DEV Community

Cover image for CKS Challenge 1
Shahriyar Al Mustakim Mitul
Shahriyar Al Mustakim Mitul

Posted on

3

CKS Challenge 1

Glad that you have reached that far (vi restrictinbound.yaml) from our YouTube channel and now set this metada:

Image description

to app: alpha-xyz
Then apply it

k apply -f restrict-inbound.yaml
Enter fullscreen mode Exit fullscreen mode

k get networkpolicies.networking.k8s.io
Delete the busybox pod:

Image description
k delete po busybox --force
Now you might see this while pressing the check button.

Image description

Now copy this part from the apparmor page.

annotations:
    # Tell Kubernetes to apply the AppArmor profile "k8s-apparmor-example-deny-write".
    # Note that this is ignored if the Kubernetes node is not running version 1.4 or greater.
    container.apparmor.security.beta.kubernetes.io/hello: localhost/k8s-apparmor-example-deny-write
Enter fullscreen mode Exit fullscreen mode

Then go to here:
k edit deployments.apps alpha-xyz

after app: alpha-xyz, paste this part.

Image description
Then annotate it properly and then use nginx image here.

Image description

Moreover, you have to right the annotations and then use custom-nginx image.

Image description

We are done!

Image description

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Retry later