What should I know about the ex280 exam practice questions & answers
Click here to get other ex280 premium exam practice questions and answers
If you need some other practice questions that are not listed here, feel free to send an email to info@tekneed.com, and we will let you know if we have them or not.
Setup a Lab by clicking here
ex280 Exam Practice Question 18
As the cluster administrator with the username, “kubeadmin” and password, ” LumDI-t5jjd-ciyWk-wKsoe”.
Perform the following operations.
NOTE: you can login with (oc login -u kubeadmin -p LumDI-t5jjd-ciyWk-wKsoe https://api.crc.testing:6443)
– create two groups, frontend-group and backend-group
– create six users, tekneed3, tekneed4, tekneed5, tekneed6, tekneed7, and tekneed8 users. They must all have the password, “open”
[NOTE: Update the already existing HTpasswd authentication file in /tmp/htpassword to create the users. Also use/create a secret with the name, “htpassword-secret” from /tmp/htpassword file.]
-The users, tekneed5, and tekneed6 must belong to the frontend-group, and the users, tekneed7, and tekneed8 must belong the backend-group
-create a project, “open-compute” project
-grant the user, tekneed4, project administration privileges on the open-compute project
– give the group, frontend-group read privileges, and the group, backend-group write privileges for the open-compute project
-grant the user, tekneed3 a cluster admin user
Answer
1. Login to the cluster
[victor@sno ~]$ oc login -u kubeadmin -p i4obN-b3jWo-hj82d-rZHLb
Login successful.
You have access to 67 projects, the list has been suppressed. You can list all projects with 'oc projects'
Using project "default".2. create the two groups.
[victor@sno ~]$ oc adm groups new frontend-group
group.user.openshift.io/frontend-group created
[victor@sno ~]$ oc adm groups new backend-group
group.user.openshift.io/backend-group created3. Verify that the groups have been created
[victor@sno ~]$ oc get groups
NAME USERS
backend-group
frontend-group4. create the users
*you can view the existing file already in /tmp/htpassword
[victor@sno ~]$ cat /tmp/htpassword
tekneed1:$apr1$9av9vl1X$PQqzv/AqEswZQoJqR86e2/
tekneed2:$apr1$dqwzrtyz$fEKau5yHQjyX.7klD9hao/*create the users
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed3 open
Adding password for user tekneed3
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed4 open
Adding password for user tekneed4
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed5 open
Adding password for user tekneed5
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed6 open
Adding password for user tekneed6
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed7 open
Adding password for user tekneed7
[victor@sno ~]$ htpasswd -b /tmp/htpassword tekneed8 open
Adding password for user tekneed85. Verify that the users have been created.
[victor@sno ~]$ cat /tmp/htpassword
tekneed1:$apr1$9av9vl1X$PQqzv/AqEswZQoJqR86e2/
tekneed2:$apr1$dqwzrtyz$fEKau5yHQjyX.7klD9hao/
tekneed3:$apr1$eMvkoUVJ$tkqWm3.4zkpJTtJQg.mR21
tekneed4:$apr1$y19G58eu$0oYA15lw3X8epAWRSQOPs0
tekneed5:$apr1$TbgBDP0a$.t2td3KP3KCLwx2OTM6Hb1
tekneed6:$apr1$bpkuO8Ka$6lRMiRoyPj0fMSShLNbjT0
tekneed7:$apr1$Yh29LNJ5$73E7P2U1KMjW6NIavlSwH1
tekneed8:$apr1$lUfhJL/n$n4tuArUkp7Smta7pkG6ut16. create a secrete for the /tmp/htpassword file
[victor@sno ~]$ oc create secret generic htpassword-secret --from-file htpasswd=/tmp/htpassword -n openshift-config
secret/htpassword-secret created7. Update the oauth server (oauth resource yaml manifest configuration file)
*extract the existing oauth resource yaml manifest config file
victor@sno ~]$ oc get oauth cluster -o yaml > oauth.yaml*Edit the file and include the information from the /tmp/htpassword living in the secret, htpassword-secret
[victor@sno ~]$ vi oauth.yaml
.......
- htpasswd:
fileData:
name: htpassword-secret
mappingMethod: claim
name: allusers
type: HTPasswd
..........
*update the oauth server/resource with the new information
[victor@sno ~]$ oc replace -f oauth.yaml
oauth.config.openshift.io/cluster replaced8. Try loggingg in as one of the users created.
[victor@sno ~]$ oc login -u tekneed4 -p open
Login successful.
You don't have any projects. You can try to create a new project, by running
oc new-project <projectname>
NB: You can watch the video on how we carried out some other tests.
9. You can also verify by using the “oc get” command.
NOTE: if you haven’t logged in with the user account for the first time, you may not see the users when you list them with the commands below.
[victor@sno ~]$ oc get users
NAME UID FULL NAME IDENTITIES
developer 24b0c61d-2e67-44f5-86cb-56896c5488fc developer:developer
kubeadmin 2eca97e7-277c-4aa4-a963-7ea45b3b4665 developer:kubeadmin
tekneed4 d148ad64-15e4-4e49-812a-b17b7fcb528a allusers:tekneed4
[victor@sno ~]$ oc get identity
NAME IDP NAME IDP USER NAME USER NAME USER UID
allusers:tekneed4 allusers tekneed4 tekneed4 d148ad64-15e4-4e49-812a-b17b7fcb528a
developer:developer developer developer developer 24b0c61d-2e67-44f5-86cb-56896c5488fc
developer:kubeadmin developer kubeadmin kubeadmin 2eca97e7-277c-4aa4-a963-7ea45b3b466510. Add the users, tekneed5 and tekneed6 to the front-end group
[victor@sno ~]$ oc adm groups add-users frontend-group tekneed5
group.user.openshift.io/frontend-group added: "tekneed5"
[victor@sno ~]$ oc adm groups add-users frontend-group tekneed6
group.user.openshift.io/frontend-group added: "tekneed6"11. Add the users, tekneed7 and tekneed8 to the back-end group
[victor@sno ~]$ oc adm groups add-users backend-group tekneed7
group.user.openshift.io/backend-group added: "tekneed7"
[victor@sno ~]$ oc adm groups add-users backend-group tekneed8
group.user.openshift.io/backend-group added: "tekneed8"12. Verify that the users have been added to the group
[victor@sno ~]$ oc get groups
NAME USERS
backend-group tekneed7, tekneed8
frontend-group tekneed5, tekneed613. create the project, open-compute
[victor@sno ~]$ oc new-project open-compute
Now using project "open-compute" on server "https://api.crc.testing:6443".
