CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Docker
  5. DCA

Free DCA Exam Braindumps (page: 11)

Page 10 of 47
PDF with 183 Questions

You want to provide a configuration file to a container at runtime. Does this set of Kubernetes tools and steps accomplish this?

Solution: Turn the configuration file into a configMap object, use it to populate a volume associated with the pod, and mount that file from the volume to the appropriate container and path.

  1. Yes
  2. No

Answer(s): B

Explanation:

= Mounting the configuration file directly into the appropriate pod and container using the .spec.containers.configMounts key is not a valid way to provide a configuration file to a container at runtime. The .spec.containers.configMounts key does not exist in the Kubernetes API1. The correct way to provide a configuration file to a container at runtime is to use a ConfigMap. A ConfigMap is a Kubernetes object that stores configuration data as key-value pairs. You can create a ConfigMap from a file, and then mount the ConfigMap as a volume into the pod and container. The configuration file will be available as a file in the specified mount path. Alternatively, you can also use environment variables to pass configuration data to a container from a ConfigMap.


Reference:

PodSpec v1 core

Configure a Pod to Use a ConfigMap

Populate a Volume with data stored in a ConfigMap

Define Container Environment Variables Using ConfigMap Data



In Docker Trusted Registry, is this how a user can prevent an image, such as 'nginx:latest', from being overwritten by another user with push access to the repository?

Solution: Use the DTR web Ul to make all tags in the repository immutable.

  1. Yes
  2. No

Answer(s): B

Explanation:

n: = Using the DTR web UI to make all tags in the repository immutable is not a good way to prevent an image, such as `nginx:latest', from being overwritten by another user with push access to the repository. This is because making all tags immutable would prevent any updates to the images in the repository, which may not be desirable for some use cases. For example, if a user wants to push a new version of `nginx:latest' with a security patch, they would not be able to do so if the tag is immutable. A better way to prevent an image from being overwritten by another user is to use the

DTR web UI to create a promotion policy that restricts who can push to a specific tag or repository. Alternatively, the user can also use the DTR API to create a webhook that triggers a custom action when an image is pushed to a repository.


Reference:

Prevent tags from being overwritten | Docker Docs

Create webhooks | Docker Docs



Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run --add-volume /data /mydata -read-only ubuntu'

  1. Yes
  2. No

Answer(s): B

Explanation:

n: = Using the DTR web UI to make all tags in the repository immutable is not a good way to prevent an image, such as `nginx:latest', from being overwritten by another user with push access to the repository. This is because making all tags immutable would prevent any updates to the images in the repository, which may not be desirable for some use cases. For example, if a user wants to push a new version of `nginx:latest' with a security patch, they would not be able to do so if the tag is immutable. A better way to prevent an image from being overwritten by another user is to use the DTR web UI to create a promotion policy that restricts who can push to a specific tag or repository. Alternatively, the user can also use the DTR API to create a webhook that triggers a custom action when an image is pushed to a repository.


Reference:

Prevent tags from being overwritten | Docker Docs

Create webhooks | Docker Docs



Will this command mount the host's '/data' directory to the ubuntu container in read-only mode?

Solution: 'docker run -v /data:/mydata --mode readonly ubuntu'

  1. Yes
  2. No

Answer(s): B

Explanation:

= The command docker run -v /data:/mydata --mode readonly ubuntu is not valid because it has some syntax errors. The correct syntax for running a container with a bind mount is docker run [OPTIONS] IMAGE [COMMAND] [ARG...]. The errors in the command are:

The option flag for specifying the volume is --volume or -v, not -v. For example, -v /data:/mydata should be --volume /data:/mydata.

The option flag for specifying the mode of the volume is --mount, not --mode. For example, --mode readonly should be --mount type=bind,source=/data,target=/mydata,readonly.

The option flag for specifying the mode of the container is --detach or -d, not --mode. For example, -- mode readonly should be --detach.

The correct command for running a container with a bind mount in read-only mode is:

docker run --volume /data:/mydata --mount type=bind,source=/data,target=/mydata,readonly -- detach ubuntu

This command will run a container using the ubuntu image and mount the host's /data directory to the container's /mydata directory in read-only mode. The container will run in the background (-- detach).


Reference:

: docker run reference | Docker Documentation : [Use bind mounts | Docker Documentation]






Post your Comments and Discuss Docker DCA exam with other Community members:

DCA Discussions & Posts