The preparation for the CKA (Certified Kubernetes Administrator) requires lots of practice and practice. Fortunately, we have lots of online playgrounds to keep practicing, there are lots of free courseware available and lots of paid as well are available. In addition to that, we get two attempts to clear the exam
- There is training conducted by the https://training.linuxfoundation.org/ itself who conducts the CKA exams.
- But I felt this course from Udemy is good https://www.udemy.com/course/certified-kubernetes-administrator-with-practice-tests/, it has videos that explain each concept and have lots of practical sessions and mock exams.
- The https://killer.sh/ is another tool where you can practice and the questions asked in the killer.sh are complex and tests real skill. If we subscribe to the CKA exam, we will get two free sessions to solve the problems in the killer.sh
- https://www.katacoda.com/courses/kubernetes this is very useful if you are a beginner in kubernetes. It starts with a very simple usecase/scenario and we can solve in our own pace and try any number of times
- https://killercoda.com/ is another useful online tool that we can use like a playground to solve scenario-based problems
It is good to have some basic understanding of Linux networking concepts and commands as in the CKA exam we will be asked to solve the network related issue
• To get the physical Ethernet available
○ ip link
○ ip addr
• To add an IP address to a interface
○ ip addr add 192.168.1.11/24 dev <ens3>
• To get the list of IP routing tables
○ route
○ ip route
• To add a routing to target via a gateway
○ ip route add <192.168.2.0/24> via <192.168.1.1>
§ 192.168.1.1 - is the IP address where the 'Router' is connected to the network and acts like a gateway
§ 192.168.2.0/24 - is the CIDR of the target network
• To forward traffic/packets from one interface to another interface in the router or gateway
○ Edit /proc/sys/net/ipv4/ip_forward
§ Set the value to '1' but this will not be preserved on reboots
○ Edit /etc/sysctl.conf --> add an entry 'net.ipv4.ip_forward=1'
§ This change will be preserved on reboots
• To know which DNS server our machine is talking to
○ /etc/resolv.conf
§ We can have multiple nameservers defined
§ Add entry like 'nameserver 8.8.8.8' to point to a public DNS server hosted by google
• Search domain
○ We can specify the domain name that we want to append with user given URL
○ An entry like below in /etc/resolv.conf solves this
§ 'search mycompany.com'
• The order to resolve when duplicate entries are seen in local /etc/hosts and in DNS server
○ /etc/nsswitch.conf
§ Add entry like 'hosts: files dns' --> Here the first preference goes to local /etc/hosts and then to DNS
• To test DNS resolution
○ nslookup www.google.com
§ nslookup will not consider the entries in /etc/hosts file
○ dig www.google.com
§ This will give more details
• Network namespaces
○ ip netns add <red>
§ For creating the namespaces
○ ip netns
§ for listing the namespaces
○ ip netns exec <red> ip link
OR
○ ip -n <red> ip link
§ For executing commands inside namespaces
• Address Resolution Protocol (ARP) table
○ arp
○ ip netns exec red arp
• Virtual Ethernet
○ ip link add <veth-red> type veth
§ For creating a virtual ethernet
○ ip link add <veth-blue> type veth peer name <veth-red>
○ ip link set veth-blue netns blue
§ For assigning the veth to a namespace
○ ip -n red link del veth-red
• Assigning IP addresses for virtual ethernet interfaces
○ ip -n <red> addr add 192.168.15.1 dev <veth-red>
○ ip -n <red> link set veth-red up
• Virtual Bridge
○ ip link add v-net-0 type bridge
§ This will acts like a virtual switch where the network namespaces can connect to
• netstat -nptl
○ To know the list of process and in which port it is listening to
• netstat -anp
○ To know the list of active connection etc
• iptables -L -t net | grep db-service
• host web-service
Will print the Fully Qualified Domain Name (FQDN) where it is accessible from
No comments:
Post a Comment