Question 51
A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.
Can this be used to schedule containers to meet the security policy requirements?
Solution: label contraints
Can this be used to schedule containers to meet the security policy requirements?
Solution: label contraints
Question 52
The Kubernetes yaml shown below describes a networkPolicy.
Will the networkPolicy BLOCK this traffic?
Solution: a request issued from a pod lacking the tier: api label, to a pod bearing the tier: backend label
Will the networkPolicy BLOCK this traffic?
Solution: a request issued from a pod lacking the tier: api label, to a pod bearing the tier: backend label
Question 53
Will this action upgrade Docker Engine CE to Docker Engine EE?
Solution: Manually download the 'docker-ee' package
Solution: Manually download the 'docker-ee' package
Question 54
During development of an application meant to be orchestrated by Kubemetes, you want to mount the /data directory on your laptop into a container.
Will this strategy successfully accomplish this?
Solution. Create a Persistent VolumeClaim requesting storageClass:"" (which defaults to local storage) and hostPath and use this to populate a volume in a pod.
Will this strategy successfully accomplish this?
Solution. Create a Persistent VolumeClaim requesting storageClass:"" (which defaults to local storage) and hostPath and use this to populate a volume in a pod.
Question 55
A service 'wordpress' is running using a password string to connect to a non-Dockerized database service. The password string is passed into the 'wordpress' service as a Docker secret. Per security policy, the password on the database was changed. Identity the correct sequence of steps to rotate the secret from the old password to the new password.