0
0
Kubernetesdevops~20 mins

Container Network Interface (CNI) in Kubernetes - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
CNI Mastery Badge
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
1:30remaining
What is the primary role of a CNI plugin in Kubernetes?

Choose the best description of what a Container Network Interface (CNI) plugin does in a Kubernetes cluster.

AIt schedules pods to nodes based on resource availability.
BIt manages the network connectivity of containers, assigning IP addresses and setting up routes so pods can communicate.
CIt stores container images and manages image versions.
DIt monitors cluster health and restarts failed pods automatically.
Attempts:
2 left
💡 Hint

Think about how pods get their IP addresses and talk to each other.

💻 Command Output
intermediate
1:30remaining
Output of 'kubectl get pods -o wide' with CNI plugin installed

What output would you expect from kubectl get pods -o wide if the CNI plugin is correctly installed and working?

Kubernetes
kubectl get pods -o wide
A
NAME       READY   STATUS    RESTARTS   AGE   IP           NODE       NOMINATED NODE   READINESS GATES
app-1      1/1     Running   0          5m    10.244.1.5   node-1     <none>           <none>
B
NAME       READY   STATUS    RESTARTS   AGE   NODE       NOMINATED NODE   READINESS GATES
app-1      1/1     Running   0          5m    node-1     <none>           <none>
CError from server (NotFound): pods not found
D
NAME       READY   STATUS    RESTARTS   AGE   IP           NODE       NOMINATED NODE   READINESS GATES
app-1      0/1     Pending   0          5m    <none>       node-1     <none>           <none>
Attempts:
2 left
💡 Hint

Look for the presence of an IP address assigned to the pod.

Configuration
advanced
2:00remaining
Identify the error in this CNI configuration snippet

Given this CNI configuration JSON snippet, which option correctly identifies the error?

Kubernetes
{
  "cniVersion": "0.3.1",
  "name": "my-cni",
  "type": "bridge",
  "bridge": "cni0",
  "ipam": {
    "type": "host-local",
    "subnet": "10.244.0.0/16",
    "rangeStart": "10.244.0.10",
    "rangeEnd": "10.244.0.5",
    "routes": [{"dst": "0.0.0.0/0"}]
  }
}
AThe rangeStart IP is greater than rangeEnd, which is invalid for IP allocation range.
BThe routes field must be outside the ipam block.
CThe cniVersion '0.3.1' is not supported by Kubernetes.
DThe bridge name 'cni0' is reserved and cannot be used.
Attempts:
2 left
💡 Hint

Check the IP range values for logical order.

Troubleshoot
advanced
1:30remaining
Troubleshooting pod network connectivity failure

A pod in your Kubernetes cluster cannot reach other pods on different nodes. You suspect a CNI plugin issue. Which command helps you check if the CNI plugin is installed and running on a node?

Akubectl get services
Bkubectl get pods --all-namespaces
Ckubectl describe node node-1
Dkubectl get daemonset -n kube-system
Attempts:
2 left
💡 Hint

CNI plugins often run as daemonsets in the kube-system namespace.

Best Practice
expert
2:30remaining
Best practice for upgrading a CNI plugin in a production cluster

What is the safest approach to upgrade a CNI plugin in a live Kubernetes cluster to avoid network downtime?

AUpgrade the CNI plugin on the master node only, then restart all worker nodes.
BDelete the existing CNI daemonset and immediately apply the new version to all nodes at once.
CDrain each node one by one, upgrade the CNI plugin daemonset, then uncordon the node before moving to the next.
DStop all pods, upgrade the CNI plugin, then restart the cluster.
Attempts:
2 left
💡 Hint

Consider how to keep network available while upgrading nodes.