This lab provides practice scenarios to help prepare you for the Certified Kubernetes Security Specialist (CKS) exam. You will be presented with tasks to complete, as well as server(s) and/or an existing Kubernetes cluster to complete them in. You will need to use your knowledge of Kubernetes to successfully complete the provided tasks, much like you would on the real CKS exam. Good luck!
Successfully complete this lab by achieving the following learning objectives:
- Use Trivy to Scan the Images Used in Pods
Scan all of the images used by Pods in the
Feel free to consult the Trivy documentation.
Note: Trivy is already installed on the control plane node only.
Older versions of Trivy use a command like
trivy [image name]to scan an image. This environment uses a newer version where you must specify that you want to scan an image. The command looks like
trivy image [image name].
- Delete Pods That Have Container Images with Severe Vulnerabilities
Delete any Pods in the
sunnydalenamespace that have high or critical-level vulnerabilities. Feel free to use
--force, as these Pods do not need to shift down gracefully.