top of page

CKAD Sample Questions to Ace the Kubernetes Developer Certification

  • CertiMaan
  • Oct 10, 2025
  • 16 min read

Updated: Dec 24, 2025

Enhance your preparation for the Certified Kubernetes Application Developer ( CKAD ) exam with our hand-picked CKAD sample questions. Designed by Kubernetes experts, these questions reflect real exam complexity, focusing on key domains like pod design, configuration, observability, and multi-container pod patterns. Practice with CKAD dumps, mock exams, and exercises that improve speed and accuracy under pressure. Whether you're a DevOps engineer or an aspiring Kubernetes developer, these CKAD practice exams and real-world use cases provide essential knowledge to pass the certification. Build hands-on skills with simulated questions and take your cloud-native career to the next level.



CKAD Sample Questions List :


1. You are managing a Kubernetes cluster where several applications are running. One of your applications, app-A, is experiencing performance issues due to resource contention with other applications. To resolve this, you need to properly set resource requests and limits for app-A. Which of the following steps should you take? Select two correct answers.

  1. Set a CPU request and limit for app-A to ensure it gets enough CPU resources.

  2. Disable resource limits to allow app-A to use as much CPU and memory as needed.

  3. Set a memory request and limit for app-A to ensure it gets enough memory resources.

  4. Increase the replica count of app-A to distribute the load.

  5. Use kubectl top to monitor resource usage of all pods in the cluster.

2. You are managing a Kubernetes cluster with a microservices-based application. One of the services, inventory-service, is experiencing intermittent issues where pods are terminating unexpectedly. You need to investigate the issue and determine why the pods are failing. Which built-in Kubernetes CLI tool command would you use to gather detailed information about the terminated pods in the inventory-service?

  1. kubectl get pod inventory-service -o yaml

  2. kubectl logs -l app=inventory-service

  3. kubectl describe pod -l app=inventory-service

  4. kubectl top pod -l app=inventory-service

3. You are deploying a logging solution for your application running in Kubernetes. The application itself does not handle log aggregation. You decide to use a sidecar container to collect and send the logs to a centralized logging service. Which design pattern is being used when you deploy a logging agent as a separate container within the same Pod as your application?

  1. Ambassador Pattern

  2. Builder Pattern

  3. Sidecar Pattern

  4. Init Container Pattern

4. You have deployed a service called my-app-service in your Kubernetes cluster, which is not accessible from outside the cluster. You want to expose this service on port 8080 to the external world. Which configuration should you use to achieve this?

  1. Update the Service type to LoadBalancer and set the external port to 8080.

  2. Change the Service type to NodePort and expose port 8080.

  3. Use a ClusterIP Service type and configure a NetworkPolicy to allow external traffic.

  4. Use a headless Service and expose it via a NodePort.

5. You are developing a logging system where logs need to be stored persistently and shared between multiple Pods in a Kubernetes cluster. Which type of volume configuration should you use to achieve this?

  1. EmptyDir

  2. HostPath

  3. ConfigMap

  4. PersistentVolumeClaim (PVC) with ReadWriteMany (RWX) access mode

6. You have deployed a web application in a Kubernetes cluster, and you need to ensure that it doesn't consume more resources than allowed. You want to set the resource limits for CPU and memory in the deployment manifest. What should you do?

  1. Add limits and requests fields under resources in the container spec.

  2. Add limits and requests fields under spec in the deployment manifest.

  3. Set resource limits in the service manifest.

  4. Use kubectl set resources to define resource limits directly.

7. Which type of probe would you configure in a Kubernetes pod to ensure that a container is ready to start accepting traffic?

  1. Startup Probe

  2. Liveness Probe

  3. Readiness Probe

  4. Health Probe

8. You are deploying a web application that requires a primary container to serve HTTP requests and a secondary container to handle log aggregation from the primary container. The secondary container should run alongside the primary container within the same Pod. Which multi-container Pod design pattern should you use?

  1. Sidecar

  2. Adapter

  3. Init Container

  4. Ambassador

9. You need to restrict traffic in your Kubernetes cluster so that only pods in the app namespace can communicate with pods in the db namespace on port 5432. Which NetworkPolicy should you apply in the db namespace?

