Q1 of LAB- MOCK EXAM 2 - clarification

shop2 · March 27, 2024, 6:09pm

Hi! In Q1 of LAB- MOCK EXAM 2

does really using kubernetes.io/metadata.name: label in namespaceSelector should be treated as error? I always thought it good okay relevant docs section
also does NOT specifying ports: section should be treated as error? Nothing were about specific ports in the question.

Cheers!

Alistair_KodeKloud · March 27, 2024, 8:20pm

This question was probably written before Kubernetes did automatic labelling of namespaces with kubernetes.io/metadata.name, so it wants you to use the manually added labels. I’ll raise a ticket for the labs team to suggest they support either way.
The question mentions a ClusterIP service. It is associated with the pod to which the policy applies. If you are to be really secure, then you only allow access on the service port to the pods.

shop2 · March 27, 2024, 9:02pm

WOW! Blazing fast and useful answer! Thanks Alistair!