CKA failed 2 times

HI All, Kindly guide me , I have failed 2 times in CKA exam , each time I got 65 marks. How can I clear my exam on 3rd attempt where I am missing? I have gone through the mock exam multiple times, and gone through the killer.sh also many times.

1 Like

@bala1182002 , Go through the areas in which you are facing difficulties. Also, did you use any bookmarks. It will help you in refer quickly during exams. Also, join the slack channel where you can ask doubts so that the members will help you.

Were you able to complete/attempt all the questions? You should be very quick during the exam and must finish the easy ones first and then move on to the tough ones. You should have the bookmarks for all the topics and use them instead of search.

Did you get similar questions in both the attempts? I failed in the first attempt and I remember the questions where I missed or committed mistakes, did you practiced those topics. For example, topics like ingress, network policy or side-car configuration, I missed these questions due to time pressure.

Hi,

oh, sorry about that, good luck for next time, if you remember pls help to post the Questions it helps others to prepare more strong

Did you make sure you set the context properly for each set of questions?

can you memorize and share the questions pls

@chiru we can’t discuss official exam questions. It’s against the NDA (Non Disclosure Agreement). Hope you understand this.

Yes, Linux Foundation exams are no jokes (I tried LFCS). Takes notes about what you remember about the exams - that still not cheating, you will remember only topics anyway. Than you have to very honest about to yourself what are the topics you don’t know about enough - people usually know this, but it’s easy to gloss over. Combining the two you will have a list what you can go through. You have to be very quick to finish, there is no time to think about the questions, so maybe worth to wait a few months getting more experience - with labor or real work - until the questions start to sound more “easy”. I think it doesn’t worth to search for more “test exam”, there is not really any, because even LF employees don’t know how the real exam looks like - except the exam division of course.

Hi. I think going through the mock exam multiple times (especially kodekloud one) are good exercise for smoother operation which is required for completing the exam with limited timeframe.

I think the solution depends on the area you’re facing difficulties, but if you would like to go deeper (from different perspective), going through more low-level interface (like kubernetes-the-hard-way), might be one option.

Same topics I failed in my first attempt.
@irfan_raza6 - First of fall I couldn’t able to understand the question in side-car and network policies
so confused

Hi @ramprasath26

Network policies are the pod equivalent of a firewall - basically so you can control what traffic goes in or out of the pod. Here are a few resources

You can upload the recipes from the github repo into the cilium editor to visualise them!


Sidecars are simply additional containers running in a pod. Remember that in Kubernetes, the lowest level workload item is the pod, and a pod can contain one or more containers. Sidecars are generally used to provide some kind of support function to the main application container that’s running your microservice. They can be especially useful when containerising an application that was not built with containers in mind. Here’s a use case:

Application writes its logs to a log file. In kubernetes, pod logs are collected from stdout (i.e. text written to console). You want to get logs from application’s log files which the app writes to e.g. /opt/myapp/logs/app.log into pod logs. In this case we create a sidecar which shares a mounted volume with the application, mounted from the application’s point of view at the directory it writes logs to. Thus the sidecar container can see the file(s) in the application’s log directory and can echo the app logs to stdout.

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: myapp
  name: myapp
spec:
  volumes:
  - name: logvol    # Here we define a segment of disk that exists for the lifetime of the container
    emptyDir: {}    # Provisions a temp directory on the node where the pod is running that is deleted when pod terminates.
  containers:
  - image: myapp:v1 # This is the main container that hosts the hypothetical application
    name: myapp
    volumeMounts:   # Here we mount this shared volume at /opt/myapp/logs in the main application container
    - name: logvol
      mountPath: /opt/myapp/logs
  - image: busybox  # This is the sidecar 
    name: logging-sidecar
    volumeMounts:   # Here we mount this shared volume at /var/logs/myapp in the sidecar container
    - name: logvol
      mountPath: /var/logs/myapp  # Does not have to be the same path in the sidecar
    command:        # The command running in the sidecar container will echo anything
    - tail          # written by myapp to its logfile to stdout so it goes into kubernetes pod log
    - -f
    - /var/logs/myapp/app.log

What did this achieve?

  • We imported an application that is not aware it needs to write logs to stdout for kubernetes to see them.
  • We did not have to make a code change to the application.
  • The application’s logs are forwared to stdout by the sidecar.

Another use case would be to provide HTTPS encryption for your app’s REST API. Say the app was written with only HTTP REST API, i.e. you didn’t put all the plumbing in to support certificates to provide HTTPS. Using a sidecar running nginx which is configured to do the SSL offloading then forward the requests to your main application container means that your app will support HTTPS - again without any code change to the application itself.

1 Like

Thank you so much, Able to understand now. Let me try it

1 Like