  1. A NetworkPolicy that allows all ingress traffic to the db namespace.

  2. A NetworkPolicy that allows ingress from the app namespace to the db namespace on port 5432.

  3. A NetworkPolicy that allows ingress from the app namespace to the db namespace on all ports.

  4. A NetworkPolicy that allows egress from the db namespace to the app namespace on port 5432.

10. You need to prevent any single Pod in a namespace from consuming excessive resources and ensure balanced resource distribution. What Kubernetes object should you configure?

  1. Create a ResourceQuota object in the namespace with specified CPU and memory limits.

  2. Create a LimitRange object in the namespace to set default CPU and memory requests and limits for Pods.

  3. Use a PodDisruptionBudget to control resource usage per Pod.

  4. Configure a NetworkPolicy to limit resource usage per Pod.

11. You have a Kubernetes cluster where the application components need to be deployed with specific resource limits and affinity rules to ensure optimal performance. The application consists of a web server, a database, and a cache. The web server should only run on nodes labeled with "type=frontend," and the database should only run on nodes with "type=backend." The cache can run on any node but must always have at least 1 CPU and 2Gi of memory. How would you define the configuration for the web server in this scenario?

  1. Use a StatefulSet with nodeSelector for "type=frontend" and specify resource requests and limits.

  2. Use a Deployment with nodeSelector for "type=frontend" and specify resource limits in the Pod spec.

  3. Use a DaemonSet with nodeSelector for "type=frontend" and specify resource limits in the Pod spec.

  4. Use a Job with nodeSelector for "type=frontend" and specify resource requests and limits.

12. You need to deploy a pod that requires elevated privileges to access certain system resources. Which configuration should you add to the pod spec to allow a specific container to run with these elevated privileges?

  1. Add runAsUser: 0 in the pod's spec.

  2. Set readOnlyRootFilesystem: true in the container's securityContext.

  3. Set privileged: true in the container's securityContext.

  4. Set allowPrivilegeEscalation: true in the pod's metadata.

13. You need to ensure that your Kubernetes application can handle increased load without causing performance degradation. Which of the following approaches would best help you achieve horizontal scaling of your application?

  1. Use a NodePort service to expose your application.

  2. Use a Horizontal Pod Autoscaler (HPA).

  3. Increase the CPU and memory requests for the pods.

  4. Deploy the application using StatefulSets.

14. You are deploying an application in a Kubernetes cluster that requires different configurations for development, staging, and production environments. What is the best practice for managing these environment-specific configurations?

  1. Use a single ConfigMap for all environments and switch configurations based on the pod’s label.

  2. Store configurations in secrets for each environment.

  3. Create separate namespaces for each environment and hard-code configurations in each namespace.

  4. Use environment variables defined in the Deployment manifest.

15. In your Kubernetes cluster, multiple teams are deploying applications, and you need to ensure that no single team consumes all the cluster resources. Which combination of Kubernetes features can help you achieve this goal?

  1. Use ResourceQuotas and LimitRanges to control the total resource usage and set default resource limits per namespace.

  2. Use ConfigMaps to store resource limits and apply them to each pod.

  3. Configure HorizontalPodAutoscalers (HPA) to automatically scale pods based on resource usage.

  4. Deploy DaemonSets in each namespace to control resource usage and enforce limits.

16. Which Kubernetes resource can be used to implement a canary deployment by incrementally increasing the traffic to the new version of an application?

  1. StatefulSet

  2. Service

  3. Ingress

  4. ConfigMap

17. You have a multi-tier application with frontend, backend, and database services running in separate pods. You need to ensure that the frontend pods can only communicate with the backend pods, and the backend pods can only communicate with the database pods. Which configuration should you apply?

  1. Use a ConfigMap to define the allowed IP ranges for each tier and apply it to the pods.

  2. Define a PodSecurityPolicy to control the communication between the pods.

  3. Create a ServiceAccount for each tier and use RoleBindings to restrict communication.

  4. Create a NetworkPolicy for frontend pods that allows egress to backend pods and another for backend pods that allows egress to database pods.

18. You need to perform a canary deployment for a new version of your application to test it with a small percentage of users before fully rolling it out. Which approach using Kubernetes primitives would allow you to achieve this?

  1. Use a Deployment to create a new version of the application and a Service to route 90% of traffic to the old version and 10% to the new version.