...................
14. grant the user, tekneed4 an admin privilege for the open-compute project
[victor@sno ~]$ oc policy add-role-to-user admin tekneed4
clusterrole.rbac.authorization.k8s.io/admin added: "tekneed4"NOTE: You can also include the namespace at the end of the command. I did not include it because I am currently using the open-compute namespace.
15. grant the frontend-group read permission in the open-compute project
[victor@sno ~]$ oc policy add-role-to-group view frontend-group
clusterrole.rbac.authorization.k8s.io/view added: "frontend-group"
16. grant the backend-group write permission in the open-compute project
[victor@sno ~]$ oc policy add-role-to-group edit backend-group
clusterrole.rbac.authorization.k8s.io/edit added: "backend-group"17. grant the user tekneed3, a cluster admin user privilege
[victor@sno ~]$ oc adm policy add-cluster-role-to-user cluster-admin tekneed3
Warning: User 'tekneed3' not found
clusterrole.rbac.authorization.k8s.io/cluster-admin added: "tekneed3"NB: you are getting the warning because we haven’t logged in to the cluster with user, tekneed3 for the first time
18. Review all the role bindings in the open-compute project.
[victor@sno ~]$ oc get rolebindings -o wide
NAME ROLE AGE USERS GROUPS SERVICEACCOUNTS
admin ClusterRole/admin 5m31s kubeadmin
admin-0 ClusterRole/admin 4m11s tekneed4
edit ClusterRole/edit 105s back-end
system:deployers ClusterRole/system:deployer 5m31s open-compute/deployer
system:image-builders ClusterRole/system:image-builder 5m31s open-compute/builder
system:image-pullers ClusterRole/system:image-puller 5m31s system:serviceaccounts:open-compute
view ClusterRole/view 2m52s fron-end
view-0 ClusterRole/view 2m46s front-end
Solution Summary
# oc login -u kubeadmin -p i4obN-b3jWo-hj82d-rZHLb
# oc adm groups new frontend-group
# oc adm groups new backend-group
# oc get groups
# cat /tmp/htpassword
# htpasswd -b /tmp/htpassword tekneed3 open
# htpasswd -b /tmp/htpassword tekneed4 open
# htpasswd -b /tmp/htpassword tekneed5 open
# htpasswd -b /tmp/htpassword tekneed6 open
# htpasswd -b /tmp/htpassword tekneed7 open
# htpasswd -b /tmp/htpassword tekneed8 open
# cat /tmp/htpassword
# oc create secret generic htpassword-secret --from-file htpasswd=/tmp/htpassword -n openshift-config
# oc get oauth cluster -o yaml > oauth.yaml
# vi oauth.yaml
# oc replace -f oauth.yaml
# oc get pods -n openshift-authentication
# oc get users
# oc get identity
# oc adm groups add-users frontend-group tekneed5
# oc adm groups add-users frontend-group tekneed6
# oc adm groups add-users backend-group tekneed7
# oc adm groups add-users backend-group tekneed8
# oc get groups
# oc new-project open-compute
# oc policy add-role-to-user admin tekneed4
# oc policy add-role-to-group view frontend-group
# oc policy add-role-to-group edit backend-group
# oc adm policy add-cluster-role-to-user cluster-admin tekneed3
# oc get rolebindings -o wide
Click here to get other ex280 premium exam practice questions and answers
Setup your Lab by clicking here
Watch Video on ex280 exam practice questions & answer 18
Your feedback is welcomed. If you love others, you will share with others
Is there any possibility to Get DO188 examp dump
Please send an email to info@tekneed.com
Thank you.
I passed my ex280 exam. Thank you for your support as always!
me podrias decir que tan dificil es? si vienen mas preguntas aparte de estas que menciona el blog? o con estas es suficiente?
Hi Cloe,
Can you share the set of questions that are present in the exam please?
Hi Cloe, Could you please share the set of questions in exam
It was a tough exam but I was able to pass by your practice questions. You helped me a lot. Thank you team
Hi Paige,
Can you please share the set of questions that was present in the examination?
Can you please share ex280 practice questions?
Thank you Tekneed team. I passed the exam.
what version of the exam is this?
I have passed my exam yesterday. Tekneed is wonderful. Thank you guys.
Congratulations!!
Are these questions valid for ex280 4.12 or ex280 4.10 ?
We have both practice questions. 4.10 and 4.12
Hi David. how can I get the questions form ex280 4.12
would you please let us know the payment method if one want to buy the EX280 premium package
can you please send an email to info@tekneed.com.
Thank you.
I have passed my exam again with your premium contents. Thank you, victor & Tekneed
Great Job team, I practiced the questions multiple times & I passed. I also sent an update on question 11 to your email.
conngratulations Ryan SSD!
From your study materials to your practice questions, you are the best out there. Thank you for making me pass. My effort and sleepless nights did not waste because of you.