Last active
January 4, 2024 18:15
-
-
Save Piotr1215/016ba7218a1a949574786fb9b92382c1 to your computer and use it in GitHub Desktop.
K8s bookmarks for CKA, CKAD and CKS exams
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE NETSCAPE-Bookmark-file-1> | |
| <!-- This is an automatically generated file. | |
| It will be read and overwritten. | |
| DO NOT EDIT! --> | |
| <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"> | |
| <TITLE>Bookmarks</TITLE> | |
| <H1>Bookmarks</H1> | |
| <DL><p> | |
| <DT><H3 ADD_DATE="1626629115" LAST_MODIFIED="1626629462" PERSONAL_TOOLBAR_FOLDER="true">Bookmarks bar</H3> | |
| <DL><p> | |
| <DT><H3 ADD_DATE="1627387551" LAST_MODIFIED="1627387551">K8S-BMKS</H3> | |
| <DL><p> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/kubectl/cheatsheet/" ADD_DATE="1627387551" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAADbElEQVQ4jW2TS2xUdRjFz/f/35k7z86LAcaWBlDSEtBWSgUbUiIYTRtQ6yNRHkZDJBFNBMSNBq0kuNCYaAl1IbJwYcBqFETFKgmMEbAxausQpdQOpsVhOoxt58773v/9XNQ2LPytvvMl56zOAf6DmeXcDRBPDT2WL1tfF8rWCc79/ABugpkF/g/uhsbTg49nctap9/sNs7N7krsOTvNH5/KVXNH8jHO/dTFAN3vmBOevbM1Yi3d8esG85+SAhd+Thr0oKm1lM1JZJZsbgvTgXcBDba5vAtbIB+Rv7JsLYC7v6/tRf+vtvkmkMkUV8hFfy1ryyXt9KFcZfd8XEQtLNVVgWnqLV+59JIjNd1aeJ+k6TPxVh/732s8vdHYXmxb4y1bFJG0qr2j7Ri/aV7qgFPDtryUcO1fEwqBkm9k0TI/zi/3us7Ee530amncvSSTNJUa+RE31mmNDkwsNdU4MDJfpH0OhXGXMDwi891yYR9MWnfml5Lg4XMLQqFwe23Y4JuCrXZOcIB/B5rNDFXjdktc2OimeqPDEtM1jNxQPDFe5/XYXMTPil6oAK4ykOYzI6hYNet3KkbSmmYrNZbUObX5AYN2+63zkhQgFfQIOQbi7UUf7Sym8uSPM9VFJY1lLjaY1J3zLVojJqrfl8liJBUFEayR7dUGb1njg0QlfDhRxZrAEv5vQ0ermgIcoXCMgQPgzZXG25F2lJdPmusRowb6/xS3alutYFJUIeYmOx4u8p8tPlgLe+DjHty6UNC8guXO1GxE/yXjC4KvXAxtoMq8Gn+3N33EpaahyFWLXJj8KZYbLyVQxwQGPQCZnUcSvMQAcOmlAd5Jqvi2g9ex09Iug+cdTB7f7Uj6PLnQH2Uf786iLSrz4cACaBAnB1L01hKBP4MjpPJwOUkG/W3v1CT0RMuLPzBTJuPLoD+NLj+18d4Irpk2bW3W5YrFuG0VFAOB1Sb48XhEnLpaVx+XEoV3BwvrYTx0UaTuvMbMkok+4lDnw8pYFr+/uHTeLVaD3VI6uZW0bAGojglobdGWUwPu3BbX19X/toZq288wsaXZdRGSzVTja0+95+sPTacwLOiDlzDSVDdyYMrFlYxR7O3MHyBF6bdYzG0AEgHFVhx17x6jIVRazmnkzSJCtMaTfZX9HUn+FmYmIGAD+BaUao0aOmMfpAAAAAElFTkSuQmCC">START: cheatSheet: useful commands</A> | |
| <DT><A HREF="https://separator.mayastudios.com/" ADD_DATE="1627387551">-------------------- YAML -------------------</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/audit/audit-policy.yaml" ADD_DATE="1627387551">AUDITPOLICY: auditPolicy spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/application/job/cronjob.yaml" ADD_DATE="1627387551">CRONJOB: cronjbo spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/application/simple_deployment.yaml" ADD_DATE="1627387551">DEPLOY: sample nginx deployment spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/service/networking/minimal-ingress.yaml" ADD_DATE="1627387551">INGRESS: ingress spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/service/networking/nginx-policy.yaml" ADD_DATE="1627387551">NETWORKPOLICY: spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-configmap-envFrom.yaml" ADD_DATE="1627387551">POD: configMap as env</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-configmap-envFrom.yaml" ADD_DATE="1627387551">POD: env as configMapRef [all values]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-single-configmap-env-variable.yaml" ADD_DATE="1627387551">POD: env as configMapKeyRef [single value]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/inject/envars.yaml" ADD_DATE="1627387551">POD: inline environmental variables</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/probe/exec-liveness.yaml" ADD_DATE="1627387551">POD: livenessProbe [command]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/probe/http-liveness.yaml" ADD_DATE="1627387551">POD: livenessProbe [http]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/private-reg-pod.yaml" ADD_DATE="1627387551">POD: imagePullSecrets</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-with-node-affinity.yaml" ADD_DATE="1627387551">POD: nodeAffinity</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-nginx.yaml" ADD_DATE="1627387551">POD: nodeSelector</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/commands.yaml" ADD_DATE="1627387551">POD: command and args</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/inject/pod-secret-envFrom.yaml" ADD_DATE="1627387551">POD: env from secretRef</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-projected-svc-token.yaml" ADD_DATE="1627387551">POD: projected volume [sa token]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/storage/pv-pod.yaml" ADD_DATE="1627387551">POD: persistentVolumeClaim</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/pod-with-toleration.yaml" ADD_DATE="1627387551">POD: tolerations</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/storage/redis.yaml" ADD_DATE="1627387551">POD: volume mount [emptyDir]</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/storage/volumes/#emptydir-configuration-example" ADD_DATE="1627387551">POD: volume mount [hostPath]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/security/security-context.yaml" ADD_DATE="1627387551">POD: securityContext [basic config]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/storage/pv-volume.yaml" ADD_DATE="1627387551">PV: pv spec</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/main/content/en/examples/pods/storage/pv-claim.yaml" ADD_DATE="1627387551">PVC: pvc spec</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/containers/runtime-class/#2-create-the-corresponding-runtimeclass-resources" ADD_DATE="1627387551">RUNTIME-CLASS: spec</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/services-networking/service/#nodeport" ADD_DATE="1627387551">SERVICE: nodePort</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer" ADD_DATE="1627387551">SERVICE: loadBlancer</A> | |
| <DT><A HREF="https://separator.mayastudios.com/" ADD_DATE="1627387551">---------------- TASKS ----------------</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#imagepolicywebhook" ADD_DATE="1627387551">ADMISSION-CONTROLLER: configure ImagePolicyWebhook </A> | |
| <DT><A HREF="https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/" ADD_DATE="1627387551">CLUSTER: installation</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/" ADD_DATE="1627387551">CLUSTER: upgrade</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/#create-a-certificate-signing-request-object-to-send-to-the-kubernetes-api" ADD_DATE="1627387551">CSR: create and execute</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#deploying-the-dashboard-ui" ADD_DATE="1627387551">DASHBOARD: deploy dashboard</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment" ADD_DATE="1627387551">DEPLOY: update deployment and set new image</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#create-a-simple-pod-to-use-as-a-test-environment" ADD_DATE="1627387551">DNS: debug DNS</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#create-a-simple-pod-to-use-as-a-test-environment" ADD_DATE="1627387551">DNS: test resolution</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/#backing-up-an-etcd-cluster" ADD_DATE="1627387551">ETCD: create backup</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/" ADD_DATE="1627387551">KUBELET: config options</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#which-plugins-are-enabled-by-default" ADD_DATE="1627387551">KUBE-API: admissionPlugins [default admission plugins]</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy/#limit-access-to-the-nginx-service" ADD_DATE="1627387551">NETPOL: limit ingress</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/services-networking/network-policies/#behavior-of-to-and-from-selectors" ADD_DATE="1627387551">NETPOL: namespace selector</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts" ADD_DATE="1627387551">NODE: taint node to be unschedulable</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod" ADD_DATE="1627387551">POD: configure pulling images from private repository</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#meaning-of-memory" ADD_DATE="1627387551">POD: configure resources limits</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/cluster-administration/logging/#sidecar-container-with-a-logging-agent" ADD_DATE="1627387551">POD: configure sidecar container with logging agent</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/workloads/pods/init-containers/#init-containers-in-use" ADD_DATE="1627387551">POD: configure initContainer</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-example" ADD_DATE="1627387551">ROLE: create via YAML</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#command-line-utilities" ADD_DATE="1627387551">ROLE: create imperatively</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#kubectl-create-rolebinding" ADD_DATE="1627387551">ROLEBINDING: create imperatively</A> | |
| <DT><A HREF="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole" ADD_DATE="1627387551">ROLEBINGIND: creating declaratively</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/#decoding-secret" ADD_DATE="1627387551">SECRET: decode secret values</A> | |
| <DT><A HREF="https://separator.mayastudios.com/" ADD_DATE="1627387551">---------------- CKS ONLY ----------------</A> | |
| <DT><A HREF="https://gitlab.com/apparmor/apparmor/-/wikis/Documentation" ADD_DATE="1627387551">APPARMOR: Documentation</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tutorials/clusters/apparmor/#securing-a-pod" ADD_DATE="1627387551">APPARMOR: restrict a container's access</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#audit-policy" ADD_DATE="1627387551">AUDITPOLICY: implement audit policy</A> | |