  2. Use a Job to deploy the new version and a Service to route traffic based on the Job completion status.

  3. Use a StatefulSet to deploy the new version and configure a Service to split traffic between the old and new versions.

  4. Use a ConfigMap to store the new version's configuration and a Service to route traffic based on ConfigMap values.

19. How can a ConfigMap be used to set environment variables in a Pod?

  1. By referencing it in the Pod's environment field

  2. By applying it to the kube-apiserver configuration

  3. By creating a Secret from it

  4. By mounting it as a volume

20. You are tasked with creating a Kubernetes deployment for an application that requires high availability. The application should have a minimum of 3 replicas running at all times, and it should be distributed across different nodes to ensure resilience. Additionally, you need to ensure that rolling updates are performed with zero downtime. Which of the following configuration options best meets these requirements?

  1. Set replicas to 2 and use a Recreate strategy.

  2. Set replicas to 3 and use a RollingUpdate strategy with maxUnavailable set to 0 and maxSurge set to 1.

  3. Set replicas to 5 and use a Recreate strategy.

  4. Set replicas to 4 and use a RollingUpdate strategy with maxUnavailable set to 1 and maxSurge set to 2.

21. Which component in Kubernetes is responsible for making decisions about whether a request to the API server is allowed to proceed, based on policies defined by the cluster administrators?

  1. Scheduler

  2. Kubelet

  3. Admission Controller

  4. API Server

22. You are designing a Kubernetes application and need to build a container image from a Dockerfile. The application requires a specific version of Node.js and needs to copy source code from your local directory into the image. Which Dockerfile commands should you use to accomplish this?

  1. FROM node:14

COPY . /app

RUN cd /app && npm install

CMD ["node", "app.js"]


  1. FROM node:14

ADD . /app

RUN npm install

CMD ["npm", "start"]


  1. FROM node:latest

COPY /source /app

RUN npm install

CMD ["node", "app.js"]


  1. FROM node:14

COPY . /app

CMD ["npm", "start"]

23. You are tasked with deploying a highly available web application on Kubernetes. The application consists of a frontend and a backend, and you want to ensure the frontend service is always available even if some pods fail. Which of the following options best achieves this?

  1. Create a Deployment for the frontend with a ReplicaSet and use a Service of type ClusterIP.

  2. Create a DaemonSet for the frontend with a Service of type ClusterIP.

  3. Create a StatefulSet for the frontend with a PersistentVolume.

  4. Create a Deployment for the frontend with a ReplicaSet and use a Service of type NodePort.

24. You need to store database credentials securely and access them from a Kubernetes pod in a way that they are available as environment variables to your application. How should you configure this?

  1. Create a Secret and reference it in the pod's environment variables.

  2. Store the credentials in a plain text file in the container image.

  3. Create a ConfigMap and reference it in the pod's environment variables.

  4. Store the credentials directly in the pod's environment variables.

25. Which of the following best describes a Kubernetes Operator?

  1. A method for configuring network policies

  2. A tool for managing cluster nodes

  3. A custom controller that manages complex applications on behalf of the user

  4. A configuration file for setting resource quotas

26. You have a Kubernetes application that comprises a frontend, a backend, and a Redis database. The frontend and backend should be exposed to external traffic, while Redis should only be accessible by the backend. Additionally, you need to ensure that the backend can handle rolling updates without downtime. Which Kubernetes resource configurations should you use to meet these requirements?

  1. Use NodePort for all services and set the backend Deployment strategy to Recreate

  2. Use LoadBalancer for all services and set the backend Deployment strategy to RollingUpdate

  3. Use Ingress for frontend and backend, ClusterIP for Redis, and set RollingUpdate strategy for the backend Deployment

  4. Use DaemonSet for the backend and frontend, StatefulSet for Redis

27. Which of the following Kubernetes resources is primarily used to deploy a scalable web application with multiple replicas?

  1. Service

  2. ConfigMap

  3. Deployment

  4. PersistentVolumeClaim

28. You are managing a Kubernetes cluster with a multi-tier application composed of frontend, backend, and database services. The frontend service is experiencing high latency and timeout issues. To troubleshoot and resolve this issue, which of the following steps should you take? Select two correct answers.

