Question 6 on Mock exam number 2

hellolin324 · November 18, 2020, 2:37am

Hi there, I wonder if anyone has ran into a problem where kubectl is complaining about “error: tls: failed to find any PEM data in certificate input” when I ran the command “kubectl auth can-i delete pods --namespace=development --as=john” to test if the permission has been set properly? I believe it has something to do with my cert file that I created, which is below in a file called john.crt:

Somehow kubectl is having trouble parsing it. Can someone point me to the right direction please?

Tej-Singh-Rana · November 19, 2020, 9:06am

Hello, @hellolin324
Can you please tell me what steps did you follow?

Tej-Singh-Rana · November 19, 2020, 9:24am

First create CSR file with name “john-developer”
Create a CSR file with signerName
Create a role “developer” and to bind with the user “john”, create a rolebinding “john-rolebinding” name could be anything for rolebinding.
Then check for the permission and the easiest way you already knew.

$ kubectl auth can-i get pods -n development --as john

Tej-Singh-Rana · November 19, 2020, 9:25am

I just tested now and everything is working as expectations. Please try again.
You can find the related content docs in the below links.
RBAC
CSR

emman_ednaco · November 28, 2020, 7:46pm

solution videos for mock exam 2 seems outdated especially for questions 6 and 7. I did found the right answers/ methods by going through the docs and with help of the some answers here. Hopefully admin will update the solution video for mock exam 2

hellolin324 · November 28, 2020, 9:40pm

I agree, seems to be outdated and not detail enough, I hope someone make a formal ticket on this. Not a huge deal but would be nice to make it better, thanks!