DEV Community

Cover image for CKAD Exam Practice Exercise : Services and Networking
Vijay Daswani
Vijay Daswani

Posted on

CKAD Exam Practice Exercise : Services and Networking

#kubernetes #developer #devops #cloud

Services and Networking (13%)

Practice questions based on these concepts

  • Understand Services
  • Demonstrate a basic understanding of NetworkPolicies

Exercise

Create an nginx pod with a yaml file with label my-nginx and expose the port 80

kubectl run nginx --image=nginx --restart=Never --port=80 --dry-run -o yaml > nginx.yaml

// edit the label app: my-nginx and create the pod
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    app: my-nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Never
status: {}

kubectl create -f nginx.yaml
Enter fullscreen mode Exit fullscreen mode

Create the service for this nginx pod with the pod selector app: my-nginx

// create the below service
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376

kubectl create -f nginx-svc.yaml
Enter fullscreen mode Exit fullscreen mode

Find out the label of the pod and verify the service has the same label

// get the pod with labels
kubectl get po nginx --show-labels

// get the service and chekc the selector column
kubectl get svc my-service -o wide
Enter fullscreen mode Exit fullscreen mode

Delete the service and create the service with kubectl expose command and verify the label

// delete the service
kubectl delete svc my-service

// create the service again
kubectl expose po nginx --port=80 --target-port=9376

// verify the label
kubectl get svc -l app=my-nginx
Enter fullscreen mode Exit fullscreen mode

Delete the service and create the service again with type NodePort

// delete the service
kubectl delete svc nginx

// create service with expose command
kubectl expose po nginx --port=80 --type=NodePort
Enter fullscreen mode Exit fullscreen mode

Create the temporary busybox pod and hit the service. Verify the service that it should return the nginx page index.html

// get the clusterIP from this command
kubectl get svc nginx -o wide

// create temporary busybox to check the nodeport
kubectl run busybox --image=busybox --restart=Never -it --rm -- wget -o- :80
Enter fullscreen mode Exit fullscreen mode

Create a NetworkPolicy which denies all ingress traffic

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-deny
spec:
  podSelector: {}
  policyTypes:
  - Ingress
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Some comments may only be visible to logged-in visitors. Sign in to view all comments.

Read next

diek profile image

When Your AWS Bill Goes Viral and Your Finance Department Becomes a Memelord 🚀💸

diek -

depp57 profile image

Kubernetes homelab - Learning by doing, Part 6: Automation

Sacha Thommet -

hana_sato profile image

IBM InfoSphere vs. STIBO STEP: Which MDM Wins?

Hana Sato -

sudhanshu456 profile image

Running Phi 3 with vLLM and Ray Serve

Sudhanshu Prajapati -