Certified Kubernetes Application Developer (CKAD) Practice Test

How do you mount a secret in a Kubernetes volume?

• A. By specifying it in the pod's environment variables
• B. By using the command docker run
• C. By adding it to the volume section in the pod specification
• D. By storing it in etcd

The correct answer is: By adding it to the volume section in the pod specification

Mounting a secret in a Kubernetes volume involves specifying it in the volume section of a pod's specification. This allows the secret to be made available to the containers running in that pod as a file or files. In practice, when you define a volume in your pod manifest, you can reference Kubernetes secrets so that the data contained in those secrets will be available to the application inside the container. This method is important for ensuring that sensitive information, such as passwords, tokens, or SSH keys, can be securely managed and made accessible to applications without hardcoding them into the application images or source code. When using a secret as a volume, the data from the secret is mounted into the specified path within each container of the pod, where applications can access it as regular files. In contrast, other options do not provide the method for mounting a secret in a volume. Specifying secrets in environment variables still allows access to secret data, but it’s not the same as mounting it as a volume. Using the `docker run` command pertains to traditional Docker container management, which is not applicable within a Kubernetes context. Storing secrets in etcd is a part of how Kubernetes manages state and configuration but does not represent a method for directly mounting secrets into a pod