Sample EX180 exam and answers

Sample questions and answers for EX180. This exam was created by someone. I found on the internet. This SAMPLE exam is based on exam objectives, doesn't contain any questions related to real exam. This's educational purposes only. Sample exam questions can be found HERE.

Setup

1. Before you start, make sure you have a quay.io account.
2. Clone this repo: git clone https://github.com/FWSquatch/do180-practice
3. Change directory: cd do180-practice
4. Fire up the VMs: vagrant up
5. You will now have 2 VMs:

  • workstation.do180.lab - 192.168.88.4
  • registry.do180.lab - 192.168.88.5

6. Login to the workstation machine with ssh vagrant@192.168.88.4 and complete the following tasks:

Solutions:

Task 1

Install podman on the workstation machine and add registry:5000 as an insecure registry. Also make sure that podman searches this registry before trying any others.

Installing podman:

sudo yum install -ypodman

add registry:5000 as an insecure registry and make sure podman search shows this repo first:

sudo vi /etc/containers/registries.conf
...
[registries.search]
registries = ['registry.do180.lab:5000', 'registry.access.redhat.com', 'registry.redhat.io', 'docker.io', 'quay.io']
...
[registries.insecure]
registries = ['registry.do180.lab:5000']
...

Task 2

Pull the latest httpd image from the registry.do180.lab registry and run it as root it in the background with the following parameters:

  • Publish container port 80 on host port 8080
  • Attach the /web directory as a volume that maps to /usr/local/apache2/htdocs
  • Give the container the name reg-httpd
  • Make the container start as a service called reg-httpd.service.
[root@workstation ~]# sudo podman search httpd
INDEX            NAME                                                                          DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
do180.lab:5000   registry.do180.lab:5000/httpd 

Download the image

sudo podman pull registry.do180.lab:5000/httpd

Ensure /web directory exist and has correct selinux fcontext

[root@workstation ~]# semanage fcontext -a -t container_file_t "/web(/.*)?"
[root@workstation ~]# restorecon -R -v /web

Create and start the container:

sudo podman run --name=reg-httpd -d -p 8080:80 -v  /web:/usr/local/apache2/htdocs registry.do180.lab:5000/httpd
# sudo podman ps
CONTAINER ID  IMAGE                                 COMMAND           CREATED         STATUS             PORTS                 NAMES
1cf027da3088  registry.do180.lab:5000/httpd:latest  httpd-foreground  27 seconds ago  Up 27 seconds ago  0.0.0.0:8080->80/tcp  reg-httpd

Check the webservice:

[root@workstation ~]# curl localhost:8080
DO180 Practice Website
Welcome to DO180 Practice Website
This is a simple example page

Generate systemd unit file in order to container start automatically as a service

a) check the man page:

man podman-generate-systemd

b) generate systemd file:

# podman generate systemd -n -f reg-httpd
/root/container-reg-httpd.service
# mv /root/container-reg-httpd.service /etc/systemd/system/reg-httpd.service
sudo systemctl daemon-reload

c) test:

# systemctl start reg-httpd.service
# systemctl status reg-httpd.service
● reg-httpd.service - Podman container-reg-httpd.service
   Loaded: loaded (/etc/systemd/system/reg-httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2021-07-22 05:54:54 UTC; 1s ago

Task 3

Pull the latest version of the mariadb image from the registry on registry.do180.lab. Run a container in the background with the following parameters:

  • Give the container the name of testql
  • Publish port 3306.
  • Set the following environment variables:
  • MYSQL_USER: duffman
  • MYSQL_PASSWORD: saysoyeah
  • MYSQL_ROOT_PASSWORD: SQLp4ss
  • MYSQL_DATABASE: beer
  • Connect to your database as the root user and check for the existence of the beer database:
echo “show databases;” | mysql -uduffman -h 192.168.88.4 -psaysoyeah
  • Run the command located in /sql/beer.sql to insert values into the database.
mysql -uroot -h 192.168.88.4 -pSQLp4ss < /sql/beer.sql
# sudo podman search mariadb
INDEX            NAME                                                           DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
do180.lab:5000   registry.do180.lab:5000/mariadb

download the image:

# sudo podman pull registry.do180.lab:5000/mariadb

Start the container:

