Thank you Ritika, glad you liked it :)

Welcome :)

Hello sir today I had given CKA exam...😢but their were lot of issues like it was lagging very much i was not able to finish it . I got a question to create a network policy for the pod in a namespace to access another pods in another namespace on port 8443 ...but when i checked the pods their were no labels..

Could you please tell me how can we do that?

@@akhilagarwal-wj3pk when you dont have lables on the pods and you need to provide access across namespaces, then you can allow for the whole namespace - the example is there in the documentation itself - kubernetes.io/docs/concepts/services-networking/network-policies/

Welcome brother!!

yes, if they have given the path for cert and key, use them. Since they did not give you the data directory, just use the same directory as before, or create a path of your own, that does not matter.

@@InfiniteLinux Thank you for the reply.

Good question - so snapshot save command assume that you are backing up a local etcd cluster - in case you are not, I think you would have to pass the endpoint parameter even while taking the backup and same thing goes for the restore process as well

Since I used the same data directory, I didn't need to update the yaml

sorry I didn't understand the question but I think you are saying that they gave you a backup and a data dir right. So yes, you would have to modify the data dir in etcd.yaml file and while using etcdctl restore command you would have to use the backup they have provided

@InfiniteLinux Thank you for your replay. Apologize for the inconvenience. Yes they have given the path and having a backup in it for the restoration. Now as in video you have run the command rm -rf /data-dir-path. If we do the same thing in exam the backup will be removed right. Just confirm we need to follow 2 steps. 1) Update the data-dir path according to given one in etcd.yaml file. 2) Move the backup to any location before running that rm -rf command. Then, restore it finally. Am I correct?

@@sajjadanwer4703 data-dir is basically where etcd stores its data and backup you can take at any location using the etcdctl snapshot command

yes, you can add comma separated entries

noted with thanks@@InfiniteLinux

for that particular cluster - yes

Also will the question ask to do it on base node and then SCP to master node , also what to do when that command is not installed

@@nithinjohn135 so you will have access to a workstation node, from which you can ssh onto any node (master or worker) using the ssh command - I don't think there would be a scenario where a command you want is not present

what do you want me to cover in that series, im not doing kubernetes because every tom dick and harry is creating content on it :)

For etcd backup and store - you need to ssh on to the kubernetes master node

@InfiniteLinux if i need to ssh node.. the. Do I still need to use endpoint. Thanks for replying... Somewhere i saw in question mentioned there was no need to change any context configuration and and need to exit from master node.

@@sameerhamid453 endpoint is basically a way of telling where the etcd cluster is running, in this case we were running it locally, so I think even if you don't give the endpoint, that should work but in actual system, etcd is mostly run outside the cluster so you need to tell etcdctl about the endpoint

Nope, because you need to authenticate with ETCD cluster, that command would work if there is no authentication required.

@@InfiniteLinux ah , makes sense. Thanks

@@InfiniteLinux actually I found another answer to that question. So it appears it is not necessary to use certificates for restore as it doesn't connect to the etcd server Note that for restore on single etcd node clusters such as those found in the exam, it is not necessary to use the certificate arguments, since all the restore is doing is creating a directory. It does not need to communicate with the etcd server - which may even not be running if the exam deliberately sets it up with a corrupt database. You would only use certs and some additional arguments when restoring a broken node into what is left of a multi-node etcd, which is beyond the scope of CKA.

yes, you have to modify the etcd manifest as well