  1. Update the frontend service to use a NodePort instead of a ClusterIP.

  2. Check the network policies between the frontend and backend services.

  3. Analyze the logs of the frontend pods using kubectl logs <frontend-pod>.

  4. Scale up the frontend deployment to increase the number of replicas.

  5. Inspect the resource usage of the frontend pods using kubectl top pods.

29. You need to store database credentials securely in a Kubernetes cluster and ensure they are consumed by the application pods at runtime. Which method should you use to achieve this?

  1. Include the database credentials in the Deployment manifest and pass them as environment variables.

  2. Create a Secret to store the database credentials and mount it as environment variables in the application pods.

  3. Store the database credentials in a ConfigMap and mount it as a volume in the application pods.

  4. Define a StatefulSet to manage the application pods and ensure secure access to the credentials.

30. You are implementing a blue/green deployment strategy to update your application with zero downtime. Which steps and Kubernetes primitives should you use to achieve this?

  1. Scale the old Deployment down to zero replicas and scale the new Deployment up to the desired number of replicas.

  2. Create a new Deployment for the new version, then update the Service to point to the new Deployment once the new version is verified.

  3. Use a StatefulSet to deploy the new version and update the Service selector to point to the new StatefulSet.

  4. Use a DaemonSet to deploy the new version across all nodes, then delete the old DaemonSet once the new version is verified.

31. You need to perform a zero-downtime deployment for a critical application in your Kubernetes cluster. Which deployment strategy should you use to ensure that the application remains available to users during the update process?

  1. Blue-Green Deployment Strategy

  2. RollingUpdate Deployment Strategy

  3. Recreate Deployment Strategy

  4. StatefulSet Deployment

32. Which of the following commands is used to build a Docker image from a Dockerfile for deploying an application on Kubernetes?

  1. docker run myapp

  2. kubectl build myapp

  3. docker build -t myapp .

  4. kubectl apply -f Dockerfile

33. You are deploying a database application in Kubernetes that requires persistent storage for database files and ephemeral storage for temporary cache data. Which volume types should you use for these requirements? Select two correct answers.

  1. PersistentVolumeClaim (PVC) for database files

  2. EmptyDir for database files

  3. HostPath for temporary cache data

  4. ConfigMap for database files

  5. EmptyDir for temporary cache data

34. You need to deploy an application using Kustomize with different configurations for development and production environments. The production environment requires a higher number of replicas and different resource limits compared to the development environment. How can you achieve this using Kustomize?

  1. Use environment variables in the kustomization.yaml file to switch between configurations.

  2. Use different base directories for development and production with separate kustomization.yaml files.

  3. Use a single kustomization.yaml file and modify it manually for each environment before deploying.

  4. Use a base directory with common configurations and overlay directories for development and production with respective kustomization.yaml files.

35. You are deploying an application that runs a container requiring elevated privileges to perform certain operations. How can you configure the Pod to run securely while providing the necessary privileges? Select two correct answers.

  1. Set the securityContext of the Pod to enable privileged mode and add only the necessary capabilities required by the application.

  2. Set the securityContext to runAsNonRoot and add necessary capabilities to the container.

  3. Run the container as the root user without any additional security configurations.

  4. Use a PodSecurityPolicy to allow privileged access and set the securityContext of the Pod to enable privileged mode.

  5. Create a ServiceAccount with elevated permissions and assign it to the Pod

36. You are running a build job in Kubernetes that requires temporary space for compiling source code and intermediate artifacts. The data does not need to persist after the job completes. Which volume type is most appropriate for this scenario?

  1. ConfigMap

  2. PersistentVolumeClaim (PVC)

  3. HostPath

  4. EmptyDir

37. You performed a rolling update on your Deployment, but the new version has a critical bug. What Kubernetes primitives and techniques should you use to rollback to the previous version? Select two correct answers.

  1. Edit the Deployment manifest to use the previous image version and apply it

  2. Scale the current Deployment down to zero and manually create Pods with the previous version

  3. Use kubectl rollout restart deployment/<deployment-name>

  4. Use kubectl delete deployment/<deployment-name> and recreate it with the previous version

  5. Use kubectl rollout undo deployment/<deployment-name>

38. You need to automate the management of a database in your Kubernetes cluster, including tasks like backups, updates, and failover. Which resource should you use to achieve this?

  1. PersistentVolume

  2. PodDisruptionBudget

  3. CustomResourceDefinition (CRD)

  4. Operator

39. You are managing a Kubernetes cluster where a microservices application consists of multiple services. One of the services, payment-service, needs to handle increased load during peak times. You decide to use Horizontal Pod Autoscaling (HPA) to scale the service based on CPU utilization. The payment-service should scale between 2 and 10 replicas, maintaining an average CPU utilization of 60%. How would you configure the HPA to meet the above requirements?

  1. Create an HPA with minReplicas: 2, maxReplicas: 8, and targetCPUUtilizationPercentage: 60.

  2. Create an HPA with minReplicas: 1, maxReplicas: 10, and targetCPUUtilizationPercentage: 50.

  3. Create an HPA with minReplicas: 1, maxReplicas: 12, and targetCPUUtilizationPercentage: 70.

  4. Create an HPA with minReplicas: 2, maxReplicas: 10, and targetCPUUtilizationPercentage: 60.

40. You want to restrict the capabilities of a container in your Kubernetes pod to enhance security. How can you remove all Linux capabilities except for NET_BIND_SERVICE from the container?

  1. Set allowPrivilegeEscalation: false in the container's securityContext.

  2. Define runAsUser: 1000 in the pod's spec.

  3. Configure a PodSecurityPolicy to restrict capabilities.

  4. Use the capabilities field in the container's securityContext to add NET_BIND_SERVICE and drop all others.

41. You have a Kubernetes Deployment for a web application, and you need to update the application to a new version without downtime. Which Kubernetes primitives and techniques should you use to manage this rolling update? Select two correct answers.

  1. Use kubectl set image to update the image of the Deployment

  2. Use a ConfigMap to update the image version

  3. Delete the old Deployment and create a new one with the updated image

  4. Modify the Deployment manifest to update the image and apply it using kubectl apply

  5. Manually scale down the old Deployment and scale up the new one

42. In Kubernetes, which component is primarily responsible for authenticating API requests?

  1. kubelet

  2. kube-apiserver

  3. kube-scheduler

  4. etcd

43. You have a Kubernetes Deployment running a web application. During a rolling update, you notice that the application is becoming unresponsive. Which action can you take to mitigate this issue while ensuring minimal downtime?

  1. Delete the current Deployment and create a new one with the updated image.

  2. Increase the maxUnavailable field in the Deployment strategy.

  3. Scale down the Deployment to zero and then scale it back up.

  4. Increase the maxSurge field in the Deployment strategy.

44. You have a Kubernetes deployment with multiple replicas of a microservice running in your cluster. The microservice depends on a Redis cache. Recently, you've noticed increased response times and occasional errors when the microservice tries to access Redis. What steps should you take to troubleshoot and resolve the issue? Select two correct answers.

  1. Deploy a sidecar container for logging in the Redis pod.

  2. Restart the microservice pods.

  3. Examine the network policies affecting Redis.

  4. Check the resource usage of the Redis pod.

  5. Update the Redis container to the latest version.

45. You have a Kubernetes application deployed in a namespace called prod. The application consists of multiple microservices, and one of the microservices, microservice-A, needs to communicate securely with another microservice, microservice-B. How would you configure the communication to ensure it is secure?

  1. Use a NetworkPolicy to restrict traffic to only allow microservice-A to communicate with microservice-B.

  2. Use a ConfigMap to store the credentials needed for microservice-A to access microservice-B.

  3. Use mutual TLS (mTLS) to encrypt the traffic between microservice-A and microservice-B.

  4. Use a ServiceAccount for microservice-A and configure RBAC to allow access to microservice-B.

46. You are tasked with ensuring that a pod runs with a specific user ID and has a read-only root filesystem for security purposes. How should you configure this in the pod manifest?

  1. Define securityContext with runAsUser and readOnlyRootFilesystem under the metadata of the pod.

  2. Set runAsUser and readOnlyRootFilesystem under containers.

  3. Configure securityContext in the namespace default security policy.

  4. Define securityContext with runAsUser and readOnlyRootFilesystem under the spec of the pod.

47. Which multi-container pod design pattern is used to manage logging, monitoring, or communication services for the main application container?

  1. Ambassador container

  2. Init container

  3. Replication controller

  4. Sidecar container

48. You need to securely manage sensitive data such as database passwords and API keys in your Kubernetes cluster. Which of the following methods should you use? Select two correct answers.

