Professional Documents
Culture Documents
ex280v5
ex280v5
Ans:-
oc replace -f oauth.yaml
Q2:
Configure openshift cluster permission , configure cluster permission so that,
Ans:-
Q3:
Configure projects for configuring openshift cluster
--> Sydney
--> Tokyo
--> India
--> China
--> USA
Ans:-
oc new-project sydney
oc new-project tokyo
oc new-project india
oc new-project china
oc new-project usa
Q4:
Create groups to configure openshift cluster
Ans:-
Create a resoure quota "ex280-quota" for defining limits for resource access
for projects in sydney project.
i. Total memory amount for max usage is 2Gi
ii. Total CPUdd wick user with unit for max usage is "2" kuex280-quotabernetes
units
iii. Total no of pods should be limited to 13
iv. Total no services should not exceed 10
v. Total no of replication contollers should be 3
Ans:-
oc project projectname
oc create quota ex280-quota --
hard=memory=2Gi,cpu=2,pods=13,services=10,replicationcontrollers=3 -n projectname
oc get resourcequota
oc describe resourcequota
Q6:
Create Limit Range
Ans:-
http://rocky.apps.domain7.com
Ans:-
oc get events --> nodes had taint that pod din't tolerate
oc get nodes
oc describe nodes | grep -i taints
oc get dc
oc edit dc/dcname
spec:
dnsPolicy: ClusterFirst
tolerations:
- effect: NoSchedule
key: node
operator: Equal
value: worker
oc get pods
oc get svc
oc expose svc/svcname --hostname rocky.apps.domain7.com
oc get route
curl http://rocky.apps.domain7.com
Q8. Scale up minion application in holy project and create replicas upto 5
Ans:-
oc project holy
oc get pods --> pod is running state
oc get dc
oc scale --replicas=5 dc/dcname
oc get pods --> all pods are pending state because of taints so set
tolerations
oc get dc
oc edit dc/dcname
spec:
dnsPolicy: ClusterFirst
tolerations:
- effect: NoSchedule
key: node
operator: Eqaul
value: worker
Ans:-
oc project scaling
oc get -o yaml dc/dcname > hello.yaml
vim hello.yaml
resources:
requests:
cpu: "50m"
limits:
cpu: "100m"
Ans:-
oc project project name
oc create secret generic magic --from-literal decode_ring=asdf154513 -n
projectname --> smallletter decode_ring
Q11. Use secret in secure project there is one pod already exists. It should use
magic secret.
Ans:-
oc project projectname
oc logs podname | head -n2
oc get dc
oc set env dc/dcname --from secret/magic
oc get pods
oc rsh podname
oc get route
curl -s routename
Ans:-
Q13:
Create service account in apple project
service account name : ex280-sa
Answer:
$ oc project apple
$ oc create sa ex280-sa
$ oc adm policy --help
Q14:
Deploy an application using service account created in previous question in project
called bulky
Answer:
$ oc project bulky
$ oc get pods
$ oc logs pod/podname --> important
$ oc get events
$ oc get pods
$ oc get pod/podname -o yaml | oc adm policy scc-subject-review -f -
$ oc adm policy add-scc-to-user anyuid -z ex280-sa
$ oc set serviceaccount dc/dcname ex280-sa
$ oc describe pod console-5df4fcbb47-67c52 -n openshift-console | grep scc
$ oc get pods
$ oc get route
$ curl -s routename
$ oc project orange
$ oc get events
$ oc get pods
node selector variable value issue set the nodeselector inside deployment.
oc get node -L
oc edit deployment/deploymentname
nodeSelector:
star: trek (in exam by default it is Trek change it to trek).
Q16. Deploy an application in cherry project named ronik
resources:
requests:
memory: 80Gi --> to 80Mi
$ oc get pods