Sample EX180 exam and answers
Sample questions and answers for EX180. This exam was created by someone. I found on the internet. This SAMPLE exam is based on exam objectives, doesn't contain any questions related to real exam. This's educational purposes only. Sample exam questions can be found HERE.
Setup
1. Before you start, make sure you have a quay.io account.
2. Clone this repo: git clone https://github.com/FWSquatch/do180-practice
3. Change directory: cd do180-practice
4. Fire up the VMs: vagrant up
5. You will now have 2 VMs:
- workstation.do180.lab - 192.168.88.4
- registry.do180.lab - 192.168.88.5
6. Login to the workstation machine with ssh vagrant@192.168.88.4 and complete the following tasks:
Solutions:
Task 1
Install podman on the workstation machine and add registry:5000 as an insecure registry. Also make sure that podman searches this registry before trying any others.
Installing podman:
sudo yum install -ypodman
add registry:5000 as an insecure registry and make sure podman search shows this repo first:
sudo vi /etc/containers/registries.conf ... [registries.search] registries = ['registry.do180.lab:5000', 'registry.access.redhat.com', 'registry.redhat.io', 'docker.io', 'quay.io'] ... [registries.insecure] registries = ['registry.do180.lab:5000'] ...
Task 2
Pull the latest httpd image from the registry.do180.lab registry and run it as root it in the background with the following parameters:
- Publish container port 80 on host port 8080
- Attach the /web directory as a volume that maps to /usr/local/apache2/htdocs
- Give the container the name reg-httpd
- Make the container start as a service called reg-httpd.service.
[root@workstation ~]# sudo podman search httpd INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED do180.lab:5000 registry.do180.lab:5000/httpd
Download the image
sudo podman pull registry.do180.lab:5000/httpd
Ensure /web directory exist and has correct selinux fcontext
[root@workstation ~]# semanage fcontext -a -t container_file_t "/web(/.*)?" [root@workstation ~]# restorecon -R -v /web
Create and start the container:
sudo podman run --name=reg-httpd -d -p 8080:80 -v /web:/usr/local/apache2/htdocs registry.do180.lab:5000/httpd
# sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1cf027da3088 registry.do180.lab:5000/httpd:latest httpd-foreground 27 seconds ago Up 27 seconds ago 0.0.0.0:8080->80/tcp reg-httpd
Check the webservice:
[root@workstation ~]# curl localhost:8080 DO180 Practice Website Welcome to DO180 Practice Website This is a simple example page
Generate systemd unit file in order to container start automatically as a service
a) check the man page:
man podman-generate-systemd
b) generate systemd file:
# podman generate systemd -n -f reg-httpd /root/container-reg-httpd.service # mv /root/container-reg-httpd.service /etc/systemd/system/reg-httpd.service sudo systemctl daemon-reload
c) test:
# systemctl start reg-httpd.service # systemctl status reg-httpd.service ● reg-httpd.service - Podman container-reg-httpd.service Loaded: loaded (/etc/systemd/system/reg-httpd.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2021-07-22 05:54:54 UTC; 1s ago
Task 3
Pull the latest version of the mariadb image from the registry on registry.do180.lab. Run a container in the background with the following parameters:
- Give the container the name of testql
- Publish port 3306.
- Set the following environment variables:
- MYSQL_USER: duffman
- MYSQL_PASSWORD: saysoyeah
- MYSQL_ROOT_PASSWORD: SQLp4ss
- MYSQL_DATABASE: beer
- Connect to your database as the root user and check for the existence of the beer database:
echo “show databases;” | mysql -uduffman -h 192.168.88.4 -psaysoyeah
- Run the command located in /sql/beer.sql to insert values into the database.
