CKS exam question

Onur-Oner · January 9, 2022, 6:28pm

Can anyone give me answer for the below question

thanks

Before Making any changes build the Dockerfile with tag base:v1
Now Analyze and edit the given Dockerfile(based on ubuntu 16:04)
Fixing two instructions present in the file, Check from Security Aspect and Reduce Size point of view.
Dockerfile:
FROM ubuntu:latest
RUN apt-get update -y
RUN apt install nginx -y
COPY entrypoint.sh /
RUN useradd ubuntu
ENTRYPOINT [“/entrypoint.sh”]
USER ubuntu
entrypoint.sh
#!/bin/bash
echo “Hello from CKS”
After fixing the Dockerfile, build the docker-image with the tag base:v2 To Verify: Check the size of the image before and after the build.

Onur-Oner · January 9, 2022, 7:41pm

also do you have solution for below question.

Create a network policy named restrict-np to restrict to pod nginx-test running in namespace
testing.
Only allow the following Pods to connect to Pod nginx-test:-

pods in the namespace default
pods with label version:v1 in any namespace.
Make sure to apply the network policy.