Practice & Assessment
Test your understanding of Configuration and Storage
Multiple Choice Questions
5A ConfigMap is updated. A Pod mounts this ConfigMap as an environment variable. When will the Pod see the new value?
Which access mode allows multiple nodes to simultaneously read AND write to the same PersistentVolume?
You delete a StatefulSet named 'postgres' with 3 replicas. What happens to the PVCs created by its volumeClaimTemplates?
What security concern should you be aware of when using Kubernetes Secrets by default?
Which volume type should you use to share temporary data between a main container and a sidecar container in the same Pod?
Coding Challenges
1Deploy PostgreSQL with Persistent Storage and Secrets
Deploy a PostgreSQL 15 database using a StatefulSet with 1 replica. Store the POSTGRES_PASSWORD in a Secret (not hardcoded in the manifest). Use a PersistentVolumeClaim of 1Gi with ReadWriteOnce access mode for the data directory. Create a ConfigMap with POSTGRES_DB=appdb and POSTGRES_USER=appuser and inject these as env vars. Expose the database with a headless ClusterIP Service. Verify the deployment by connecting to the Pod using kubectl exec and running psql. Expected output: psql connects successfully and lists the appdb database. Time estimate: 25 minutes.
Mini Project
12-Factor Config Application
Deploy a two-container application (web: nginx:1.25, api: kennethreitz/httpbin) following 12-factor app config principles. Create a ConfigMap with all non-sensitive config (log level, port, api base URL). Create a Secret with a mock API key and database password. Inject config into both containers โ use envFrom for ConfigMap and individual secretKeyRef for sensitive values. Mount the ConfigMap also as a file at /etc/app/config.yaml. Add a debug emptyDir volume shared between both containers to simulate a log-sharing sidecar pattern. Write a shell script that creates all resources, verifies config injection by running kubectl exec env, and cleans up.