ITNEXT

Home

Newsletter

About

Follow publication

ITNEXT is a platform for IT developers & software engineers to share knowledge, connect…

Follow publication

CKS Exam Series #2 Pods, Secrets and ServiceAccounts

Kubernetes CKS Example Exam Question Series

Kim Wuestkamp

Published in

ITNEXT

2 min readDec 13, 2020

CKS Exam Series | CKA Exam Series | CKAD Exam Series

#####################################

THIS CHALLENGE WON’T BE UPDATED HERE AND MOVED TO:

https://killercoda.com/killer-shell-cks

######################################

Content

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

→ Check out the FULL CKS COURSE on Udemy ←

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rules!

Be fast, avoid creating yaml manually from scratch
Use only kubernetes.io/docs for help.
Check our solution after you did yours. You probably have a better one!

Todays Task: Pod with ServiceAccount uses Secrets

Create new Namespace ns-secure and perform everything else in there
Create ServiceAccount secret-manager
Create Secret sec-a1 with any literal content of your choice
Create Secret sec-a2 with any file content of your choice (like /etc/hosts)
Create Pod secret-manager image nginx which uses the new SA
Make Secret sec-a1 available as environment variable SEC_A1
Mount Secret sec-a2 into the Pod read-only under /etc/sec-a2
Verify your solution worked

Solution

To solve this we’re logged into our controlplane node cks-controlplane .

1.

alias k=kubectlk create ns ns-secure

2.

k -n ns-secure create sa secret-manager

3.

k -n ns-secure create secret generic sec-a1 --from-literal user=admin

4.

k -n ns-secure create secret generic sec-a2 --from-file index=/etc/hosts

5. 6. 7.

k -n ns-secure run secret-manager --image=nginx -oyaml --dry-run=client > pod.yaml

Now edit the yaml to:

And to verify:

k -f pod.yaml createk -n ns-secure exec secret-manager -- env | grep SECk -n ns-secure exec secret-manager -- mount | grep sec

You have a different solution?

Let us know by writing a comment below!

— — — The END — — —

So much for this session. See you at the next one and happy learning!

Ready to join Killer Shell?

FULL CKS COURSE

…or the CKS SIMULATOR

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Published in ITNEXT

69K Followers

Last published 5 hours ago

ITNEXT is a platform for IT developers & software engineers to share knowledge, connect, collaborate, learn and experience next-gen technologies.

Written by Kim Wuestkamp

4K Followers

96 Following

killercoda.com | killer.sh (CKS CKA CKAD Simulator) | Software Engineer, Infrastructure Architect, Certified Kubernetes

Responses (5)
Write a response
What are your thoughts?
Also publish to my profile
Preston Sheldon
Dec 29, 2020
The Secrets are reversed in the question and the answer. The question creates an env variable SEC_A2 but the solution uses SEC_A1
--
Alessandro Vozza
Dec 22, 2020
I don't understand why this works without explicit RoleBinding to a Role that can read secrets in this namespace. Can you elaborate?
--
Purneau
Apr 19, 2021
Hi Kim,
First of all: loved your course. Will do the simulator tomorrow and take the exam next Thursday.
Since you emphasis a lot on speed: I notice that you always create a full .yaml file in case you need to add a SA to a simple pod (here, but also…
--

Recommended from Medium

Preparing for Kubernetes CKAD with Debugging Tips

Fedi Bounouh

Preparing for Kubernetes CKAD with Debugging Tips

In Kubernetes, understanding resource configurations is critical, but so is knowing how to debug issues when things go wrong. Here, we’ll…

Nov 2, 2024

Day 020 Preparing for the CKAD Exam: Update a Pod with a Readiness Probe

Tech Mahato

Day 020 Preparing for the CKAD Exam: Update a Pod with a Readiness Probe

Task:

Oct 3, 2024

Kubernetes Architecture: A Deep Dive into the Core Components

The Pub

Victor wasonga onyango

Kubernetes Architecture: A Deep Dive into the Core Components

Kubernetes has transformed how we deploy, manage, and scale containerized applications, offering a robust orchestration framework for high…

Oct 31, 2024

Kubernetes Anti-Affinity Rules: The Secret to High Availability

Mr.PlanB

Kubernetes Anti-Affinity Rules: The Secret to High Availability

High availability isn’t just a luxury in modern cloud infrastructure — it’s a necessity. And if you’re running Kubernetes, making sure your…

Mar 8

Mastering CKAD: Advanced Kubernetes Exam Questions and Expert Solutions (Part 3)

Siddharth Singh

Mastering CKAD: Advanced Kubernetes Exam Questions and Expert Solutions (Part 3)

Welcome to Part 3 of our CKAD (Certified Kubernetes Application Developer) series! In this post, we’ll explore a fresh set of advanced…

Nov 28, 2024

Cilium: Everything you need to know for CKS

Puru Tuladhar

Cilium: Everything you need to know for CKS

Understand Cilium’s Pod-to-Pod encryption — a key topic in the updated October 2024 CKS exam curriculum.

Jan 16

See more recommendations

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams

ITNEXT

CKS Exam Series #2 Pods, Secrets and ServiceAccounts

Kubernetes CKS Example Exam Question Series

Content

Rules!

Todays Task: Pod with ServiceAccount uses Secrets

Solution

1.

2.

3.

4.

5. 6. 7.

You have a different solution?

— — — The END — — —

Ready to join Killer Shell?

FULL CKS COURSE

…or the CKS SIMULATOR

Sign up to discover human stories that deepen your understanding of the world.

Free

Membership

Published in ITNEXT

Written by Kim Wuestkamp

Responses (5)

More from Kim Wuestkamp and ITNEXT

Kubernetes: How to set ReclaimPolicy for PersistentVolumeClaim

PV = PersistentVolume PVC = PersistentVolumeClaim

When Config Becomes the Code: The Trap of Over-Abstracting Logic

Your JSON is now a programming language (Good luck debugging)

5 reasons that convinced me to use VS Code for Java development

My experience after about one year of using VS Code for Java development

Kubernetes Services simply visually explained

K8s services can be easily explained by stacking them on top of each other, starting with a basic example and loads of images.

Recommended from Medium

Preparing for Kubernetes CKAD with Debugging Tips

In Kubernetes, understanding resource configurations is critical, but so is knowing how to debug issues when things go wrong. Here, we’ll…

Day 020 Preparing for the CKAD Exam: Update a Pod with a Readiness Probe

Task:

Kubernetes Architecture: A Deep Dive into the Core Components

Kubernetes has transformed how we deploy, manage, and scale containerized applications, offering a robust orchestration framework for high…

Kubernetes Anti-Affinity Rules: The Secret to High Availability

High availability isn’t just a luxury in modern cloud infrastructure — it’s a necessity. And if you’re running Kubernetes, making sure your…

Mastering CKAD: Advanced Kubernetes Exam Questions and Expert Solutions (Part 3)

Welcome to Part 3 of our CKAD (Certified Kubernetes Application Developer) series! In this post, we’ll explore a fresh set of advanced…

Cilium: Everything you need to know for CKS

Understand Cilium’s Pod-to-Pod encryption — a key topic in the updated October 2024 CKS exam curriculum.