mysql -uroot -h 192.168.88.4 -pSQLp4ss < /sql/beer.sql
# sudo podman search mariadb INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED do180.lab:5000 registry.do180.lab:5000/mariadb
download the image:
# sudo podman pull registry.do180.lab:5000/mariadb
Start the container:
# sudo podman run --name=testql -d -p 3306:3306 \ > -e MYSQL_USER=duffman -e MYSQL_PASSWORD=saysoyeah -e MYSQL_ROOT_PASSWORD=SQLp4ss \ > -e MYSQL_DATABASE=beer registry.do180.lab:5000/mariadb # sudo podman ps # sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1d2878a610cf registry.do180.lab:5000/mariadb:latest mysqld 5 seconds ago Up 5 seconds ago 0.0.0.0:3306->3306/tcp testql
Connect to your database as the root user and check for the existence of the beer database:
# echo "show databases;" | mysql -uduffman -h 192.168.88.4 -psaysoyeah Database beer information_schema
insert values into the database
mysql -uroot -h 192.168.88.4 -pSQLp4ss < /sql/beer.sql
Task 4
Use skopeo to find all of the tags associated with httpd on the registry.do180.lab server. Create and run a container with the following parameters:
- Use an httpd image from registry.do180.lab that is NOT tagged with latest
- Publish port 80 on 8008
- Give the container the name alp-httpd
- Run the container in detached mode
Inspect all tags
# man skopeo-inspect
# skopeo inspect docker://registry.do180.lab:5000/httpd
{
"Name": "registry.do180.lab:5000/httpd",
"Digest": "sha256:fd54136dc090c0de9a65f7d4e31f18864b7a13db852a58e14899bbee84188837",
"RepoTags": [
"latest",
"2.4-alpine"Create and start container:
# sudo podman run --name=alp-httpd \ > -d -p 8008:80 registry.do180.lab:5000/httpd:2.4-alpine
# sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ad5a760e4af7 registry.do180.lab:5000/httpd:2.4-alpine httpd-foreground 25 seconds ago Up 24 seconds ago 0.0.0.0:8008->80/tcp alp-httpd
Task 5
Do the following with your newly created alp-httpd container:
- Execute an interactive shell (/bin/sh) in the alp-httpd container
- Change the text in /usr/local/apache2/htdocs/index.html from “It works!” to “It Twerks!”
- Use curl to test your changes.
- Commit the container to an image named registry:5000/httpd:twerks.
- Push your new image to the registry server (you can check this by visiting http://registry.do180.lab -- the page updates every minute)
- Kill your alp-httpd container and run a new one based on the twerks image using port 8008. Name it tw-httpd.
start /bin/sh:
sudo podman exec -it alp-httpd /bin/sh
Change the text in /usr/local/apache2/htdocs/index.html from “It works!” to “It Twerks!”
/usr/local/apache2 # vi /usr/local/apache2/htdocs/index.html
test: [root@workstation ~]# curl localhost:8008 <html><body><h1>It Twerks!</h1></body></html>
Commit the container to an image:
# man podman-commit # sudo podman commit -q ad5a760e4af7 registry:5000/httpd:twerks 26c5f69ff4b8c8b8b9ddd823c7014bef225d4090e8d728325abd4052618e9788 # sudo podman images REPOSITORY TAG IMAGE ID CREATED SIZE registry:5000/httpd twerks 26c5f69ff4b8 5 seconds ago 57.1 MB
sudo podman push registry:5000/httpd:twerks registry.do180.lab:5000/httpd:twerks
Create a new container from new image:
sudo podman stop alp-httpd
sudo podman run --name=tw-httpd -d -p 8008:80 registry.do180.lab:5000/httpd:twerks
sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c0aa39d545dd registry.do180.lab:5000/httpd:twerks httpd-foreground 4 seconds ago Up 4 seconds ago 0.0.0.0:8008->80/tcp tw-httpd ...
# curl localhost:8008 <html><body><h1>It Twerks!</h1></body></html>
Task 6
Use the incomplete file located at /dockerfiles/nginx/Dockerfile to create a new image. It must meet these requirements:
- Pull from centos:8
- Install nginx
- Publish port 80 to the outside world
- Copy index.html and duffman.png into /usr/share/nginx/html directory
- Run the command
nginx -g daemon off - Tag this image as quay.io/YOURUSERNAME/duff-nginx:1.0 and push it to your quay.io account.
