

Important Directories to Know for Kubernetes CKA Exam
source link: https://brandonwillmott.com/2020/10/01/important-directories-to-know-for-kubernetes-cka-exam/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.


Important Directories to Know for Kubernetes CKA Exam
While I’m not an advanced Linux user, I’m comfortable navigating a Linux filesystem. But the lack of a GUI always gave me a bit of anxiety when trying to find where a binary or config file lives. To amplify that frustration, while preparing for the CKA 1.19 exam, I realized that Kubernetes doesn’t store things in one directory so to help myself visualize and remember the directories better, I made the below graphic that illustrates the directories that are necessary for troubleshooting a Kubernetes cluster. In this post, we’ll explore how Kubernetes uses each directory and it’s importance for the CKA.

Exploring Each Directory
$HOME/.kube
Contains the kubeconfig which is the brains behind the kubectl command. It specifies the Kubernetes API server address, certificates, and context (cluster, namespace, and user info) necessary for a terminal user to interact with the Kubernetes API. A sample kubeconfig is shown below:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LOTOFRANDOMNUMBERSANDLETTERSFORKEY
server: https://192.168.1.117:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: LOTOFRANDOMNUMBERSANDLETTERSFORKEY
client-key-data: LOTOFRANDOMNUMBERSANDLETTERSFORKEY
NOTE: While it’s called kubeconfig, Kubernetes looks for the filename config
by default. Learn more about kubeconfigs in the Kubernetes documentation.
/etc/kubernetes
At first I thought, “YES! There will be a single directory that Kubernetes uses for all it’s config files!” I was willing to give Kubernetes a pass on the kubeconfig being a user-specific file…but I was wrong! But if there were a primary directory for Kubernetes, /etc/kubernetes
/ would be it in my opinion. It contains two directories:
- manifest/
- pki/etcd/
/etc/kubernetes/manifest/
On master nodes, this directory contains the manifests (configurations) for the components that make up Kubernetes: etcd, kube-apiserver, kube-controller-manager, and kube-scheduler. These are referred to as Static Pods which are managed by the kubelet daemon on a node, visible to the kube-apiserver, but not scheduled by kube-scheduler. This process allows Kubernetes to run as pods without the “chicken or the egg?” problem.
This is an important directory during troubleshooting the CKA exam! If there’s anything wrong with core Kubernetes services and functionality, you can correct it here. You could have a variety of scenarios:
- kube-apiserver isn’t pointing to the correct mountPath or hostPath for certificates
- Pods are getting scheduled because kube-scheduler.yaml is pointing to the wrong image
- etcd isn’t working because there’s inconsistent TCP/IP ports
- Container command sections have typos or not pointing to the correct TCP/IP port or configuration/certificate file path
/etc/kubernetes/pki/
While pki/
itself contains certificates and keys, I haven’t found that I needed to know about them for the CKA exam. Below shows it’s content and the real reason we’re here: etcd/
.
/etc/kubernetes/pki/etcd/
pki/etcd/
contains the key and certificates for etcd to run in Kubernetes. We specifically need to know about this directory and it’s contents to backup and restore etcd!
/etc/cni/net.d/
This is the default directory that contain the configuration files for the container network interface (CNI) plugin that is running on the node. It’s specified by the --cni-conf-dir
switch when the CNI plugin runs.
During cluster troubleshooting, seeing a configuration file in this directory should let you know that a CNI plugin is configured and running in the cluster. You can also verify by looking at the pods running in the kube-system namespace. This particular Kubernetes cluster is running weave-net:

/opt/cni/bin/
Having a CNI configured in the cluster is critical for pod communication and cluster DNS and that’s where /opt/cni/bin/
comes into play. While /etc/cni/net.d/
contains the CNI configuration file, /opt/cni/bin/
contains the CNI binaries (and is specified in the CNI configuration using --cni-bin-dir
).

On this node, the only CNI I have configured is weave-net so that binary is listed in this directory.
/var/lib/
Contains two important directories for Kubernetes:
- kubelet/
- etcd/
/var/lib/kubelet/
Primarily, this directory contains the kubelet manifest (config.yaml). The kubelet is the agent that runs on a Kubernetes node and is responsible for making sure pods are running and healthy on the node and communicating with kube-apiserver. For the CKA exam, if static pods aren’t running in the cluster, check staticPodPath and ensure that it’s pointing to /etc/kubernetes/manifests
/.
/var/lib/etcd/
This is the etcd data directory and stores two important components (that I’ve found for the CKA):
- etcd database
- etcd snapshots

Notice this is etcd/member/snap/
. I didn’t specify that level of detail in the graphic above since I haven’t interacted with the directory with this level of detail while preparing for the CKA. Instead, I’ve only used the --data-dir
flag when restoring an etcd database which only requires specifying where the new etcd database will reside.
While preparing for the CKA, this visualization of the directories to know for the exam has been helpful to me. I hope it helps you as well as you prepare! Feel free to say hello on Twitter or LinkedIn!
Recommend
-
56
最近花了些时间完成了CNCF官方基金会推出的CKA(Certified Kubernetes Administrator)认证考试,这边文章就简单说一下CKA认证考试是撒,以及参加考试一些准备过程。 更多详细信息,请参考本文末尾的参考资料部分的CKA candidate handboo...
-
37
CKA认证考试心得
-
17
CKA考试相关说明及经验总结 什么是CKA考试? CKA全称是Certified Kubernetes Administrator,即Kubernetes认证管理员,由CNCF官方组织考试并颁发证书,应该来说还是比较权威的,还有一个是CKAD考试,对于报考人员的要...
-
8
CKA 2020 Curriculum for Kubernetes v1.19 Leave a reply *** LIVE DOCUMENT *** Las...
-
10
1 什么是CKA CKA,即Certificated Kubernetes Administrator,CNCF官方提供的Kubernetes技能认证,含金量还是不错的。还有CKAD,相对简单一些,没有必要两个都考。最近还出了...
-
9
Zero to CKA in 2 WeeksSkip to main content Prior to the 2 weeks leading up to my CKA exam, I had no Kubernetes knowledge to speak of. I didn’t k...
-
18
I previously wrote about my first CKA exam attempt, I wanted to share things I’ve reflected on and plan to change for my second attempt. I hope these tips will b...
-
9
The time finally came for me to take the CKA exam on October 29, 2020. I felt about 90% confident that I would pass but came up short and scored 51% (66% needed to pass). I feel that this represented 1-3 questions that I got wrong so I feel c...
-
8
技术之前,先读诗书:世人若被明日累,春去秋来老将至。 How to pass the CKA exam ...
-
3
Kubernetes CKA 实训免费视频课程-阳明的博客|Kubernetes|Istio|Prometheus|Python|Golang|云原生 本系列课程参考 CKA (Certificted Kubernetes Administrator) 知识体系进行课程设计,并结合华为在 kubernetes 项目推广过程中的实...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK