Added scenarios for

1. Static pods
2. Init containers
3. Jsonpaths
4. DaemonSet

topics/README.md

@@ -10,11 +10,14 @@ Topics cover test exercises for each topics
  - [Authentication](../authentication.md)
  - [Platform Binary Verfication](./binary_verification.md)
  - [Cluster Upgrade](./cluster_upgrade.md)
- - [ConfigMaps](./configmaps.md)   
+ - [ConfigMaps](./configmaps.md)  
+ - [DaemonSets](./daemonsets.md)
  - [Deployments](./deployments.md)  
  - [Falco](./falco.md)
- - [Ingress](./ingress.md)  
+ - [Ingress](./ingress.md) 
+ - [Init Containers](../init_containers.md) 
  - [Jobs](./jobs.md)  
+ - [Kubectl Jsonpath](./jsonpath.md)
  - [kube-bench](./kube-bench.md)
  - [Kubeconfig](./kubeconfig.md) .
  - [Kubelet Security](./kubelet_security.md)

topics/daemonsets.md

@@ -0,0 +1,74 @@
+# [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/)
+
+A DaemonSet ensures that all (or some) Nodes run a copy of a Pod. As nodes are added to the cluster, Pods are added to them. As nodes are removed from the cluster, those Pods are garbage collected. Deleting a DaemonSet will clean up the Pods it created.
+
+<br />
+
+### Get the daemonset in all namespaces
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl get daemonsets --all-namespaces
+# OR 
+kubectl get ds -A
+```
+
+</p></details>
+
+<br />
+
+### Ensure a single instance of pod nginx is running on each node of the Kubernetes cluster where nginx also represents the image name which has to be used. Do not override anytaints currently in place.
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl create deploy nginx --image=nginx --dry-run=client -o yaml > nginx-ds.yaml
+```
+
+#### Edit the deployment to daemonset
+
+```yaml
+cat << EOF > nginx-ds.yaml
+apiVersion: apps/v1
+kind: DaemonSet # Update from Deployment to DaemonSet
+metadata:
+  labels:
+    app: nginx
+  name: nginx
+spec:
+#  replicas: 1 - remove replicas
+  selector:
+    matchLabels:
+      app: nginx
+#  strategy: {} - remove strategy
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - image: nginx
+        name: nginx
+        resources: {}
+EOF
+
+kubectl apply -f nginx-ds.yaml
+
+kk get pods -o wide
+# NAME          READY   STATUS    RESTARTS   AGE     IP           NODE     NOMINATED NODE   READINESS GATES
+# nginx-5k7dk   1/1     Running   0          6m10s   10.244.1.3   node01   <none>           <none>
+
+kk get daemonset
+# NAME    DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
+# nginx   1         1         1       1            1           <none>          6m24s
+
+kk get ds
+# NAME    DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
+# nginx   1         1         1       1            1           <none>          6m30s
+
+```
+
+</p></details>
+
+<br />

