Bird
Raised Fist0
Azurecloud~20 mins

AKS cluster creation in Azure - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
AKS Mastery Badge
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Architecture
intermediate
2:00remaining
Choosing the Right Node Pool Configuration

You want to create an AKS cluster optimized for a mix of CPU-intensive and memory-intensive workloads. Which node pool configuration best supports this scenario?

ACreate a single node pool with Standard_B2s VM size to save costs.
BCreate a single node pool with Standard_D4s_v3 VM size for all workloads.
CCreate two node pools both with Standard_D2s_v3 VM size for simplicity.
DCreate two node pools: one with Standard_F8s (CPU optimized) and another with Standard_E8s_v3 (memory optimized).
Attempts:
2 left
💡 Hint

Think about separating workloads by resource needs to optimize performance.

Configuration
intermediate
2:00remaining
Correct Azure CLI Command for AKS Creation

Which Azure CLI command correctly creates an AKS cluster named 'myAKSCluster' in resource group 'myResourceGroup' with 3 nodes?

Aaz aks create --resource-group myResourceGroup --cluster-name myAKSCluster --nodes 3
Baz aks create --resource-group myResourceGroup --name myAKSCluster --node-count 3 --enable-addons monitoring
Caz aks create --resource-group myResourceGroup --name myAKSCluster --node-count three
Daz aks create --resource-group myResourceGroup --name myAKSCluster --node-count 0
Attempts:
2 left
💡 Hint

Check the correct parameter names and valid values for node count.

security
advanced
2:00remaining
Securing AKS Cluster API Server Access

You want to restrict access to the AKS API server to only your corporate IP range 203.0.113.0/24. Which configuration achieves this?

AEnable API server authorized IP ranges with 203.0.113.0/24 during cluster creation.
BUse Azure Firewall to block all IPs except 203.0.113.0/24 after cluster creation.
CConfigure network policies inside the cluster to restrict API server access.
DSet up a VPN gateway and connect to the cluster through VPN only.
Attempts:
2 left
💡 Hint

Consider built-in AKS features for API server access control.

service_behavior
advanced
2:00remaining
Effect of Enabling Cluster Autoscaler

What happens when you enable the cluster autoscaler on an AKS node pool with min nodes 1 and max nodes 5?

AThe node pool will automatically scale between 1 and 5 nodes based on pod resource demands.
BThe node pool will always maintain 5 nodes regardless of workload.
CThe node pool will scale down to zero nodes when no pods are running.
DThe node pool will only scale up but never scale down.
Attempts:
2 left
💡 Hint

Think about how autoscaler adjusts node count based on workload.

Best Practice
expert
2:00remaining
Best Practice for Managing Secrets in AKS

Which approach is the best practice for securely managing sensitive data like database passwords in an AKS cluster?

AStore secrets in ConfigMaps since they are easier to manage than Secrets.
BHardcode secrets in container environment variables for easy access.
CStore secrets in Kubernetes Secrets and enable encryption at rest with Azure Key Vault integration.
DKeep secrets in plain text files inside container images for simplicity.
Attempts:
2 left
💡 Hint

Consider security and encryption features available in AKS and Azure.

Practice

(1/5)
1. What is the main purpose of creating an AKS cluster in Azure?
easy
A. To host traditional web applications without containers
B. To create virtual machines for general computing
C. To store large amounts of unstructured data
D. To run and manage containerized applications using Kubernetes

Solution

  1. Step 1: Understand AKS functionality

    AKS (Azure Kubernetes Service) is designed to run and manage containerized applications using Kubernetes orchestration.

  2. Step 2: Differentiate from other Azure services

    Virtual machines, storage, and web hosting are handled by other Azure services, not AKS.

