Hello, I came across Killerkoda CKA question, I was able to edit the pod and add the sidecar with the required specs. And the pod is running. But I am not sure what is wrong as the grader is giving my “Validation Failed” I appreciate your support. Thanks
Question:
An existing nginx pod, my-pod-cka and Persistent Volume Claim (PVC) named my-pvc-cka are available. Your task is to implement the following modifications:
-
NOTE:- PVC to PV binding and
my-pod-ckapods sometimes takes around 2Mins to Up & Running So Please wait -
Update the pod to include a sidecar container that uses the
busyboximage. Ensure that this sidecar container remains operational by including an appropriate command"tail -f /dev/null". -
Share the
shared-storagevolume between the main application and the sidecar container, mounting it at the path/var/www/shared. Additionally, ensure that the sidecar container hasread-onlyaccess to this shared volume.
My Solution
controlplane $ k get pods
NAME READY STATUS RESTARTS AGE
my-pod-cka 2/2 Running 0 27m
controlplane $ k get pod my-pod-cka -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
cni.projectcalico.org/containerID: 4cf9e96b47361b05d5866cc39a18c3b2469a2d87429b20fb3350483b54bf6028
cni.projectcalico.org/podIP: 192.168.1.9/32
cni.projectcalico.org/podIPs: 192.168.1.9/32
creationTimestamp: "2024-10-08T13:57:48Z"
name: my-pod-cka
namespace: default
resourceVersion: "5697"
uid: 6efa057b-9d7d-436d-994c-6fd3698841cb
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: nginx-container
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/www/html
name: shared-storage
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-lf9jw
readOnly: true
- command:
- tail
- -f
- /dev/null
image: busybox
imagePullPolicy: Always
name: busybox-container
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/www/shared
name: shared-storage
readOnly: true
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-lf9jw
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: node01
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: shared-storage
persistentVolumeClaim:
claimName: my-pvc-cka
- name: kube-api-access-lf9jw
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2024-10-08T13:57:52Z"
status: "True"
type: PodReadyToStartContainers
- lastProbeTime: null
lastTransitionTime: "2024-10-08T13:57:48Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2024-10-08T13:57:52Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2024-10-08T13:57:52Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2024-10-08T13:57:48Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: containerd://eec2d51942f26af92c32e07c33f1aaf031fa4f9606d11554ef2853b87ecb82d5
image: docker.io/library/busybox:latest
imageID: docker.io/library/busybox@sha256:768e5c6f5cb6db0794eec98dc7a967f40631746c32232b78a3105fb946f3ab83
lastState: {}
name: busybox-container
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2024-10-08T13:57:52Z"
- containerID: containerd://eaa44c12772ef7cdf073815faf16b31d4882fae41cf127249dc21dd8fb2f84c9
image: docker.io/library/nginx:latest
imageID: docker.io/library/nginx@sha256:d2eb56950b84efe34f966a2b92efb1a1a2ea53e7e93b94cdf45a27cf3cd47fc0
lastState: {}
name: nginx-container
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2024-10-08T13:57:51Z"
hostIP: 172.30.2.2
hostIPs:
- ip: 172.30.2.2
phase: Running
podIP: 192.168.1.9
podIPs:
- ip: 192.168.1.9
qosClass: BestEffort
startTime: "2024-10-08T13:57:48Z"
controlplane $
controlplane $ k describe pod my-pod-cka
Name: my-pod-cka
Namespace: default
Priority: 0
Service Account: default
Node: node01/172.30.2.2
Start Time: Tue, 08 Oct 2024 13:57:48 +0000
Labels: <none>
Annotations: cni.projectcalico.org/containerID: 4cf9e96b47361b05d5866cc39a18c3b2469a2d87429b20fb3350483b54bf6028
cni.projectcalico.org/podIP: 192.168.1.9/32
cni.projectcalico.org/podIPs: 192.168.1.9/32
Status: Running
IP: 192.168.1.9
IPs:
IP: 192.168.1.9
Containers:
nginx-container:
Container ID: containerd://eaa44c12772ef7cdf073815faf16b31d4882fae41cf127249dc21dd8fb2f84c9
Image: nginx
Image ID: docker.io/library/nginx@sha256:d2eb56950b84efe34f966a2b92efb1a1a2ea53e7e93b94cdf45a27cf3cd47fc0
Port: <none>
Host Port: <none>
State: Running
Started: Tue, 08 Oct 2024 13:57:51 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-lf9jw (ro)
/var/www/html from shared-storage (rw)
busybox-container:
Container ID: containerd://eec2d51942f26af92c32e07c33f1aaf031fa4f9606d11554ef2853b87ecb82d5
Image: busybox
Image ID: docker.io/library/busybox@sha256:768e5c6f5cb6db0794eec98dc7a967f40631746c32232b78a3105fb946f3ab83
Port: <none>
Host Port: <none>
Command:
tail
-f
/dev/null
State: Running
Started: Tue, 08 Oct 2024 13:57:52 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-lf9jw (ro)
/var/www/shared from shared-storage (ro)
Conditions:
Type Status
PodReadyToStartContainers True
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
shared-storage:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: my-pvc-cka
ReadOnly: false
kube-api-access-lf9jw:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Pulling 30m kubelet Pulling image "nginx"
Normal Pulled 30m kubelet Successfully pulled image "nginx" in 971ms (971ms including waiting). Image size: 72950394 bytes.
Normal Created 30m kubelet Created container nginx-container
Normal Started 30m kubelet Started container nginx-container
Normal Pulling 30m kubelet Pulling image "busybox"
Normal Pulled 30m kubelet Successfully pulled image "busybox" in 872ms (872ms including waiting). Image size: 2166802 bytes.
Normal Created 30m kubelet Created container busybox-container
Normal Started 30m kubelet Started container busybox-container
