CKS · Question #38
CKS Question #38: Real Exam Question with Answer & Explanation
1. Create runtime class by the name of not-trusted using runsc handler ``yaml apiVersion: node.k8s.io/v1 kind: RuntimeClass metadata: name: not-trusted handler: runsc ` 2. Find all the pods/deployment and edit runtimeClassName parameter to not-trusted under spec [desk@cli] $ k ed
Question
Context: Cluster: gvisor, Master node: master1, Worker node: worker1 You can switch the cluster/configuration context using the following command: [desk@cli] $ kubectl config use-context gvisor Context: This cluster has been prepared to support runtime handler, runsc as well as traditional one. Task: Create a RuntimeClass named not-trusted using the prepared runtime handler names runsc. Update all Pods in the namespace server to run on newruntime.
Explanation
- Create runtime class by the name of not-trusted using runsc handler
apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
name: not-trusted
handler: runsc
- Find all the pods/deployment and edit runtimeClassName parameter to not-trusted under spec
[desk@cli] $ k edit deploy nginx
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
strategy: {}
template:
metadata:
labels:
app: nginx
spec:
runtimeClassName: not-trusted # Add this
containers:
- image: nginx
name: nginx
resources: {}
status: {}
Explanation
[desk@cli] $vim runtime.yaml
apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
name: not-trusted
handler: runsc
[desk@cli] $ k apply -f runtime.yaml
[desk@cli] $ k get pods
NAME READY STATUS RESTARTS AGE
nginx-6798fc88e8-chp6r 1/1 Running 0 11m
nginx-6798fc88e8-f53sn 1/1 Running 0 11m
nginx-6798fc88e8-ndved 1/1 Running 0 11m
[desk@cli] $ k get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 3/3 11 3 5m
[desk@cli] $ k edit deploy nginx
Topics
Community Discussion
No community discussion yet for this question.