# sudo podman run --name=testql -d -p 3306:3306 \
> -e MYSQL_USER=duffman -e MYSQL_PASSWORD=saysoyeah -e MYSQL_ROOT_PASSWORD=SQLp4ss \
> -e MYSQL_DATABASE=beer registry.do180.lab:5000/mariadb
# sudo podman ps
# sudo podman ps
CONTAINER ID  IMAGE                                   COMMAND           CREATED         STATUS             PORTS                   NAMES
1d2878a610cf  registry.do180.lab:5000/mariadb:latest  mysqld            5 seconds ago   Up 5 seconds ago   0.0.0.0:3306->3306/tcp  testql

Connect to your database as the root user and check for the existence of the beer database:

# echo "show databases;" | mysql -uduffman -h 192.168.88.4  -psaysoyeah
Database
beer
information_schema

insert values into the database

mysql -uroot -h 192.168.88.4 -pSQLp4ss < /sql/beer.sql

Task 4

Use skopeo to find all of the tags associated with httpd on the registry.do180.lab server. Create and run a container with the following parameters:

  • Use an httpd image from registry.do180.lab that is NOT tagged with latest
  • Publish port 80 on 8008
  • Give the container the name alp-httpd
  • Run the container in detached mode

Inspect all tags

# man skopeo-inspect
# skopeo inspect docker://registry.do180.lab:5000/httpd 
{
    "Name": "registry.do180.lab:5000/httpd",
    "Digest": "sha256:fd54136dc090c0de9a65f7d4e31f18864b7a13db852a58e14899bbee84188837",
    "RepoTags": [
        "latest",
        "2.4-alpine"

Create and start container:

# sudo podman run --name=alp-httpd \
> -d -p 8008:80 registry.do180.lab:5000/httpd:2.4-alpine
# sudo podman ps
CONTAINER ID  IMAGE                                     COMMAND           CREATED         STATUS             PORTS                   NAMES
ad5a760e4af7  registry.do180.lab:5000/httpd:2.4-alpine  httpd-foreground  25 seconds ago  Up 24 seconds ago  0.0.0.0:8008->80/tcp    alp-httpd

Task 5

Do the following with your newly created alp-httpd container:

  • Execute an interactive shell (/bin/sh) in the alp-httpd container
  • Change the text in /usr/local/apache2/htdocs/index.html from “It works!” to “It Twerks!”
  • Use curl to test your changes.
  • Commit the container to an image named registry:5000/httpd:twerks.
  • Push your new image to the registry server (you can check this by visiting http://registry.do180.lab -- the page updates every minute)
  • Kill your alp-httpd container and run a new one based on the twerks image using port 8008. Name it tw-httpd.

start /bin/sh:

sudo podman exec -it alp-httpd /bin/sh

Change the text in /usr/local/apache2/htdocs/index.html from “It works!” to “It Twerks!”

/usr/local/apache2 # vi /usr/local/apache2/htdocs/index.html 
test:
[root@workstation ~]# curl localhost:8008
<html><body><h1>It Twerks!</h1></body></html>

Commit the container to an image:

# man podman-commit
# sudo podman commit -q ad5a760e4af7 registry:5000/httpd:twerks
26c5f69ff4b8c8b8b9ddd823c7014bef225d4090e8d728325abd4052618e9788
# sudo podman images
REPOSITORY                        TAG          IMAGE ID       CREATED         SIZE
registry:5000/httpd               twerks       26c5f69ff4b8   5 seconds ago   57.1 MB
sudo podman push registry:5000/httpd:twerks registry.do180.lab:5000/httpd:twerks

Create a new container from new image:

sudo podman stop alp-httpd
sudo podman run --name=tw-httpd -d -p 8008:80 registry.do180.lab:5000/httpd:twerks
sudo podman ps
CONTAINER ID  IMAGE                                   COMMAND           CREATED            STATUS                PORTS                   NAMES
c0aa39d545dd  registry.do180.lab:5000/httpd:twerks    httpd-foreground  4 seconds ago      Up 4 seconds ago      0.0.0.0:8008->80/tcp    tw-httpd
...
# curl localhost:8008
<html><body><h1>It Twerks!</h1></body></html>

Task 6

Use the incomplete file located at /dockerfiles/nginx/Dockerfile to create a new image. It must meet these requirements:

  • Pull from centos:8
  • Install nginx
  • Publish port 80 to the outside world
  • Copy index.html and duffman.png into /usr/share/nginx/html directory
  • Run the command nginx -g daemon off
  • Tag this image as quay.io/YOURUSERNAME/duff-nginx:1.0 and push it to your quay.io account.
  • Run a container in detached mode named duffman that publishes port 80 to 8989. Test it with curl localhost:8989.

go to the folder:

# cd /dockerfiles/nginx/

edit the Dockerfile:

# cat Dockerfile 
FROM centos:8

RUN yum update -y && yum install -y nginx && yum clean all

EXPOSE 80

COPY ./index.html /usr/share/nginx/html

COPY ./duffman.png /usr/share/nginx/html

CMD ["nginx", "-g", "daemon off;"]

Start image building process:

# man podman-build
# podman build --layers=false -t duff-nginx .

tag the image as requested:

podman tag duff-nginx quay.io/hamidulla/duff-nginx:1.0
# sudo podman images
REPOSITORY                        TAG          IMAGE ID       CREATED              SIZE
localhost/duff-nginx              latest       8dd6acc9be1c   About a minute ago   569 MB
quay.io/hamidulla/duff-nginx      1.0          8dd6acc9be1c   About a minute ago   569 MB

login to your quay.io account

# podman login quay.io
Username: hamidulla
Password: 
Login Succeeded!

Push to the repo:

sudo podman push quay.io/hamidulla/duff-nginx:1.0

Start container:

# podman run --name=duffman -d -p 8989:80 quay.io/hamidulla/duff-nginx:1.0

Test:

# curl localhost:8989
<HTML>
<head>
<title>Nginx Practice Website</title>
</head>
<body>
  <div align="center">
    <H2>Welcome to DO180 Practice Website</H2>
    <p>This is a simple nginx page</p>
	<img src="duffman.png">
  </div>
</body>
</HTML>

Task 7

Use the incomplete files located in /dockerfiles/mosquitto/Dockerfile to create a new image. Use the comments in the Dockerfile to guide you through creating an image that meets the following requirements:

  • Use the centos 7 base image
  • Add your maintainer info
  • Create a user named duffman
  • Install epel-release and mosquitto (epel-release must be installed first)
  • Create a /colors directory using colors.tar
  • Move skeeter.sh over to /skeeter.sh
  • Make skeeter.sh executable
  • Allows connections to port 1883
  • Switch to the duffman user
  • Run the skeeter.sh script
  • Build your image with a tag of skeeter:1.0. Run a container in detached mode named mosquitto-1 that publishes port 1883 on port 11883.

You can test your container by running

mosquitto_sub -h 127.0.0.1 -p 11883 -t “#”. 

If your container is working correctly, every 3 seconds you will see:

Fri Mar 19 15:03:10 UTC 2021 (a timestamp)
purple (a random color)
duffman (the user running the script)
# cd /dockerfiles/mosquitto/
# ll
total 28
-rw-r--r--. 1 root root 20480 Jul 22 05:08 colors.tar
-rw-r--r--. 1 root root   375 Jul 22 05:08 Dockerfile
-rw-r--r--. 1 root root   336 Jul 22 05:08 skeeter.sh

edit the Dockerfile:

# cat Dockerfile 
FROM centos:7
MAINTAINER Hamidulla hamidulla@example.com
RUN useradd -ms /bin/sh duffman
RUN yum install -y epel-release && yum install -y mosquitto
ADD ./colors.tar /
COPY ./skeeter.sh /skeeter.sh
RUN chmod +x /skeeter.sh
EXPOSE 1883
USER duffman
CMD ["/skeeter.sh"]

Build an image using Dockerfile:

# sudo podman build --layers=false -t skeeter:1.0 .^C
# sudo podman images
REPOSITORY                        TAG          IMAGE ID       CREATED              SIZE
localhost/skeeter                 1.0          c569a9c56d56   About a minute ago   380 MB

Run a container in detached mode named mosquitto-1 that publishes port 1883 on port 11883:

# sudo podman run --name=mosquitto-1 -d -p 11883:1883 localhost/skeeter:1.0
0fe59271aa25f052ab755fea1261595953b88042c02ca9162b74a4513c038c81
# sudo podman ps
CONTAINER ID  IMAGE                                   COMMAND               CREATED        STATUS            PORTS                    NAMES
0fe59271aa25  localhost/skeeter:1.0                   /skeeter.sh           4 seconds ago  Up 4 seconds ago  0.0.0.0:11883->1883/tcp  mosquitto-1

Test:

# mosquitto_sub -h 127.0.0.1 -p 11883 -t "#"
Thu Jul 22 16:10:15 UTC 2021
purple
duffman
Thu Jul 22 16:10:25 UTC 2021
green
duffman
Thu Jul 22 16:10:35 UTC 2021
black
duffman

End of the exam