Create a deployment spec file that will:
Launch 7 replicas of the nginx Image with the labelapp_runtime_stage=dev
deployment name: kual00201
Save a copy of this spec file to /opt/KUAL00201/spec_deployment.yaml
(or /opt/KUAL00201/spec_deployment.json).
When you are done, clean up (delete) any new Kubernetes API object that you produced during this task.
Score:7%
Task
Create a new PersistentVolumeClaim
• Name: pv-volume
• Class: csi-hostpath-sc
• Capacity: 10Mi
Create a new Pod which mounts the PersistentVolumeClaim as a volume:
• Name: web-server
• Image: nginx
• Mount path: /usr/share/nginx/html
Configure the new Pod to have ReadWriteOnce access on the volume.
Finally, using kubectl edit or kubectl patch expand the PersistentVolumeClaim to a capacity of 70Mi and record that change.
Score: 5%
Task
Monitor the logs of pod bar and:
• Extract log lines corresponding to error file-not-found
• Write them to /opt/KUTR00101/bar
A Kubernetes worker node, named wk8s-node-0 is in state NotReady. Investigate why this is the case, and perform any appropriate steps to bring the node to a Ready state, ensuring that any changes are made permanent.
You can ssh to the failed node using:
[student@node-1] $ | ssh Wk8s-node-0
You can assume elevated privileges on the node with the following command:
[student@w8ks-node-0] $ | sudo –i
Monitor the logs of pod foo and:
Extract log lines corresponding to error
unable-to-access-website
Write them to/opt/KULM00201/foo
Task Weight: 4%
Task
Scale the deployment webserver to 3 pods.
Create a Kubernetes secret as follows:
Name: super-secret
password: bob
Create a pod named pod-secrets-via-file, using the redis Image, which mounts a secret named super-secret at /secrets.
Create a second pod named pod-secrets-via-env, using the redis Image, which exports password as CONFIDENTIAL
Score: 7%
Task
Create a new NetworkPolicy named allow-port-from-namespace in the existing namespace echo. Ensure that the new NetworkPolicy allows Pods in namespace my-app to connect to port 9000 of Pods in namespace echo.
Further ensure that the new NetworkPolicy:
• does not allow access to Pods, which don't listen on port 9000
• does not allow access from Pods, which are not in namespace my-app
Create a pod named kucc8 with a single app container for each of the
following images running inside (there may be between 1 and 4 images specified):
nginx + redis + memcached.
From the pod label name=cpu-utilizer, find pods running high CPU workloads and
write the name of the pod consuming most CPU to the file /opt/KUTR00102/KUTR00102.txt (which already exists).
F:\Work\Data Entry Work\Data Entry\20200827\CKA\10 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\10 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 D.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\20 E.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\1 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\12 D.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 C.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\5 D.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\16 B.JPG
F:\Work\Data Entry Work\Data Entry\20200827\CKA\16 C.JPG