Examtopics

コメント(8)

• [A] Correct answer. This is a typical use case for node selector. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector

  [B] The Pod Security Policy is designed to block the creation of misconfigured pods on certain clusters. This does not meet the requirements.

  [C] Taint will no longer place pods without the "inscope" label on that node, but it does not guarantee that pods with the "inscope" label will be placed on that node.

  [D] Placing the "in scope" node in the namespace "in-scope-pci" may meet the requirement, but [A] takes precedence.

  👍 9

  Tabayashi2022/04/28
• 正解だと思う選択肢: A

  https://redhat-scholars.github.io/kubernetes-tutorial/kubernetes-tutorial/taints-affinity.html A Taint is applied to a Kubernetes Node that signals the scheduler to avoid or not schedule certain Pods. A Toleration is applied to a Pod definition and provides an exception to the taint.

  https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Node affinity is a property of Pods that attracts them to a set of nodes (either as a preference or a hard requirement). Taints are the opposite -- they allow a node to repel a set of pods.

  👍 3

  Jeanphi722022/08/23
• 正解だと思う選択肢: A

  nodeSelector is the simplest recommended form of node selection constraint. You can add the nodeSelector field to your Pod specification and specify the node labels you want the target node to have. Kubernetes only schedules the Pod onto nodes that have each of the labels you specify. => https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector

  Tolerations are applied to pods. Tolerations allow the scheduler to schedule pods with matching taints. Tolerations allow scheduling but don't guarantee scheduling: the scheduler also evaluates other parameters as part of its function. => https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/

  👍 2

  GHOST19852022/10/03