Will this command list all nodes in a swarm cluster from the command line?Solution: `docker Is -a'
Answer(s): B
The command docker Is -a does not list all nodes in a swarm cluster from the command line, but rather lists all containers, both running and stopped, on the current node. To list all nodes in a swarm cluster, you need to use the command docker node ls from a manager node. This command shows the node ID, hostname, status, availability, and manager status for each node in the swarm. You can also use the --filter option to filter the output based on various criteria.
Docker Documentation, docker node ls
Is this a type of Linux kernel namespace that provides container isolation?Solution: Storage
= Storage is not a type of Linux kernel namespace that provides container isolation. Linux namespaces are a feature of the Linux kernel that partitions kernel resources such that one set of processes sees one set of resources while another set of processes sees a different set of resources. The feature works by having the same namespace for a set of resources and processes, but those namespaces refer to distinct resources. Since kernel version 5.6, there are 8 kinds of namespaces:mount, UTS, IPC, PID, network, user, cgroup, and time. Each kind of namespace isolates a different aspect of the system, such as file system mounts, host and domain names, inter-process communication, process IDs, network interfaces, user and group IDs, cgroups, and system time.Storage is not one of them.
1: Linux namespaces - Wikipedia2: Namespaces -- The Linux Kernel documentation
Is this a type of Linux kernel namespace that provides container isolation?Solution: Network
Answer(s): A
Network is a type of Linux kernel namespace that provides container isolation. Network namespaces isolate the system resources associated with networking, such as network interfaces, IP addresses, routing tables, firewall rules, etc. Each network namespace has its own virtual network stack, and processes in different network namespaces can communicate through virtual network devices or tunnels. Network namespaces are used by Docker to create isolated networks for containers, and allow users to customize the network configuration and connectivity of each container.
network_namespaces(7) - Linux manual pageDocker network overview | Docker Documentation
Is this a type of Linux kernel namespace that provides container isolation?Solution: Authentication
= Authentication is not a type of Linux kernel namespace that provides container isolation. Namespaces are a feature of the Linux kernel that partitions kernel resources such that one set of processes sees one set of resources and another set of processes sees a different set of resources. Docker uses six different namespaces to isolate containers from the host and from each other: PID, USER, UTS, IPC, MNT, and NET12. Authentication is not one of them. Authentication is a process of verifying the identity of a user or a system, which is usually done by using credentials such as passwords, tokens, or certificates. Authentication does not directly affect the isolation of containers, although it can be used to control access to them.
Docker security | Docker DocsSecuring Docker Containers with Linux Kernel Features | Infosec
Post your Comments and Discuss Docker DCA exam with other Community members:
Simon Commented on December 13, 2024 guys waht do you think about this dump? Anonymous
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the DCA content, but please register or login to continue.