Tips: - `export do="--dry-run=client -o yaml" # k create deploy nginx --image=nginx $do` - `export now="--force --grace-period 0" # k delete pod x $now` - Q2: Use the `nodeSelector` `node-role.kubernetes.io/control-plane: ""` object to select a control plane by label. - I knew to use this label but didn't know how to select it by the label since it is an empty label. - Q3: For this one I forgot to check the `statefuleSet`objects. Next time I need to ensure I check them along with `ds` & `deploy` - Q4: - Part1-A: for the `true` command it shows I should have used single quotes. - Part1-B: I need to remember to use `/bin/sh` & `-c` for executing commands. Otherwise it will fail... - Q7: for `k top pods` there is a `--containers=true` option to show the containers themselves along with the pods. - Q10: make sure to use `system:serviceaccount:$SA` when testing service accounts via `k auth can-i get $OBJ --as=system:serviceaccount:$SA` - Q24: ``` # 24_np.yaml apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: np-backend namespace: project-snake spec: podSelector: matchLabels: app: backend policyTypes: - Egress # policy is only about Egress egress: - # first rule to: # first condition "to" - podSelector: matchLabels: app: db1 ports: # second condition "port" - protocol: TCP port: 1111 - # second rule to: # first condition "to" - podSelector: matchLabels: app: db2 ports: # second condition "port" - protocol: TCP port: 2222 ``` - Reference DS for scheduling on all nodes including control plane nodes.