  3. Final Answer:

    To run and manage containerized applications using Kubernetes -> Option D

  4. Quick Check:

    AKS = Kubernetes container management [OK]
Hint: AKS is for Kubernetes container orchestration [OK]
Common Mistakes:
  • Confusing AKS with VM creation
  • Thinking AKS is for storage
  • Assuming AKS hosts non-container apps
2. Which Azure CLI command correctly creates an AKS cluster named myCluster in resource group myGroup with 3 nodes?
easy
A. az create aks --rg myGroup --cluster-name myCluster --count 3
B. az aks create --resource-group myGroup --name myCluster --node-count 3
C. az aks new --group myGroup --cluster myCluster --nodes 3
D. az aks deploy --resource-group myGroup --name myCluster --nodes 3

Solution

  1. Step 1: Identify correct Azure CLI syntax

    The correct command to create an AKS cluster uses az aks create with parameters --resource-group, --name, and --node-count.

  2. Step 2: Compare options

    Only az aks create --resource-group myGroup --name myCluster --node-count 3 uses the correct command and parameter names as per Azure CLI documentation.

  3. Final Answer:

    az aks create --resource-group myGroup --name myCluster --node-count 3 -> Option B

  4. Quick Check:

    Correct CLI syntax = az aks create --resource-group myGroup --name myCluster --node-count 3 [OK]
Hint: Use 'az aks create' with --resource-group, --name, --node-count [OK]
Common Mistakes:
  • Using wrong command verbs like 'new' or 'deploy'
  • Incorrect parameter names like --group or --nodes
  • Mixing command order or missing required flags
3. What will be the result of this command?
az aks create --resource-group myGroup --name myCluster --node-count 2 --enable-managed-identity --ssh-key-value ~/.ssh/id_rsa.pub
medium
A. Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled
B. Creates an AKS cluster with 2 nodes but disables SSH access
C. Fails because --enable-managed-identity is not a valid flag
D. Creates an AKS cluster with 2 nodes but without managed identity

Solution

  1. Step 1: Analyze command flags

    The command uses --enable-managed-identity to enable managed identity and --ssh-key-value to set SSH public key for node access.

  2. Step 2: Understand expected behavior

    This command creates a cluster with 2 nodes, managed identity enabled, and SSH access configured using the provided key.

  3. Final Answer:

    Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled -> Option A

  4. Quick Check:

    Managed identity + SSH key = Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled [OK]
Hint: Managed identity and SSH flags enable secure access [OK]
Common Mistakes:
  • Assuming --enable-managed-identity is invalid
  • Thinking SSH is disabled without extra flags
  • Confusing managed identity with service principal
4. You run this command but get an error:
az aks create --resource-group myGroup --name myCluster --node-count two

What is the likely cause?
medium
A. The cluster name cannot be 'myCluster'
B. The resource group name is invalid
C. The node count must be a number, not a word
D. The command is missing the --enable-managed-identity flag

Solution

  1. Step 1: Check parameter types

    The --node-count parameter expects a numeric value, but 'two' is a word, causing a syntax error.

  2. Step 2: Validate other parameters

    Resource group and cluster name are valid strings; managed identity flag is optional.

  3. Final Answer:

    The node count must be a number, not a word -> Option C

  4. Quick Check:

    Numeric node count required = The node count must be a number, not a word [OK]
Hint: Node count must be numeric, not text [OK]
Common Mistakes:
  • Using words instead of numbers for counts
  • Assuming resource group or name causes error
  • Thinking managed identity flag is mandatory
5. You want to create an AKS cluster with 4 nodes, enable managed identity, and use a custom SSH key located at /keys/mykey.pub. Which command is correct?
hard
A. az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub
B. az aks create --resource-group myGroup --name myCluster --nodes 4 --enable-msi --ssh-key /keys/mykey.pub
C. az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity
D. az aks create --resource-group myGroup --name myCluster --node-count 4 --ssh-key-value /keys/mykey.pub

Solution

  1. Step 1: Verify required parameters

    The command must specify --node-count 4, --enable-managed-identity, and --ssh-key-value with the correct path.

  2. Step 2: Check option correctness

    az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub uses correct parameter names and includes all required flags. Other options have incorrect flags or missing parameters.

  3. Final Answer:

    az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub -> Option A

  4. Quick Check:

    Correct flags and values = az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub [OK]
Hint: Use full flag names and correct SSH key path [OK]
Common Mistakes:
  • Using shorthand or incorrect flags like --nodes or --ssh-key
  • Omitting managed identity flag
  • Forgetting to specify SSH key path