1
Deploy a pod named nginx-448839 using the nginx:alpine image.
정답
k run nginx-448839 --image=nginx:alpine
2
Create a namespace named apx-z993845
정답
k create ns apx-z993845
3
Create a new Deployment named httpd-frontend with 3 replicas using image httpd:2.4-alpine
정답
create deployment httpd-frontend --replicas=3 --image=httpd:2.4-alpine
4
Deploy a messaging pod using the redis:alpine image with the labels set to tier=msg.
정답
k run messaging --image=redis:alpine -l tier=msg
5
A replicaset rs-d33393 is created. However the pods are not coming up. Identify and fix the issue.
Once fixed, ensure the ReplicaSet has 4 Ready replicas.
정답
k get replicasets.apps
k describe rs rs-d33393
k get po
k describe po rs-d33393-4chgv
k get rs rs-d33393 -o yaml > 5.yaml
k get rs rs-d33393 -o yaml > 5_md.yaml
vi 5_md.yaml
k delete rs rs-d33393 --force
k apply -f 5_md.yaml
k get po image: busyboxXXXXXXX -> busybox로 수정controlplane ~ ➜ cat 5_md.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
creationTimestamp: "2025-01-30T14:32:46Z"
generation: 1
name: rs-d33393
namespace: default
spec:
replicas: 4
selector:
matchLabels:
name: busybox-pod
template:
metadata:
creationTimestamp: null
labels:
name: busybox-pod
spec:
containers:
- command:
- sh
- -c
- echo Hello Kubernetes! && sleep 3600
image: busybox
imagePullPolicy: IfNotPresent
name: busybox-container
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
status:
fullyLabeledReplicas: 4
observedGeneration: 1
replicas: 46
Create a service messaging-service to expose the redis deployment in the marketing namespace within the cluster on port 6379.
정답
k get deployments.apps -n marketing
k expose deployment redis -n marketing --port=6379 --name=messaging-service7
Update the environment variable on the pod webapp-color to use a green background.
정답
k get po webapp-color
k get po webapp-color -o yaml > 7.yaml
k get po webapp-color -o yaml > 7_md.yaml
vi 7_md.yaml
k delete po webapp-color --force
k apply -f 7_md.yaml pink -> green 으로 수정
controlplane ~ ➜ cat 7_md.yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
cni.projectcalico.org/containerID: d7e1c170d6d5fd082d1fee20e99c1fa743346bfed6b09217ffc78419cd5c25b6
cni.projectcalico.org/podIP: 172.17.0.7/32
cni.projectcalico.org/podIPs: 172.17.0.7/32
creationTimestamp: "2025-01-30T14:22:48Z"
labels:
name: webapp-color
name: webapp-color
namespace: default
spec:
containers:
- env:
- name: APP_COLOR
value: green
image: kodekloud/webapp-color
imagePullPolicy: Always
name: webapp-color
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-4vvcr
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: controlplane
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-4vvcr
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2025-01-30T14:22:58Z"
status: "True"
type: PodReadyToStartContainers
- lastProbeTime: null
lastTransitionTime: "2025-01-30T14:22:49Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2025-01-30T14:22:58Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2025-01-30T14:22:58Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2025-01-30T14:22:49Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: containerd://ce0aa5a4aa358b8fe1fe92b09dc0d1d993aab560a6fee1c9959faa93bb609e92
image: docker.io/kodekloud/webapp-color:latest
imageID: docker.io/kodekloud/webapp-color@sha256:99c3821ea49b89c7a22d3eebab5c2e1ec651452e7675af243485034a72eb1423
lastState: {}
name: webapp-color
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2025-01-30T14:22:58Z"
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-4vvcr
readOnly: true
recursiveReadOnly: Disabled
hostIP: 192.168.122.169
hostIPs:
- ip: 192.168.122.169
phase: Running
podIP: 172.17.0.7
podIPs:
- ip: 172.17.0.7
qosClass: BestEffort
startTime: "2025-01-30T14:22:49Z"8
Create a new ConfigMap named cm-3392845. Use the spec given on the below.
정답
controlplane ~ ➜ cat 8.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: cm-3392845
data:
DB_NAME: SQL3322
DB_HOST: sql322.mycompany.com
DB_PORT: "3306"9
Create a new Secret named db-secret-xxdf with the data given (on the below).
참고
https://kubernetes.io/docs/reference/kubectl/generated/kubectl_create/kubectl_create_secret_generic/
정답
k create secret generic db-secret-xxdf --from-literal=DB_Host=sql01 --from-literal=DB_User=root --from-literal=DB_Password=password123
10
Update pod app-sec-kff3345 to run as Root user and with the SYS_TIME capability.
정답
controlplane ~ ➜ cat 10.yaml
apiVersion: v1
kind: Pod
metadata:
name: app-sec-kff3345
spec:
containers:
- name: ubuntu
image: ubuntu
securityContext:
runAsUser: 0
capabilities:
add: ["SYS_TIME"]11
Export the logs of the e-com-1123 pod to the file /opt/outputs/e-com-1123.logs
It is in a different namespace. Identify the namespace first.
정답
k get po --all-namespaces
k logs e-com-1123 -n e-commerce
k logs e-com-1123 -n e-commerce > /opt/outputs/e-com-1123.logs12
Create a Persistent Volume with the given specification.
정답
controlplane ~ ➜ cat 12.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-analytics
spec:
capacity:
storage: 100Mi
accessModes:
- ReadWriteMany
hostPath:
path: "/pv/data-analytics"13
Create a redis deployment using the image redis:alpine with 1 replica and label app=redis. Expose it via a ClusterIP service called redis on port 6379. Create a new Ingress Type NetworkPolicy called redis-access which allows only the pods with label access=redis to access the deployment.
정답
먼저 deploy만들고 yaml파일에서 label 추가해줌
k create deployment redis --image=redis:alpine --replicas=1
k get deployments.apps redis -o yaml > redis.yaml
vi redis.yaml
k apply -f redis.yaml deployment expose
59 k expose deployment/redis --type="ClusterIP" --port 6379networkpolicy만들기
- 내가 만든 것
controlplane ~ ✖ cat 13.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: redis-access
namespace: default
spec:
podSelector:
matchLabels:
app: redis
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
access: redis- 솔루션: port가 추가되어 있음
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: redis-access
namespace: default
spec:
podSelector:
matchLabels:
app: redis
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
access: redis
ports:
- protocol: TCP
port: 637914
Create a Pod called sega with two containers:
Container 1: Name tails with image busybox and command: sleep 3600.
Container 2: Name sonic with image nginx and Environment variable: NGINX_PORT with the value 8080.
정답
apiVersion: v1
kind: Pod
metadata:
name: sega
spec:
containers:
- image: busybox
name: tails
command:
- sleep
- "3600"
- image: nginx
name: sonic
env:
- name: NGINX_PORT
value: "8080"
