본문 바로가기
CKA &. CKAD/Application Lifecycle Management

Secret Practice Test

Clark Shim 2021. 3. 27. 21:12

ㅁ How many Secrets exsit on the system?

kubectl get secrets

 

ㅁ How many secrets are defined in the 'default-token' secret?

kubectl describe secret default-token

Data 영역의 값 확인

Data
====
ca.crt:     1066 bytes
namespace:  7 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IlNTZjZGUEZCTFRLUlhiMGhyY2txNDF2M01HOWdOZGlQMzM4bWpJbi05d0kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tejc0Z3oiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjBlNThjYjU5LTUzZTgtNDc3Yi04MDBmLWFlNTUwN2I0ZjllYyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQifQ.mCTmAp6y9IdlVZmtXvz5ncREgxj_srRUPuqJTBT4jFT2Ah3edDYwOt1aU-oelmvbT5_Yhodu2Fi-dMzFcljYo2LkrA-YVkbzO-a18P03e-g2Sr5StmldkuGbDVrazy7R0GYUiwE5Fk3i1NEXa7ADZzQpW1GngOi27YSDKF4TdA58K-AvUofEcPogXlilQ5EcZ17wJL3FSbVMZt-YBk7k7P6SaWG4wV7wmFzsPV8rKNRn5bFABWjVKxKYHj4CQk4qV49Kp0E3e4WynNu-GiNcPg-YYjOMzs2un_7cDZAHxTgeDVBkrxtK4G7YN8D3M2_uPOOfo5-Ty08Po2K-ObJ7vQ

ㅁ What is the type of the 'default-token' secret?

kubectl describe secret default-token

 Type 내용 확인

Type:  kubernetes.io/service-account-token

 

ㅁ Which of the following is not a secret data defined in 'default-token' secret?

[namespace]

[ca.crt]

[type]

[token]

 

 

$ kubectl get pods
NAME         READY   STATUS    RESTARTS   AGE
mysql        1/1     Running   0          16s
webapp-pod   1/1     Running   0          16s

$ kubectl get services
NAME             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
kubernetes       ClusterIP   10.96.0.1      <none>        443/TCP          18m
sql01            ClusterIP   10.99.80.180   <none>        3306/TCP         21s
webapp-service   NodePort    10.97.141.95   <none>        8080:30080/TCP   21s

 

ㅁ The reasono the application is failed is because we have not created the secrets yet. Create a new Secret named 'db-secret' with the data given(on the right)

- Secret Name: db-secret

- Secret 1: DB_Host=sql01

- Secret 2: DB_USer=root

- Secret 3: DB_Paswword=password123

 

kubectl create secret generic db-secret --from-literal=DB_Host=sql01 --from-literal=DB_User=root --from-literal=DB_Password=password123

 

ㅁ Configure webapp-pod to load environment variables from the newly created secret.

- Pod name: webapp-pod

- Image name: kodekloud/simple-webapp-mysql

- Env From: Secret=db-secret

 

kubectl get pod webapp-pod -o yaml > pod-def.yaml

 

pod-def.yaml 중 containers 아래 부분에 아래 내용 변경

spec:
  containers:
  - image: kodekloud/simple-webapp-mysql
    imagePullPolicy: Always
    name: webapp
    envFrom:
    - secretRef:
        name: db-secret

 

아래 내용으로 원하는 yaml 형식을 간단히 볼 수 있다.

kubectl explain pods --recrusive | less
kubectl explain pods --recursive | grep -A8 envFrom

 

'CKA &. CKAD > Application Lifecycle Management' 카테고리의 다른 글

InitContainer and Practice Test  (0) 2021.03.28
Practice Test - Multi-Container Pod  (0) 2021.03.27
Secret  (0) 2021.03.27
ConfigMap Practice Test  (0) 2021.03.27
Configure Environment Variable in Applications  (0) 2021.03.27

'CKA &. CKAD/Application Lifecycle Management' Related Articles

티스토리툴바