loading...
Cover image for CKAD Exam Practice Exercise : Services and Networking

CKAD Exam Practice Exercise : Services and Networking

vijaydaswani profile image Vijay Daswani ・2 min read

CKAD Exam : Practice Exercise (8 Part Series)

1) CKAD Exam : Practice Exercise 2) CKAD Exam Practice Exercise : Core Concepts 3 ... 6 3) CKAD Exam Practice Exercise : Multi Container Pods 4) CKAD Exam Practice Exercise : Pod Design 5) CKAD Exam Practice Exercise : State Persistence 6) CKAD Exam Practice Exercise : Configuration 7) CKAD Exam Practice Exercise : Observability 8) CKAD Exam Practice Exercise : Services and Networking

Services and Networking (13%)

Practice questions based on these concepts

  • Understand Services
  • Demonstrate a basic understanding of NetworkPolicies

Exercise

Create an nginx pod with a yaml file with label my-nginx and expose the port 80

kubectl run nginx --image=nginx --restart=Never --port=80 --dry-run -o yaml > nginx.yaml

// edit the label app: my-nginx and create the pod
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    app: my-nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Never
status: {}

kubectl create -f nginx.yaml

Create the service for this nginx pod with the pod selector app: my-nginx

// create the below service
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376

kubectl create -f nginx-svc.yaml

Find out the label of the pod and verify the service has the same label

// get the pod with labels
kubectl get po nginx --show-labels

// get the service and chekc the selector column
kubectl get svc my-service -o wide

Delete the service and create the service with kubectl expose command and verify the label

// delete the service
kubectl delete svc my-service

// create the service again
kubectl expose po nginx --port=80 --target-port=9376

// verify the label
kubectl get svc -l app=my-nginx

Delete the service and create the service again with type NodePort

// delete the service
kubectl delete svc nginx

// create service with expose command
kubectl expose po nginx --port=80 --type=NodePort

Create the temporary busybox pod and hit the service. Verify the service that it should return the nginx page index.html

// get the clusterIP from this command
kubectl get svc nginx -o wide

// create temporary busybox to check the nodeport
kubectl run busybox --image=busybox --restart=Never -it --rm -- wget -o- :80

Create a NetworkPolicy which denies all ingress traffic

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: default-deny
spec:
  podSelector: {}
  policyTypes:
  - Ingress

CKAD Exam : Practice Exercise (8 Part Series)

1) CKAD Exam : Practice Exercise 2) CKAD Exam Practice Exercise : Core Concepts 3 ... 6 3) CKAD Exam Practice Exercise : Multi Container Pods 4) CKAD Exam Practice Exercise : Pod Design 5) CKAD Exam Practice Exercise : State Persistence 6) CKAD Exam Practice Exercise : Configuration 7) CKAD Exam Practice Exercise : Observability 8) CKAD Exam Practice Exercise : Services and Networking

Posted on by:

vijaydaswani profile

Vijay Daswani

@vijaydaswani

Certified Kubernetes Application Developer, Certified Azure Solution Architect and Having 2+ years of experience in IT profession and product engineering.

Discussion

markdown guide