ckad-crash-course/exercises at master · bmuschko/ckad-crash-course

ConfigMaps

kubectl create configmap db-config --from-env-file=config.txt

name: backend
envFrom:
	- configMapRef:
      name: db-config

Secrets

kubectl create secret generic db-credentials --from-literal=db-password=passwd

env:
- name: DB_PASSWORD
  valueFrom:
    secretKeyRef:
      name: db-credentials
      key: db-password

Security Contexts

spec:
  securityContext:
    fsGroup: 3000
  containers:
  - image: nginx

Resource Quota

kubectl describe quota --namespace=rq-demo

Service Account

kubectl create serviceaccount backend-team

kubectl run backend --image=nginx --restart=Never --serviceaccount=backend-team

You can print out the token from the volume source at /var/run/secrets/kubernetes.io/serviceaccount.

Init Containers

spec:
  initContainers:
  - name: configurer
    image: busybox
  containers:

Volumes

containers:
  - image: bmuschko/nodejs-read-config:1.0.0
    name: web
    ports:
    - containerPort: 8080
    volumeMounts:
    - name: configdir
      mountPath: "/usr/shared/app"
volumes:
  - name: configdir
    emptyDir: {}

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv
spec:
  capacity:
    storage: 512m
  accessModes:
    - ReadWriteMany
  storageClassName: shared
  hostPath:
    path: /data/config