Kubernetes CKA sample exam question 67 with answer

Question
Do the following in the new Namespace secret.
Create a Pod named secret-pod of image busybox:1.31.1 which should keep running for some time.
There is an existing Secret located at /opt/course/19/secret1.yaml, create it in the namespace secret and mount it readonly into the Pod at /tmp/secret1.
Create a new Secret in Namespace secret called secret2 which should contain user=user1 and pass=1234.
These entries should be available inside the Pod's container as environment variables APP_USER and APP_PASS.
Confirm everything is working.

Answer
Try to apply the Secret manifest file:

kubectl apply -f /opt/course/19/secret1.yaml

and it is an error:

namespaces "todo" not found

Open manifest file and asjust namespace to be secret:

namespace: secret

Apply now:

kubectl apply -f /opt/course/19/secret1.yaml

Create second secret:

kubectl -n secret create secret generic secret2 --from-literal=user=user1 --from-literal=pass=1234

Generate pod manifest:

kubectl -n secret run secret-pod --image=busybox:1.31.1 --dry-run=client -o yaml --command -- sleep 4800

Adjust the manifest:

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: secret-pod
  name: secret-pod
  namespace: secret
spec:
  containers:
  - command:
    - sleep
    - "4800"
    image: busybox:1.31.1
    name: secret-pod
    volumeMounts:
    - name: secret
      readOnly: true
      mountPath: "/tmp/secret1"
    env:
    - name: APP_USER
      valueFrom:
        secretKeyRef:
          name: secret2
          key: user
    - name: APP_PASS
      valueFrom:
        secretKeyRef:
          name: secret2
          key: pass
  volumes:
  - name: secret
    secret:
      secretName: secret1

Apply:

kubectl apply -f po.yaml

Verify:

kubectl -n secret exec -it secret-pod -- ls /tmp/secret1
kubectl -n secret exec -it secret-pod -- env | grep APP_