Docker DCA Practice Test - Questions Answers, Page 17

A Kubernetes node is allocated a /26 CIDR block (64 unique IPs) for its address space.

If every pod on this node has exactly two containers in it, how many pods can this address space support on this node?

You are running only Kubernetes workloads on a worker node that requires maintenance, such as installing patches or an OS upgrade.

Which command must be run on the node to gracefully terminate all pods on the node, while marking the node as unschedulable?

Which networking drivers allow you to enable multi-host network connectivity between containers?

You want to mount external storage to a particular filesystem path in a container in a Kubernetes pod.

What is the correct set of objects to use for this?

In Kubernetes, to mount external storage to a filesystem path in a container within a pod, you would use a volume in the pod specification. This volume is populated with a persistentVolumeClaim that is bound to an existing persistentVolume. The persistentVolume is defined and managed by the storageClass which provides dynamic or static provisioning of the volume and determines what type of storage will be provided1.

Reference:

* Dynamic Volume Provisioning | Kubernetes

Is this a supported user authentication method for Universal Control Plane?

Solution: Docker ID

A company's security policy specifies that development and production containers must run on separate nodes in a given Swarm cluster.

Can this be used to schedule containers to meet the security policy requirements?

Solution: node affinities

You created a new service named 'http' and discover it is not registering as healthy. Will this command enable you to view the list of historical tasks for this service?

Solution: 'docker ps http'

The Kubernetes yaml shown below describes a clusterIP service.

Is this a correct statement about how this service routes requests?

Solution: Traffic sent to the IP of this service on port 80 will be routed to port 8080 in a random pod with the label app:

nginx.

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution: List insecure registries in the 'daemon.json configuration file under the \insecure-registries' key.