topics/init_containers.md

@@ -0,0 +1,170 @@
+# [Init Containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/)
+
+### Update the below specs for nginx pod with `/usr/share/nginx/html` directory mounted on volume `workdir`. 
+ - Add an init container named `install` with image `busybox`. 
+ - Mount the workdir to the init container.
+ - `wget` the `http://info.cern.ch` and save as `index.html` to the `workdir` in the init container.
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: init-demo
+spec:
+  containers:
+  - name: nginx
+    image: nginx
+    ports:
+    - containerPort: 80
+    volumeMounts:
+    - name: workdir
+      mountPath: /usr/share/nginx/html
+  dnsPolicy: Default
+  volumes:
+  - name: workdir
+    emptyDir: {}
+```
+
+<details><summary>show</summary><p>
+
+```yaml
+cat << EOF > init-demo.yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: init-demo
+spec:
+  containers:
+  - name: nginx
+    image: nginx
+    ports:
+    - containerPort: 80
+    volumeMounts:
+    - name: workdir
+      mountPath: /usr/share/nginx/html
+  # Add the init container
+  initContainers:
+  - name: install
+    image: busybox
+    command:
+    - wget
+    - "-O"
+    - "/work-dir/index.html"
+    - http://info.cern.ch
+    volumeMounts:
+    - name: workdir
+      mountPath: "/work-dir"
+  dnsPolicy: Default
+  volumes:
+  - name: workdir
+    emptyDir: {}
+EOF
+
+kubectl apply -f init-demo.yaml
+
+kubectl exec init-demo -- curl http://localhost
+#   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
+#                                  Dload  Upload   Total   Spent    Left  Speed
+# 100   646  100   646    0     0  34000      0 --:--:-- --:--:-- --:--:-- 34000
+# <html><head></head><body><header>
+# <title>http://info.cern.ch</title>
+# </header>
+
+# <h1>http://info.cern.ch - home of the first website</h1>
+# <p>From here you can:</p>
+# <ul>
+# <li><a href="http://info.cern.ch/hypertext/WWW/TheProject.html">Browse the first website</a></li>
+# <li><a href="http://line-mode.cern.ch/www/hypertext/WWW/TheProject.html">Browse the first website using the line-mode browser simulator</a></li>
+# <li><a href="http://home.web.cern.ch/topics/birth-web">Learn about the birth of the web</a></li>
+# <li><a href="http://home.web.cern.ch/about">Learn about CERN, the physics laboratory where the web was born</a></li>
+# </ul>
+# </body></html>
+```
+
+</p></details>
+
+<br />
+
+### Add an init container `maker` with image `alpine` to maker-checker pod with the spec given below.
+ - The init container should create an empty file named /workdir/calm.txt
+ - If /workdir/calm.txt is not detected, the pod should exit
+ - Once the spec file has been updated with the init container definition, the pod should be created.
+
+<br />
+
+```yaml
+cat << EOF > maker-checker.yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  creationTimestamp: null
+  labels:
+    run: maker-checker
+  name: maker-checker
+spec:
+  containers:
+  - image: alpine
+    name: checker
+    command: ["/bin/sh", "-c", "if /workdir/calm.txt; then sleep 3600; else exit 1; fi;"]
+    volumeMounts:
+    - name: workdir
+      mountPath: "/work-dir"
+  dnsPolicy: Default
+  volumes:
+  - name: workdir
+    emptyDir: {}
+  restartPolicy: Always
+status: {}
+EOF
+```
+
+<details><summary>show</summary><p>
+
+```yaml
+cat << EOF > maker-checker.yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  creationTimestamp: null
+  labels:
+    run: maker-checker
+  name: maker-checker
+spec:
+  containers:
+  - image: alpine
+    name: checker
+    command: ["/bin/sh", "-c", "if [ -f /workdir/calm.txt ]; then sleep 3600; else exit 1; fi;"]
+    volumeMounts:
+    - name: workdir
+      mountPath: "/workdir"
+  # Add the init container
+  initContainers:
+  - name: maker
+    image: alpine
+    command: ["/bin/sh", "-c", "touch /workdir/calm.txt"]
+    volumeMounts:
+    - name: workdir
+      mountPath: "/workdir"
+  dnsPolicy: Default
+  volumes:
+  - name: workdir
+    emptyDir: {}
+  restartPolicy: Always
+status: {}
+EOF
+
+kubectl apply -f maker-checker.yaml
+```
+
+</p></details>
+
+<br />
+
+### Clean up 
+
+<br />
+
+```bash
+rm init-demo.yaml maker-checker.yaml
+kubectl delete pod init-demo maker-checker --force --grace-period=0
+```

topics/jsonpath.md

@@ -0,0 +1,94 @@
+# [Kubectl jsonpath](https://kubernetes.io/docs/reference/kubectl/jsonpath/)
+
+<br />
+
+### Get node details as custom fields with NODE_NAME for nodename, CPU_COUNT for cpu.
+
+<details><summary>show</summary><p>
+
+```bash
+$ kubectl get nodes -o=custom-columns=NODE_NAME:.metadata.name,CPU_COUNT:.status.capacity.cpu
+# NODE_NAME      CPU_COUNT
+# controlplane   2
+# node01         2
+```
+
+</p></details>
+
+<br />
+
+### Setup few containers and deployments
+
+```bash
+kubectl run nginx-dev --image nginx:1.21.4-alpine
+kubectl run nginx-qa --image nginx:1.21
+kubectl run nginx-prod --image nginx:1.21
+```
+
+### List all Container images in all namespaces
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl get pods --all-namespaces -o jsonpath='{.items[*].spec.containers[*].image}}' | tr " " "\n" 
+# nginx:1.21.4-alpine
+# nginx:1.21
+# nginx:1.21
+# k8s.gcr.io/coredns:1.6.7
+# k8s.gcr.io/coredns:1.6.7
+# k8s.gcr.io/etcd:3.4.3-0
+# katacoda/katacoda-cloud-provider:0.0.1
+# k8s.gcr.io/kube-apiserver:v1.18.0
+# k8s.gcr.io/kube-controller-manager:v1.18.0
+# quay.io/coreos/flannel:v0.12.0-amd64
+# quay.io/coreos/flannel:v0.12.0-amd64
+# gcr.io/google_containers/kube-keepalived-vip:0.9
+# k8s.gcr.io/kube-proxy:v1.18.0
+# k8s.gcr.io/kube-proxy:v1.18.0
+# k8s.gcr.io/kube-scheduler:v1.18.0}
+```
+
+</p></details>
+
+<br />
+
+### List all the pods sorted by name
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl get pods --sort-by=.metadata.name
+# NAME         READY   STATUS    RESTARTS   AGE
+# nginx-dev    1/1     Running   0          91s
+# nginx-prod   1/1     Running   0          91s
+# nginx-qa     1/1     Running   0          91s
+```
+
+</p></details>
+
+<br />
+
+### Check the Image version of nginx-dev pod using jsonpath
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl get pod nginx-dev -o jsonpath='{.spec.containers[0].image}'
+# nginx:1.21.4-alpine
+```
+
+</p></details>
+
+<br />
+
+### List the nginx pod with custom columns POD_NAME and POD_STATUS
+
+<details><summary>show</summary><p>
+
+```bash
+kubectl get po -o=custom-columns="POD_NAME:.metadata.name, POD_STATUS:.status.containerStatuses[].state" | tr " " "\n" 
+```
+
+</p></details>
+
+<br />