| <DT><A HREF="https://falco.org/docs/rules/supported-fields/" ADD_DATE="1627387551">FALCO: output fields</A> | |
| <DT><A HREF="https://github.com/falcosecurity/falco/blob/master/rules/falco_rules.yaml" ADD_DATE="1627387551">FALCO: default rules</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tasks/tls/certificate-rotation/#enabling-client-certificate-rotation" ADD_DATE="1627387551">KUBELET: enable certificates Rotation for the Kubelet </A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/policy/example-psp.yaml" ADD_DATE="1627387551">PSP: podSecurityPolicy resource</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/security/security-context-4.yaml" ADD_DATE="1627387551">POD: securityContext [capabilities]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/security/security-context-4.yaml" ADD_DATE="1627387551">POD: securityContext [container level add capabilities]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/security/security-context-2.yaml" ADD_DATE="1627387551">POD: securityContext [container level runAs]</A> | |
| <DT><A HREF="https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/pods/security/security-context.yaml" ADD_DATE="1627387551">POD: securityContext [pod level runAs]</A> | |
| <DT><A HREF="https://kubernetes.io/docs/concepts/containers/runtime-class/#2-create-the-corresponding-runtimeclass-resources" ADD_DATE="1627387551">RUNTIMECLASS: usage</A> | |
| <DT><A HREF="https://kubernetes.io/docs/tutorials/clusters/seccomp/#create-pod-with-seccomp-profile-that-only-allows-necessary-syscalls" ADD_DATE="1627387551">SECCOMP: seccompProfile [restrict pod]</A> | |
| <DT><A HREF="https://docs.sysdig.com/?lang=en" ADD_DATE="1627387551">SYSDIG: documentation</A> | |
| <DT><A HREF="https://github.com/aquasecurity/trivy" ADD_DATE="1627387551">TRIVY: documentation</A> | |
| </DL><p> | |
| </DL><p> | |
| </DL><p> |
Thank you for the catch, I've updated the gist. It's great to hear that you find it useful, I use it almost daily and of course during the exams. Good luck with the CKA!
Thanks for bookmarks.
I have one doubt after reading official exam docs:
What resources am I allowed to access during my exam?
CKA & CKAD Exam
During the CKA & CKAD exam, candidates may:
review the Exam content instructions that are presented in the command line terminal
review Documents installed by the distribution (i.e. /usr/share and its subdirectories)
use their Chrome or Chromium browser to open one additional tab in order to access assets at: https://kubernetes.io/docs/, https://github.com/kubernetes/, https://kubernetes.io/blog/ and their subdomains. This includes all available language translations of these pages (e.g. https://kubernetes.io/zh/docs/)
No other tabs may be opened and no other sites may be navigated to (including https://discuss.kubernetes.io/).
a lot of links in bookmarks are pointed to raw.githubusercontent.com/kubernetes/website are you sure that is allowed and doesn't cause any penalties during exam?
I have used the bookmarks even recently in CKS exam without a problem. If you look at the “Resources allowed” section (https://docs.linuxfoundation.org/tc-docs/certification/tips-cka-and-ckad#resources-allowed-during-exam), it states that you can use the Kubernetes Github domain and its subdomains.
Use nslookup on raw.github.com and raw.githubusercontent.com and you will see that they resolve to the same IPs (A record), raw.github.com is a subdomain and raw.githubusercontent.com is an alias.
Can somebody explain to me how I can add the bookmarks to the browser I will be using during the exam?
"Ressources Allowed" says that I will be able to:
- use the browser within the VM to access the following documentation
but I will only gain access to that browser once the exam starts and I did the whole check in process. So how do I add the bookmarks to that browser beforehand? I mean once the exam starts it is too late already, because I am not allowed to take any notes or anything so also no textfiles containing the bookmarks which I could import.... I am so confused...
Looks like the exam environment changed, previously it was possible to use a browser on the host machine to access web pages from the allowed section. In June 2022 the info on the page still stated that it's possible to use your host machine browser., so it looks to be a relatively recent change in the exam process.
I'm leaving the gist as is, but for whoever stumbles upon this in the future.
Warning
I'ts not possible to use host browser any longer and import the bookmarks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
just wanted to say thank you these links, I'm prepping for my CKA and these are a lifesaver. Quick comment though; your cronjob link goes to a pv-claim.yaml sample instead of a cronjob sample. Thanks again!