1. What is the user used to execute the sleep process within the ubuntu-sleeper pod?
In the current(default) namespace.
kubectl exec ubuntu-sleeper -- whoami
A) root
2.Edit the pod ubuntu-sleeper to run the sleep process with user ID 1010.
Note: Only make the necessary changes. Do not modify the name or image of the pod
- Pod Name: ubuntu-sleeper
-
Image Name: ubuntu
- SecurityContext: User 1010
k delete pod ubuntu-sleeper
k run ubuntu-sleeper --image=ubuntu --dry-run=client -o yaml > ubuntu-sleeper.yaml
vi ubuntu-sleeper.yaml
k apply -f ubuntu-sleeper.yaml
3.A Pod definition file named multi-pod.yaml is given. With what user are the processes in the web container started?
The pod is created with multiple containers and security contexts defined at the Pod and Container level.
cat multi-pod.yaml
A) 1002
4.With what user are the processes in the sidecar container started?
The pod is created with multiple containers and security contexts defined at the Pod and Container level.
cat multi-pod.yaml
A) 1001
5.Update pod ubuntu-sleeper to run as Root user and with the SYS_TIME capability.
Note: Only make the necessary changes. Do not modify the name of the pod.
-
Pod Name: ubuntu-sleeper
-
Image Name: ubuntu
-
SecurityContext: Capability SYS_TIME
vi ubuntu-sleeper.yaml
k apply -f ubuntu-sleeper.yaml
* docs 띄어쓰기 잘 보기
6.Now update the pod to also make use of the NET_ADMIN capability.
Note: Only make the necessary changes. Do not modify the name of the pod.
-
Pod Name: ubuntu-sleeper
-
Image Name: ubuntu
-
SecurityContext: Capability SYS_TIME
-
SecurityContext: Capability NET_ADMIN
A) ok
'cloud > k8s(문제풀이)' 카테고리의 다른 글
| [k8s]kodekloud-Persistent volume Claims (0) | 2022.07.05 |
|---|---|
| [cka] kodekloud-Network Policies (0) | 2022.07.01 |
| [cka]kodekloud-Image Security (0) | 2022.06.29 |
| [cka]kodekloud-service Accounts (마지막문제다시) (0) | 2022.06.29 |
| [cka] kodekloud-cluster Roles (0) | 2022.06.28 |