- Run a container in detached mode named duffman that publishes port 80 to 8989. Test it with curl localhost:8989.
go to the folder:
# cd /dockerfiles/nginx/
edit the Dockerfile:
# cat Dockerfile FROM centos:8 RUN yum update -y && yum install -y nginx && yum clean all EXPOSE 80 COPY ./index.html /usr/share/nginx/html COPY ./duffman.png /usr/share/nginx/html CMD ["nginx", "-g", "daemon off;"]
Start image building process:
# man podman-build # podman build --layers=false -t duff-nginx .
tag the image as requested:
podman tag duff-nginx quay.io/hamidulla/duff-nginx:1.0 # sudo podman images REPOSITORY TAG IMAGE ID CREATED SIZE localhost/duff-nginx latest 8dd6acc9be1c About a minute ago 569 MB quay.io/hamidulla/duff-nginx 1.0 8dd6acc9be1c About a minute ago 569 MB
login to your quay.io account
# podman login quay.io Username: hamidulla Password: Login Succeeded!
Push to the repo:
sudo podman push quay.io/hamidulla/duff-nginx:1.0
Start container:
# podman run --name=duffman -d -p 8989:80 quay.io/hamidulla/duff-nginx:1.0
Test:
# curl localhost:8989
<HTML>
<head>
<title>Nginx Practice Website</title>
</head>
<body>
<div align="center">
<H2>Welcome to DO180 Practice Website</H2>
<p>This is a simple nginx page</p>
<img src="duffman.png">
</div>
</body>
</HTML>Task 7
Use the incomplete files located in /dockerfiles/mosquitto/Dockerfile to create a new image. Use the comments in the Dockerfile to guide you through creating an image that meets the following requirements:
- Use the centos 7 base image
- Add your maintainer info
- Create a user named duffman
- Install epel-release and mosquitto (epel-release must be installed first)
- Create a /colors directory using colors.tar
- Move skeeter.sh over to /skeeter.sh
- Make skeeter.sh executable
- Allows connections to port 1883
- Switch to the duffman user
- Run the skeeter.sh script
- Build your image with a tag of skeeter:1.0. Run a container in detached mode named mosquitto-1 that publishes port 1883 on port 11883.
You can test your container by running
mosquitto_sub -h 127.0.0.1 -p 11883 -t “#”.
If your container is working correctly, every 3 seconds you will see:
Fri Mar 19 15:03:10 UTC 2021 (a timestamp) purple (a random color) duffman (the user running the script)
# cd /dockerfiles/mosquitto/ # ll total 28 -rw-r--r--. 1 root root 20480 Jul 22 05:08 colors.tar -rw-r--r--. 1 root root 375 Jul 22 05:08 Dockerfile -rw-r--r--. 1 root root 336 Jul 22 05:08 skeeter.sh
edit the Dockerfile:
# cat Dockerfile FROM centos:7 MAINTAINER Hamidulla hamidulla@example.com RUN useradd -ms /bin/sh duffman RUN yum install -y epel-release && yum install -y mosquitto ADD ./colors.tar / COPY ./skeeter.sh /skeeter.sh RUN chmod +x /skeeter.sh EXPOSE 1883 USER duffman CMD ["/skeeter.sh"]
Build an image using Dockerfile:
# sudo podman build --layers=false -t skeeter:1.0 .^C # sudo podman images REPOSITORY TAG IMAGE ID CREATED SIZE localhost/skeeter 1.0 c569a9c56d56 About a minute ago 380 MB
Run a container in detached mode named mosquitto-1 that publishes port 1883 on port 11883:
# sudo podman run --name=mosquitto-1 -d -p 11883:1883 localhost/skeeter:1.0 0fe59271aa25f052ab755fea1261595953b88042c02ca9162b74a4513c038c81 # sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0fe59271aa25 localhost/skeeter:1.0 /skeeter.sh 4 seconds ago Up 4 seconds ago 0.0.0.0:11883->1883/tcp mosquitto-1
Test:
# mosquitto_sub -h 127.0.0.1 -p 11883 -t "#" Thu Jul 22 16:10:15 UTC 2021 purple duffman Thu Jul 22 16:10:25 UTC 2021 green duffman Thu Jul 22 16:10:35 UTC 2021 black duffman
End of the exam