Automation with OpenShift Flashcards

Question 1

Q

Show the “schema” of an object or its properties

Answer

A

oc explain deployment.status.replicas

Question 2

Q

jsonpath construct to iterate over lists in the resource

Answer

A

c get deployment -n openshift-cluster-samples-operator \
cluster-samples-operator -o jsonpath=’{.status.conditions[*].type}’

Question 3

Q

Get a specific item in a list using jsonpath

Answer

A

c get deployment -n openshift-cluster-samples-operator \
cluster-samples-operator -o jsonpath=’{.spec.template.spec.containers[0].name}’

Question 4

Q

Filter items in a list with jsonpath

Answer

A

oc get deployment -n openshift-cluster-samples-operator \
cluster-samples-operator -o jsonpath=’{.status.conditions[?(@.type==”Available”)].status}’

Question 5

Q

list a single property from many objects

Answer

A

oc get route -n openshift-monitoring \
-o jsonpath=’{.items[*].spec.host}’

Question 6

Q

print specific properties in a tabular format

Answer

A

oc get pod –all-namespaces -o=custom-columns=NAME:.metadata.name,STATUS:.status.phase,NODE:.spec.nodeName

Question 7

Q

With jsonpath, extract single property with multiple nesting

Answer

A

oc get pods -A -o jsonpath=’{.items[].spec.containers[].image}’

Question 8

Q

Extract multiple properties at different levels of nesting

Answer

A

oc get pods -A -o jsonpath=’{range .items[*]}’ \
‘{.metadata.namespace} {.metadata.creationTimestamp}{“\n”}’

Question 9

Q

Execute jsonpath from file

Answer

A

oc get nodes -o jsonpath-file=not_ready_nodes.jsonpath

Question 10

Q

Capture the host name of the web console in a variable

Answer

A

console=$(oc get route -n openshift-console console \
-o jsonpath=’{.spec.host}’)

Question 11

Q

Use the curl command to display the expiry date of the OpenShift Router TLS certificate

Answer

A

curl https://$console -k -v 2>&1 | grep ‘expire date’

Question 12

Q

Get the host names for all routes and store them in a variable

Answer

A

hosts=$(oc get route -A \
-o jsonpath=’{.items[*].spec.host}’)

Question 13

Q

Use curl to get the HTTP status for each route

Question 14

Q

locate the name of the secret that contains the users

Answer

A

oc get oauth cluster -o json

Question 15

Q

extract the secret name from the identity provider named htpasswd_provider

Answer

A

filter=’?(.name==”htpasswd_provider”)’

oc get oauth cluster -o jsonpath=”{.spec.identityProviders[$filter].htpasswd.fileData.name}{‘\n’}”

Question 16

Q

Where does OCP store service account token

Answer

A

In the running pod under /var/run/secrets/kubernetes.io/serviceaccount/token

Question 17

Q

How do you get an operational script to authenticate with OCP

Answer

A

Create a service account for the purpose

Question 18

Q

service accounts belong to a namespace yes or no?

Question 19

Q

CR for creating a service account

Question 20

Q

Why prefer using CR vs oc cli

Answer

A

declarative YAML or JSON text files encourages the DevOps practices of version control and code review

Question 21

Q

By default, the service account does not have permission to make requests to the OpenShift API server. True or False?

Answer

A

True.
roles and role bindings must be defined for the sa

Question 22

Q

Roles are namespaced. True or False?

Question 23

Q

ClusterRoles are namespaced. True or False?

Question 24

Q

RoleBinding are namespaced. True or False?

Question 25

Q

What are valid subjects for role binding?

Answer

A

users, groups, or service accounts.

Question 26

Q

How do you create a binding?

Answer

A

oc policy add-role-to-user

Question 27

Q

Cron Job CR

Question 28

Q

Job CR

Question 29

Q

What are container script deployment strategies?

Answer

A

1) container command
2) volume
3) container image

Question 30

Q

Explain the container command script deployment strategy

Answer

A

Specify short Bash scripts as arguments to a container in the spec. This method is easy to deploy, but makes reviewing and automated tests more difficult.

Question 31

Q

Explain the volume script deployment straregy

Answer

A

Mount a ConfigMap or persistent storage as a volume.

Question 32

Q

Explain the image script deployment strategy

Answer

A

Package the script in a container image with all necessary dependencies. Use a GitOps pipeline with build, test, and deployment automation.

Question 33

Q

get jobs in all namescapes

Answer

A

oc get jobs -A

Question 34

Q

curl command to get api version

Answer

A

curl -k –header “Authorization: Bearer $(oc whoami -t)” $(oc whoami –show-server)/api

Question 35

Q

Find the list of APis using curl

Answer

A

curl -k –header “Authorization: Bearer $(oc whoami -t)” $(oc whoami –show-server)/apis

Question 36

Q

Create a project using REST API

Answer

A

curl -k –header “Authorization: Bearer qfyV5ULvv…i712kJT” \
–header ‘Content-Type: application/json’ -d “$(< project.json)” \
-X POST https://api.example.com/apis/project.openshift.io/v1/projects

Question 37

Q

Content of json file for creating a project

Answer

A

{
“apiVersion”: “project.openshift.io/v1”,
“kind”: “Project”,
“metadata”: {
“name”: “example”
}
}

Question 38

Q

Ansible OCP modules

Answer

A

1) k8s: manages k8s objects, allowing you to create, update, or delete Kubernetes objects
2) k8s_auth: returns api_key that other modules can use
3) k8s_info: Retrieves info about k8s objects
4) k8s_scale: sets new sizes for a Deployment, ReplicaSet, rc, or Job
5) k8s_service: manages services on k8s