CKA Ultimate Mock Exam 2: Question 11

olakunlecrown28 · May 2, 2025, 9:24pm

Hi,

Please I need help understanding this question. To be honest, I don’t even know if it’s a core kubernetes problem. lol. I was absolutely certain that the problem was from the configmap but I didn’t know how to fix it. Nor did I know where to look in the documentation. I was just LOST! I am hoping someone can help me find my feet.

After reviewing the solution, I feel like the answer lies in Using sub-paths. but truth be told, I am still struggling to know how I would have figured that out.

I would greatly appreciate any explanation offered.

The question is:

SECTION: TROUBLESHOOTING


Solve this question on: ssh cluster4-controlplane


Troubleshoot and resolve the issue with the deployment named 
nginx-frontend in the cka4974 namespace, which is currently 
failing to run. Note that the application is intended to serve traffic 
on port 81.

The solution:

SSH into the cluster4-controlplane host
ssh cluster4-controlplane

Let's check the POD status
kubectl get pod -n cka4974
NAME                              READY   STATUS             RESTARTS      AGE
nginx-frontend-64f67d769f-7wfzc   0/1     CrashLoopBackOff   2 (18s ago)   34s

You will see that nginx-frontend pod is crashing or restarting. So let's try to describe the pod.

kubectl logs -f kube-controller-manager-cluster4-controlplane  -n kube-system

You will see some logs as below:

  Warning  Failed     1s (x5 over 86s)  kubelet            Error: failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/var/lib/kubelet/pods/f4d8bbc7-5ac6-472e-a5c8-5b5cacb9ac03/volumes/kubernetes.io~configmap/nginx-conf-vol" to rootfs at "/etc/nginx/conf.d/default.conf": mount /var/lib/kubelet/pods/f4d8bbc7-5ac6-472e-a5c8-5b5cacb9ac03/volumes/kubernetes.io~configmap/nginx-conf-vol:/etc/nginx/conf.d/default.conf (via /proc/self/fd/6), flags: 0x5001: not a directory: unknown
  Warning  BackOff    1s (x8 over 85s)  kubelet            Back-off restarting failed container nginx in pod nginx-frontend-64f67d769f-7wfzc_cka4974(f4d8bbc7-5ac6-472e-a5c8-5b5cacb9ac03)

The volume mount tries to mount a ConfigMap directory directly over a file path without using subPath. This causes NGINX to crash with an invalid mount error.

Correct the deployment
kubectl edit -n cka4974 deployments.apps nginx-frontend

In the volumeMounts section, update it to the following:

volumeMounts:
        - mountPath: /etc/nginx/conf.d/default.conf
          name: nginx-conf-vol
          subPath: default.conf

rob_kodekloud · May 2, 2025, 9:51pm

This is a sort of “corner case” when you’re mounting into a ConfigMap as if it were a directory. The problem is trying to show the use case for “subPath”. The ConfigMap’s data looks like this:

data:
  default.conf: |
    server {
    listen       81;
    listen  [::]:81;
    server_name  localhost;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
    }

The CM is declared as a volume as

      volumes:
      - configMap:
          defaultMode: 420
          name: nginx-default-conf
        name: nginx-conf-vol

So the original volumeMount doesn’t quite work:

        volumeMounts:
        - mountPath: /etc/nginx/conf.d/default.conf
          name: nginx-conf-vol

because the config map is actually encoding the directory, and not the files in that directory. Adding the subPath allows K8s to find the right key in the CM:

volumeMounts:
        - mountPath: /etc/nginx/conf.d/default.conf
          name: nginx-conf-vol
          subPath: default.conf

The point here isn’t to be tricky: the point here is to teach you how to use subPath, and why you might need it.

olakunlecrown28 · May 2, 2025, 10:17pm

Thank you so much for your usual thoroughness @rob_kodekloud! Greatly appreciated.