  1. Use plain text files mounted as volumes to store sensitive data.

  2. Store sensitive data in a ConfigMap and reference them in your pods.

  3. Use Kubernetes Secrets to store sensitive data and reference them in your pods.

  4. Store sensitive data in environment variables directly in the deployment YAML files.

  5. Use a third-party secret management tool like HashiCorp Vault integrated with Kubernetes.

49. What is the primary purpose of an init container in a Kubernetes pod?

  1. To initialize some prerequisite tasks before the main application container starts.

  2. To handle logging and monitoring for the main application container.

  3. To restart the main application container in case of failure.

  4. To run continuously alongside the main application container for managing communication.


FAQs


1. What is the CKAD certification and who should take it?

The CKAD certification validates a developer’s ability to design, build, and run applications on Kubernetes. It’s ideal for developers working with containerized applications.

2. Is CKAD worth it for developers in 2025?

Yes, CKAD is highly relevant in 2025, especially with the continued adoption of Kubernetes in DevOps and cloud-native environments.

3. What are the prerequisites for the CKAD exam?

You should have a solid understanding of Kubernetes concepts and experience with containerized applications. Prior exposure to YAML, Docker, and Linux commands is helpful.

4. How difficult is the CKAD certification exam?

It’s moderately difficult, especially due to its performance-based, time-sensitive format. Hands-on practice is essential for success.

5. How do I prepare for the CKAD exam?

Use hands-on labs, practice exams, and mock scenarios. CertiMaan offers CKAD dumps and mock tests, and you can also study from the official Kubernetes curriculum.

6. What topics are covered in the CKAD exam?

Key domains include Pod design, Configuration, Multi-container Pods, Observability, Services & Networking, and State Persistence.

7. How long is the CKAD exam and what is the format?

The exam is 2 hours long and consists of performance-based tasks completed in a command-line environment.

8. What is the passing score for CKAD certification?

You must score at least 66% to pass the exam.

9. Can I take the CKAD exam online from home?

Yes, it’s an online proctored exam that can be taken from home with a stable internet connection.

10. How much does the CKAD exam cost?

The exam fee is $395 USD, which includes one free retake if needed.

11. What is the validity period of the CKAD certification?

The CKAD certification is valid for 3 years from the date of issue.

12. Where can I find the best CKAD practice tests?

CertiMaan provides high-quality CKAD practice exams and realistic mock scenarios aligned with the current exam format.

13. Does CertiMaan offer CKAD dumps or mock exams?

Yes, CertiMaan offers updated CKAD dumps and timed mock tests designed to simulate the real exam environment.

14. How long does it take to prepare for the CKAD exam?

It typically takes 4–6 weeks of consistent study and practice for experienced developers.

15. What is the difference between CKAD and CKA?

CKAD focuses on application development within Kubernetes, while CKA covers cluster administration and management.

16. What kind of jobs can I get with CKAD certification?

Jobs include Kubernetes Developer, DevOps Engineer, Cloud Native Engineer, and Site Reliability Engineer (SRE).

17. What is the average salary after CKAD certification?

Certified professionals often earn between $100,000 and $140,000 annually, depending on role and experience.

18. Which companies prefer CKAD certified professionals?

Companies like Google, Red Hat, VMware, Amazon, and IBM prefer or require CKAD for roles involving Kubernetes.

19. Do I need prior Kubernetes experience to attempt CKAD?

Yes, practical experience with Kubernetes is highly recommended before taking the exam.

20. Are there any free resources for CKAD preparation?

Yes, the official Kubernetes documentation is free and invaluable. CertiMaan also provides limited free practice content alongside premium resources.


Recent Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
CertiMaan Logo

​​

Terms Of Use     |      Privacy Policy     |      Refund Policy    

   

 Copyright © 2011 - 2026  Ira Solutions -   All Rights Reserved

Disclaimer:: 

The content provided on this website is for educational and informational purposes only. We do not claim any affiliation with official certification bodies, including but not limited to Pega, Microsoft, AWS, IBM, SAP , Oracle , PMI, or others.

All practice questions, study materials, and dumps are intended to help learners understand exam patterns and enhance their preparation. We do not guarantee certification results and discourage the misuse of these resources for unethical purposes.

PayU logo
Razorpay logo
bottom of page