CKA Cluster Architecture, Installation & Configuration • Complete Question Bank
Complete CKA Cluster Architecture, Installation & Configuration question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. Error from server: error when creating "pod.yaml": pods "my-pod" is forbidden: exceeded quota: compute-quota, requested: limits.cpu=2, used: limits.cpu=1, limited: limits.cpu=2
You are a cluster administrator managing a multi-node Kubernetes cluster version 1.22. The cluster runs critical applications in the 'production' namespace. You have been asked to upgrade the control plane node to version 1.23 while minimizing downtime. The cluster uses a single control plane node (not HA). You have already backed up etcd and verified the backup is valid. You have also reviewed the upgrade notes and there are no breaking changes that affect your workloads.
You have drained the control plane node and ensured all pods are evicted. The node is now in 'Ready,SchedulingDisabled' state. You then run 'kubeadm upgrade plan' and see that upgrade to v1.23.0 is available. Next, you run 'kubeadm upgrade apply v1.23.0'. The command completes successfully. However, when you try to uncordon the node with 'kubectl uncordon <node>', you get an error: 'error: unable to update node: the object has been modified; please apply your changes to the latest version and try again'. What is the most likely cause and the correct next step?
Refer to the exhibit. ``` $ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready master 10d v1.25.0 worker1 Ready <none> 10d v1.25.0 worker2 NotReady <none> 10d v1.25.0 $ kubectl describe node worker2 | grep -i condition Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message ---- ------ ----------------- ------------------ ------ ------- NetworkUnavailable False Thu, 01 Jan 2023 00:00:00 +0000 Thu, 01 Jan 2023 00:00:00 +0000 CalicoIsUp Calico is running on this node MemoryPressure False Thu, 01 Jan 2023 00:00:00 +0000 Thu, 01 Jan 2023 00:00:00 +0000 KubeletHasSufficientMemory kubelet has sufficient memory available DiskPressure False Thu, 01 Jan 2023 00:00:00 +0000 Thu, 01 Jan 2023 00:00:00 +0000 KubeletHasNoDiskPressure kubelet has no disk pressure PIDPressure False Thu, 01 Jan 2023 00:00:00 +0000 Thu, 01 Jan 2023 00:00:00 +0000 KubeletHasSufficientPID kubelet has sufficient PID available Ready Unknown Thu, 01 Jan 2023 00:00:00 +0000 Thu, 01 Jan 2023 00:00:00 +0000 NodeStatusUnknown Kubelet stopped posting node status. ```
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Smallest deployable unit, runs containers
Stable network endpoint for a set of Pods
HTTP/HTTPS routing to Services
Non-sensitive configuration data
Storage resource provisioned by an administrator
Drag a concept onto its matching description — or click a concept then click the description.
Specifies the user ID for the container's process
Prevents running as root (UID 0)
Grants elevated privileges to the container
Makes the container's root filesystem read-only
Adds or drops Linux capabilities
```
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 10d v1.28.0
node1 Ready <none> 10d v1.28.0
node2 Ready <none> 10d v1.28.0
node3 Ready <none> 10d v1.28.0
$ kubectl describe pod nginx-pod
Name: nginx-pod
Namespace: default
Priority: 0
Node: node1/192.168.1.101
Start Time: Mon, 01 Jan 2024 12:00:00 +0000
Labels: run=nginx
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 2m default-scheduler 0/4 nodes are available: 1 node(s) had untolerated taint {node.kubernetes.io/not-ready: }, 3 node(s) had untolerated taint {node.kubernetes.io/unreachable: }. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling.
`````` $ kubectl get pods -n kube-system | grep etcd etcd-master 1/1 Running 0 10d $ kubectl logs -n kube-system etcd-master | tail -5 2024-01-01 12:00:00.000000 I | embed: rejected connection from "192.168.1.102:45678" (error "tls: first record does not look like a TLS handshake", ServerName "") 2024-01-01 12:00:01.000000 I | embed: rejected connection from "192.168.1.103:45678" (error "tls: first record does not look like a TLS handshake", ServerName "") 2024-01-01 12:00:02.000000 I | embed: rejected connection from "192.168.1.102:45679" (error "tls: first record does not look like a TLS handshake", ServerName "") $ kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP master Ready control-plane,master 10d v1.28.0 192.168.1.100 <none> node1 Ready <none> 10d v1.28.0 192.168.1.101 <none> node2 Ready <none> 10d v1.28.0 192.168.1.102 <none> node3 Ready <none> 10d v1.28.0 192.168.1.103 <none> ```
``` $ kubectl get nodes NAME STATUS ROLES AGE VERSION master NotReady control-plane,master 10d v1.28.0 node1 Ready <none> 10d v1.28.0 $ kubectl describe node master | grep -A5 Conditions Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message ---- ------ ----------------- ------------------ ------ ------- NetworkUnavailable False Mon, 01 Jan 2024 12:00:00 +0000 Mon, 01 Jan 2024 12:00:00 +0000 CalicoIsUp Calico is running on this node MemoryPressure False Mon, 01 Jan 2024 12:00:00 +0000 Mon, 01 Jan 2024 12:00:00 +0000 KubeletHasSufficientMemory kubelet has sufficient memory available DiskPressure False Mon, 01 Jan 2024 12:00:00 +0000 Mon, 01 Jan 2024 12:00:00 +0000 KubeletHasNoDiskPressure kubelet has no disk pressure PIDPressure False Mon, 01 Jan 2024 12:00:00 +0000 Mon, 01 Jan 2024 12:00:00 +0000 KubeletHasSufficientPID kubelet has sufficient PID available Ready False Mon, 01 Jan 2024 12:00:00 +0000 Mon, 01 Jan 2024 12:00:00 +0000 KubeletNotReady container runtime is down ```
``` $ kubectl get csr NAME AGE SIGNERNAME REQUESTOR REQUESTDURATION CONDITION csr-node2 10m kubernetes.io/kube-apiserver-client-kubelet kubelet-bootstrap <none> Pending $ kubectl describe csr csr-node2 Name: csr-node2 Labels: <none> Annotations: <none> CreationTimestamp: Mon, 01 Jan 2024 12:00:00 +0000 Requesting User: kubelet-bootstrap Signer: kubernetes.io/kube-apiserver-client-kubelet Status: Pending Subject: Common Name: system:node:node2 Organization: system:nodes Groups: system:nodes system:authenticated $ kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready control-plane,master 10d v1.28.0 node1 Ready <none> 10d v1.28.0 node2 NotReady <none> 1m v1.28.0 ```