>secret.yaml</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
password: Ym9i</span></pre>
</div>
<p>pod1.yaml 使用env进行调用</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Pod
metadata:
name: pod2
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: mycontainer
image: redis
</span><span style="color: rgba(0, 0, 255, 1)">env</span><span style="color: rgba(0, 0, 0, 1)">:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password</span></pre>
</div>
<p>pod2.yaml 挂载到data目录下</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: mypod
image: nginx
volumeMounts:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: mysecret
mountPath: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">/data</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
readOnly: </span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">
volumes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> name: mysecret
secret:
secretName: mysecret</span></pre>
</div>
<p>参考:https://kubernetes.io/docs/concepts/configuration/secret/</p>
<p> </p>
<h3>15. 使node1节点不可调度,并重新分配该节点上的pod</h3>
<div class="cnblogs_code">
<pre>#直接drain会出错,需要添加--ignore-daemonsets --delete-local-<span style="color: rgba(0, 0, 0, 1)">data参数
kubectl drain node node1</span>--ignore-daemonsets --delete-local-data</pre>
</div>
<p>参考:https://kubernetes.io/docs/tasks/administer-cluster/safely-drain-node/</p>
<h3>16. 使用etcd 备份功能备份etcd(提供enpoints,ca、cert、key)</h3>
<div class="cnblogs_code">
<pre>ETCDCTL_API=<span style="color: rgba(128, 0, 128, 1)">3</span> etcdctl --endpoints https:<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">127.0.0.1:2379 \</span>
--cacert=ca.pem --cert=cert.pem --key=<span style="color: rgba(0, 0, 0, 1)">key.pem \
snapshot save snapshotdb</span></pre>
</div>
<p>参考: https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/#backing-up-an-etcd-cluster</p>
<h3> </h3>
<h3> 17. 给出一个失联节点的集群,排查节点故障,要保证改动是永久的。</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#查看集群状态
kubectl get nodes
#查看故障节点信息
kubectl describe node node1
#Message显示kubelet无法访问(记不清了)
#进入故障节点
</span><span style="color: rgba(0, 0, 255, 1)">ssh</span><span style="color: rgba(0, 0, 0, 1)"> node1
#查看节点中的kubelet进程
</span><span style="color: rgba(0, 0, 255, 1)">ps</span> -aux | <span style="color: rgba(0, 0, 255, 1)">grep</span><span style="color: rgba(0, 0, 0, 1)"> kubelete
#没找到kubelet进程,查看kubelet服务状态
systemctl status kubelet.service
#kubelet服务没启动,启动服务并观察
systemctl start kubelet.service
#启动正常,enable服务
systemctl enable kubelet.service
#回到考试节点并查看状态
exit
kubectl get nodes #正常</span></pre>
</div>
<p>参考:https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/</p>
<h3>18. 创建一个pv,类型是hostPath,位于/data中,大小1G,模式ReadOnlyMany</h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">apiVersion: v1
kind: PersistentVolume
metadata:
name: pv</span>-<span style="color: rgba(0, 0, 0, 1)">host
spec:
capacity:
storage: 1Gi
volumeMode: Filesystem
accessModes:
</span>-<span style="color: rgba(0, 0, 0, 1)"> ReadWriteMany
persistentVolumeReclaimPolicy: Recycle
storageClassName: slow
hostPath:
path: </span>/data</pre>
</div>
<p>参考: https://kubernetes.io/docs/concepts/storage/persistent-volumes/</p>
<p> </p>
<h3>19. 给出一个集群,将节点node1添加到集群中,并使用TLS bootstrapping</h3>
<p> 参考:https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/#kube-controller-manager-configuration</p>
<p> https://blog.fanfengqiang.com/2019/03/11/kubernetes-TLS-Bootstrapping%E9%85%8D%E7%BD%AE/</p>
<p> </p>
<p> </p>
<h3> </h3>
<p> </p>
<h3> </h3>
<p> </p><br><br>
来源:https://www.cnblogs.com/haoprogrammer/p/11149661.html
頁:
[1]