Lab
A Cloud Guru

Working with Kubernetes Admission Controllers

Kubernetes admission controllers act as gatekeepers by accepting or rejecting requests and can even alter (or mutate) requests to comply to the configuration set in the controller. In this hands-on lab, you will be challenged to enable an admission controller, create a new admission controller resource, edit existing resources, and deploy pods to the cluster while observing the impact the admission controllers have on the pods.

Try for free Contact sales

Path Info

Level

Intermediate

Duration

45m

Published

Mar 24, 2023

Challenge

Enable and Disable Admission Controllers
- Use a text editor to modify the kube-apiserver.yaml file.
  - Enable the ResourceQuota admission controller.
  - Disable the MutatingAdmissionWebhook admission controller.
- Validate that the kube-apiserver pod redeploys successfully by issuing a simple kubectl command (the pod can take several seconds to redeploy).
Challenge

Create and Edit Admission Controller Resources
- Use the kubectl command to edit the LimitRange object in the dev namespace.
  - Update the default CPU limit to be 500m and the memory limit to be 512Mi.
  - Update the default CPU request to be 250m and the memory request to be 128Mi.
- Create and deploy a ResourceQuota object to the test namespace using the following steps:
  - Create a manifest file called test-quota.yaml with the following specifications:
    
    Note: Performing a copy paste directly from the objective will result in additional spaces being added. To remove additional spaces, either copy to a text editor on your computer before copying to the file on the host or manually remove the spaces once you have copied the file.
```
apiVersion: v1
kind: ResourceQuota
metadata:
  name: test-quota
  namespace: test
spec:
  hard:
    requests.memory: 128Mi
    requests.cpu: 250m
    limits.memory: 512Mi
    limits.cpu: "1"
```
- Use kubectl to deploy the manifest file.
Challenge

Deploy Pods to the Cluster
- View the contents of the nginx-pod.yaml file in the /home/cloud_user directory (take note of any memory requests or limits, if they appear).
  - Use the kubectl command to deploy the manifest.
  - Use the kubectl command to print information about the pod in YAML format (pay attention to the requests and limits for memory and CPU).
- Edit the nginx-pod.yaml file and change the namespace to test and attempt to deploy the pod (take note of any output you receive).
- Edit the nginx-pod.yaml file and redeploy it to the test namespace.
  - Under the containers section, add a section for resources.
  - Under resources, add a section for limits and set memory to 256Mi and cpu to 500m.
  - Under resources, add a section for requests and set memory to 64Mi and cpu to 125m.
  - Use the kubectl command to deploy the nginx-pod.yaml (take note of any output).
  - Use the kubectl command to print information about the pod in YAML format (view the requests and limits).

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.