Kubernetes Excercises

Creating a Kubernetes Cluster

  • Create a 3-node Kubernetes cluster, using one control plane node and 2
    worker nodes.


Scheduling a Pod

  • Schedule a Pod with the name lab123 that runs the Nginx and redis


Managing Application Initialization

  • Create a deployment with the name lab124deploy which runs the Nginx image,
    but waits 30 seconds before starting the actual Pods.

Go to the kubernetes documentation page -> search: init container -> copy init container in use:

Modify lab124deploy.yaml so it looks like:


Setting up Persistent Storage

Create a Persistent Volume with the name lab125 that uses HostPath on the
directory /lab125.

Go to Kubernetes documentation:  persistent volume -> Configure a Pod to Use a PersistentVolume for Storage -> Create a PersistentVolume


Configuring Application Access

  • Create a Deployment with the name lab126deploy, running 3 instances of
    the Nginx image.
  • Configure it such that it can be accessed by external users on port 32567 on each cluster node.

Edit the svc:

After svc has been edited:

Let’s check:


Securing Network Traffic

Create a Namespace with the name restricted, and configure it such that it
only allows access to Pods exposing port 80 for Pods coming from the
Namespaces access.

Go to the kubernetes documentation page -> search: network policy -> Network Policies -> The NetworkPolicy resource

Let’s edit the 127lab.yaml.


Setting up Quota

  • Create a Namespace with the name limited and configure it such that only
    5 Pods can be started and the total amount of available memory for
    applications running in that Namespace is limited to 2 GiB.
  • Run a webserver Deployment with the name lab128deploy and using 3 Pods in this Namespace.
  • Each of the Pods should request 128MiB memory and be limited to 256MiB.


Creating a Static Pod

Configure a Pod with the name lab129pod that will be started by the kubelet
on node worker2 as a static Pod.

On controller:

On worker2:

On Controller:


Troubleshooting Node Services

Assume that node worker2 is not currently available. Ensure that the appropriate service is started on that node which will show the node as


Configuring Cluster Access

Create a ServiceAccount that has permissions to create Pods, Deployments,
DaemonSets and StatefulSets in the Namespace “access”.

Go to the kubernetes documentation page -> search: role -> Using RBAC Authorization -> Role examples


Configuring Taints and Tolerations

  • Configure node worker2 such that it will only allow Pods to run that have
    been configured with the setting type:db
  • After verifying this works, remove the node restriction to return to normal operation.

Go to the kubernetes documentation page -> search: taint ->  Taints and Tolerations



Configuring a High Availability Cluster

  • Configure a High Availability cluster with three control plane nodes and two
    worker nodes.
  • Ensure that each control plane node can be used as a client as well.
  • Use the scripts provided in the course Git repository at https://github.com/sandervanvugt/cka to install the CRI, kubetools and load balancer.


Etcd Backup and Restore

Note: all tasks from here on should be performed on a non-HA cluster

  • Before creating the backup, create a Deployment that runs nginx.
  • Create a backup of the etcd and write it to /tmp/etcdbackup.
  • Delete the Deployment you just created.
  • Restore the backup that you have created in the first step of this procedure and verify that the Deployment is available again.


Performing a Control Node Upgrade

  • Notice that this task requires you to have a control node running an older
    version of Kubernetes available.
  • Update the control node to the latest version of Kubernetes.
  • Ensure that the kubelet and kubectl are updated as well.


Configuring Application Logging

  • Create a Pod with a logging agent that runs as a sidecar container.
  • Configure the main application to use Busybox and run the Linux date command every minute. The result of this command should be written to the directory /output/date.log.
  • Set up a sidecar container that runs Nginx and provide access to the date.log file on /usr/share/nginx/html/date.log.

Go to the kubernetes documentation page -> search: logging-> Logging Architecture


Managing Persistent Volume Claims

  • Create a PerstistentVolume that uses 1GB of HostPath storage.
  • Create a PersistentVolumeClaim that uses the PersistentVolume; the PersistentVolumeClaim should request 100 MiB of storage.
  • Run a Pod with the name storage, using the Nginx image and mounting this PVC on the directory /data.
  • After creating the configuration, change the PersistentVolumeClaim to request a size of 200MiB.

And change to:


Investigating Pod Logs

  • Run a Pod with the name failingdb, which starts the mariadb image
    without any further options (it should fail).
  • Investigate the Pod logs and write all lines that start with ERROR to /tmp/failingdb.log


Analyzing Performance

  • Find out which Pod currently has the highest CPU load.





Managing Scheduling

  • Runa Pod with the name lab139pod.
  • Ensure that it only runs on nodes that have the label storage=ssd set.


Configuring Ingress

  •  Run a Pod with the name lab1310pod, using the Nginx image.
  • Expose this Pod using a NodePort type Service.
  • Configure Ingress such that its web content is available on the path lab1310.info/hi
  • You will not have to configure an Ingress controller for this assignment, just the API resource is enough


Preparing for Node Maintenance

  • Schedule node worker2 for maintenance in such a way that all run
    Pods are evicted.


Scaling Applications

  • Run a Deployment with the name lab1312deploy using the nginx image
  • Scale it such that it runs 6 application instances.