Introduction
Hi, I am Akshay Rao, will be starting a exercise series on k8s.
In this blog there will not explanation only problems and solutions.if you want explanation have a look at this series:-
https://dev.to/aksrao1998/series/24887
Pre-requisite
have minikube or kind running in the local machine.
Note:- k is alias for kubectl.
Problem 1
- Create a secret called mysecret with the values password=mypass.
- Create a secret called mysecret2 that gets key/value from a file.
- Get the value of mysecret2
Solution
#1 soln
[k8s-ckad (⎈|minikube:mynamespace)]$ k create secret generic mysecret --from-literal=password=mypass
secret/mysecret created
#2 soln
[k8s-ckad (⎈|minikube:mynamespace)]$ echo -n admin > username
[k8s-ckad (⎈|minikube:mynamespace)]$ k create secret generic mysecret2 --from-file=username
secret/mysecret2 created
[k8s-ckad (⎈|minikube:mynamespace)]$ k get secrets
NAME TYPE DATA AGE
mysecret Opaque 1 5m32s
mysecret2 Opaque 1 19s
#3 soln
[k8s-ckad (⎈|minikube:mynamespace)]$ k get secret mysecret2 -o yaml
apiVersion: v1
data:
username: YWRtaW4=
kind: Secret
metadata:
creationTimestamp: "2023-10-29T16:27:43Z"
name: mysecret2
namespace: mynamespace
resourceVersion: "968"
uid: 6fa05aa1-fb8e-464e-9a81-11ef9833662a
type: Opaque
# the value of username is coded so need to decode it.
[k8s-ckad (⎈|minikube:mynamespace)]$ k get secret mysecret2 -o jsonpath='{.data.username}' | base64 -D
admin
Problem 2
Create an nginx pod that mounts the secret mysecret2 in a volume on path /etc/foo.
Solution
[k8s-ckad (⎈|minikube:mynamespace)]$ k run nginx --image=nginx --dry-run=client -o yaml > pod4.yaml
#edit the pod4.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
volumes:
- name: mysecrets
secret:
secretName: mysecret2
containers:
- image: nginx
name: pod1
resources: {}
volumeMounts:
- name: mysecrets
mountPath: /etc/foo
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[k8s-ckad (⎈|minikube:mynamespace)]$ k create -f pod4.yaml
pod/nginx created
Problem 3
Delete the pod you just created and mount the variable 'username' from secret mysecret2 onto a new nginx pod in env variable called 'USERNAME'
Solution
[k8s-ckad (⎈|minikube:mynamespace)]$ k delete pod nginx
pod "nginx" deleted
#edit the pod4.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: pod1
env:
- name: USERNAME
valueFrom:
secretKeyRef:
name: mysecret2
key: username
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[k8s-ckad (⎈|minikube:mynamespace)]$ k create -f pod4.yaml
pod/nginx created
[k8s-ckad (⎈|minikube:mynamespace)]$ k exec nginx -- env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=nginx
USERNAME=admin
Problem
- See all the service accounts of the cluster in all namespaces.
- Create a new serviceaccount called 'myuser'
- Create an nginx pod that uses 'myuser' as a service account
- Generate an API token for the service account 'myuser'
Solution
#1 soln
[k8s-ckad (⎈|minikube:mynamespace)]$ k get sa
NAME SECRETS AGE
default 0 42m
#2 soln
[k8s-ckad (⎈|minikube:mynamespace)]$ k create serviceaccount myuser
serviceaccount/myuser created
#3 soln
edit the pod4.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
serviceAccountName: myuser
containers:
- image: nginx
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[k8s-ckad (⎈|minikube:mynamespace)]$ k create -f pod4.yaml
pod/nginx created
[k8s-ckad (⎈|minikube:mynamespace)]$ k describe pod nginx
Name: nginx
Namespace: mynamespace
Priority: 0
Service Account: myuser
Node: minikube/192.168.49.2
Start Time: Mon, 30 Oct 2023 02:08:22 +0900
#4 soln
[ts-akshay.rao@JP-FVFZ91DHL414 k8s-ckad (⎈|minikube:mynamespace)]$ k create token myuser
eyJhbGciOiJSUzI1NiIsImtpZCI6IlcyR2FBcUpHb2lreVVfc2ZLOEJlUkZkenpTZHhEY0ZlYU9vWEJrYmVtb0kifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjk4NjAzMDk1LCJpYXQiOjE2OTg1OTk0OTUsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJteW5hbWVzcGFjZSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJteXVzZXIiLCJ1aWQiOiIyMTIyZTQxNC03ZjlmLTQxZWUtYjgyNi03MzhlYTgyNTY5MzIifX0sIm5iZiI6MTY5ODU5OTQ5NSwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om15bmFtZXNwYWNlOm15dXNlciJ9.nC0yOa8TG8xMFKO_tmd9P0Wuzqp2C_yqoziokxAf67Kr9svN_wJWV3hQja4ULl48VTKOOyXopdF4fwbu6QNOnSJR2pHOTAwk9Klav6x3mBRHINQRdoMs8PvmrGNY7zdBB1cM83xHnpV_FxCZ6d-lDNY2gxc8OItCevvgqoh-ZChFXLIrpG6hVR12Q-1KqIntx71Q1l9HhkXvVTaGq-gZpiHgOBMh8n1Vq6fV2GjiB1r5atTlXFrhzM6D2YHkJTEZcTYi4AAVKrAQD-JIzQN0LRBoBWIPMtYOh7RE-IzrGoKgfWmwvHik8lNWS70G8qOvLZGL9R8M2DtrDPbQiZEp7Q
I hope this helps you in practicing.
Thank you
Top comments (0)