Skip to content

exam-tips.md

Latest commit

 

History

History
80 lines (57 loc) · 2.25 KB

exam-tips.md

File metadata and controls

80 lines (57 loc) · 2.25 KB

Exam Notes

Things I keep forgetting or that cost me time in practice runs.

Time Management

  • 2 hours, 17 questions — roughly 7 min per question
  • Flag hard ones and come back, don't get stuck on a single task
  • Some questions are worth 4%, others 7-8% — prioritize high-value ones

Shortcuts That Save Time

# Set these up FIRST, before touching any question
alias k='kubectl'
alias kgp='kubectl get pods -A'
alias kgn='kubectl get nodes'
alias kd='kubectl describe'
export do='--dry-run=client -o yaml'
export now='--grace-period=0 --force'

# vim settings (add to ~/.vimrc)
set tabstop=2
set shiftwidth=2
set expandtab

jsonpath

Comes up all the time. I always forget the syntax.

# Get internal IPs of all nodes
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}'

# List all container images running in a namespace
kubectl get pods -n kube-system -o jsonpath='{range .items[*]}{.spec.containers[*].image}{"\n"}{end}'

# Get PV sorted by capacity
kubectl get pv --sort-by=.spec.capacity.storage

# Custom columns
kubectl get pods -o custom-columns=NAME:.metadata.name,STATUS:.status.phase,NODE:.spec.nodeName

etcd

Always need the certs. Check the etcd pod manifest if unsure:

cat /etc/kubernetes/manifests/etcd.yaml | grep -E 'cert|key|cacert'

Common Mistakes

  • Forgetting --namespace — always double-check which namespace the question asks for
  • NetworkPolicy: once you create ANY policy selecting a pod, all other traffic is denied by default
  • PV/PVC: accessModes and capacity must match, otherwise the PVC stays Pending
  • kubeadm upgrade apply only on control plane, kubeadm upgrade node on workers
  • Static pod manifests go in /etc/kubernetes/manifests/, not applied via kubectl
  • After editing a static pod manifest, kubelet picks it up automatically — no restart needed

kubectl Tricks

# Generate YAML without applying
kubectl run tmp --image=nginx $do > pod.yml

# Quick debug pod
kubectl run debug --image=busybox:1.36 --rm -it -- sh

# Check if RBAC allows something
kubectl auth can-i create deployments --as=dev -n staging

# See why a pod isn't scheduled
kubectl describe pod <name> | grep -A5 Events

# Diff before applying
kubectl diff -f manifest.yml