Certified Kubernetes Security Specialist Challenge Series

Alistair_KodeKloud · July 7, 2022, 6:24am

Seems you missed the first line of the yaml…

apiVersion: networking.k8s.io/v1

Without that you should have received this and the policy not created

error: error validating "netpol.yaml": error validating data: apiVersion not set; if you choose to ignore these errors, turn validation off with --validate=false

Upon adding the api version and applying, the answer is marked correct

philipsmit · July 7, 2022, 2:12pm

Thanks. This might have just been a copy and paste error. the network policy object was created successfully, however marked incorrect…
I’ll try it again, and report back. Thanks again

philipsmit · July 7, 2022, 6:50pm

yes, the following is marked as incorrect

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: prod-netpol
  namespace: prod
spec:
  podSelector: {}
  policyTypes:
    - Ingress
  ingress:
    - from:
        - namespaceSelector:
            matchLabels:
              kubernetes.io/metadata.name: prod

kk-netpol

any ideas?

Alistair_KodeKloud · July 7, 2022, 8:38pm

Well that is odd. I just put in exactly what you have provided above, and I get green for prod-netpol

serinsusansunny · August 28, 2022, 8:03am

All the individual tasks are passed but challenge is failed. Question says to expose NodePort service and inside the service specification, it is mentioned ClusterIP. All green but task not complete!!! Tried both services ClusterIP and NodePort.

Alistair_KodeKloud · August 28, 2022, 8:32am

Hi @serinsusansunny

Click on the red arrow. It may reveal an additional task.

serinsusansunny · August 28, 2022, 9:10am

Yes. Sorry, my bad. Forgot the apparmor addition.