ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 1 question 37 discussion

Actual exam question from Microsoft's AZ-204
Question #: 37
Topic #: 1
[All AZ-204 Questions]

HOTSPOT
-

You are developing an application that includes two Docker containers.

The application must meet the following requirements:

• The containers must not run as root.
• The containers must be deployed to Azure Container Instances by using a YAML file.
• The containers must share a lifecycle, resources, local network, and storage volume.
• The storage volume must persist through container crashes.
• The storage volume must be deployed on stop or restart of the containers.

You need to configure Azure Container Instances for the application.

Which configuration values should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by imanonion at Jan. 7, 2023, 2:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
armpro
Highly Voted 2 years, 3 months ago
Ans: Container group, EmptyDir Container group is the only logical answer that can have shared lifecycle https://learn.microsoft.com/en-us/azure/container-instances/container-instances-container-groups?source=recommendations#what-is-a-container-group Azure files need root permission Secret is for secrets and read-only EmtyDir can persist through crash and redeployed on stop and restart https://learn.microsoft.com/en-us/azure/container-instances/container-instances-volume-emptydir#emptydir-volume Cloned Git Repo also does the job but it needs more details like Git URL and stuff which are not mentioned to be available in the question
upvoted 52 times
BrownieP
3 months, 3 weeks ago
Ans: Container group, EmptyDir Shared lifecycle: Container group. This ensures that the containers share a lifecycle, resources, local network, and storage volume. Storage volume: Empty directory; the appropriate storage volume option would be empty directory. This option allows the containers to run without root privileges while still providing a shared storage volume that persists through container crashes
upvoted 1 times
...
TonyMel
2 years, 1 month ago
correct, in 2023Mar24, score:904/1000
upvoted 11 times
...
narenazure
2 years, 3 months ago
Data in an emptyDir volume is persisted through container crashes. Containers that are restarted, however, are not guaranteed to persist the data in an emptyDir volume. If you stop a container group, the emptyDir volume is not persisted.
upvoted 4 times
Esward
2 years, 3 months ago
Gievn answers are correct!!
upvoted 1 times
...
alekomar
2 years, 2 months ago
There is no requirement to persist the data in a volume between restarts
upvoted 4 times
...
...
...
GuruPratap
Highly Voted 2 years, 1 month ago
Chat GPT : Container Group, Azure fileshare
upvoted 9 times
rgullini
2 years ago
Cannot be Azure File Share as requirement is not to run as root. https://learn.microsoft.com/en-us/azure/container-instances/container-instances-volume-azure-files
upvoted 10 times
...
...
Thameur01
Most Recent 1 week, 1 day ago
Ans: Container group, EmptyDir, please update the answer
upvoted 1 times
...
hasala
2 weeks, 3 days ago
GPT: Storage volume: ✔ Answer: Azure file share 📌 Explanation: An Azure File Share provides persistent, durable storage that survives container crashes and restarts. This is the only option listed that fully meets the persistence requirement. Options like Empty directory are temporary and reset on restart.
upvoted 1 times
...
Kensington
8 months, 2 weeks ago
Container group is the only logical answer, as mentioned by others. Emptydir lifecycle is tied to the container group and therefore persists for individual container crashes. GitRepo makes less sense as it's ready-only and is mostly used for scenarios where you want to load code into your app. https://learn.microsoft.com/en-us/azure/container-instances/container-instances-volume-emptydir
upvoted 1 times
...
8ac3742
9 months ago
The Storage Volume should Azure File Share, An Empty directory (or emptyDir) in Azure Container Instances is a type of ephemeral storage volume. An Empty directory provides a writable directory that is accessible to each container in a container group. When the container group is created, the directory is initially empty, hence the name "emptyDir"1. Empty directories are commonly used for: scratch space: Temporary storage for data that doesn’t need to persist beyond the container’s lifecycle. Checkpointing: Storing intermediate results during long-running tasks. Sidecar containers: Sharing data between a main application container and a sidecar container, such as logs or temporary files1.
upvoted 2 times
Ody
4 months ago
I think this is the correct answer... now. Maybe not in the past. Now, we can use Managed Identities. az container create \ --resource-group <your-resource-group> \ --name <your-container-instance-name> \ --image <your-container-image> \ --assign-identity <your-managed-identity-id> \ --azure-file-volume-account-name <your-storage-account> \ --azure-file-volume-share-name <your-file-share> \ --azure-file-volume-mount-path <mount-path> \ --role StorageBlobDataContributor https://learn.microsoft.com/en-us/answers/questions/2075070/mount-volumes-in-aci-but-without-using-storage-acc
upvoted 1 times
...
...
Isoldhe
1 year, 2 months ago
ChatGPT: Azure Container Group, Azure Fire Share
upvoted 2 times
ThierryAhn
1 year, 1 month ago
Azure file share volume mount requires the container run as root, so can not be.
upvoted 2 times
Christian_garcia_martin
8 months, 3 weeks ago
you dont be root if you modify the ownership and permissions using the chown and chmod commands after mounting the share in your startup script or Dockerfile .So Azure File share is ok
upvoted 1 times
...
...
...
AhmedAbdelAziz
1 year, 3 months ago
Ans: Container group, EmptyDir EmptyDir doesn't required run as root , also support data persistence throw container crashes although it doesn't grantee persist the data in a volume between restarts as there is no requirement like that
upvoted 1 times
...
manopeydakon
1 year, 3 months ago
Container Group, Azure fileshare, You can set the user and group IDs for each container in the Docker image to ensure they do not run as the root user. This is typically done using the USER instruction in the Dockerfile. Azure File Share can be mounted as a volume in each container to provide shared storage. With these modifications, your containers will run with non-root users, and they will share storage using an Azure File Share.
upvoted 2 times
...
dddddd111
1 year, 6 months ago
Ans: Container group and Azure File share.
upvoted 4 times
...
nayru
1 year, 7 months ago
Got on 26/09/23 and chose container group and empty dir (score 910)
upvoted 5 times
...
katrang
1 year, 7 months ago
Shared Lifecycle - Container Group Storage volume - The storage volume must persist through container crashes, so emptyDir meets the requirements
upvoted 2 times
...
JH81
1 year, 10 months ago
Got this on 6/28/2023 and passed with 850. Went with Container group, EmptyDir.
upvoted 3 times
...
aragones
1 year, 11 months ago
Got this 2023-05-12. my cases also: case: You need to configure authorization. case: You need to ensure the app does not time out and processes the blob data case study: VanArsdel Inc Canada
upvoted 4 times
...
GuruPratap
2 years, 1 month ago
Container Group, Azure fileshare For Shared lifecycle, the appropriate configuration setting would be "Container Group," which allows multiple containers to be deployed together as a group and share a local network, storage, and lifecycle. For Storage volume, the appropriate configuration setting would be "Azure file share," which provides a durable and highly available storage solution that can be mounted as a volume in the container instance. This ensures that the storage volume persists through container crashes and can be deployed on stop or restart of the containers.
upvoted 4 times
rgullini
2 years ago
Azure File Share requires root. It is EmptyDir
upvoted 6 times
dddddd111
1 year, 6 months ago
No, using Azure File Share does not require running containers as root. Azure File Share allows you to mount a shared file system to containers in Azure Container Instances without the need for elevated privileges. You can mount Azure File Share to your containers securely without running them as root, ensuring better security practices.
upvoted 3 times
...
...
...
varinder82
2 years, 1 month ago
Could anyone give the correct answare. As it is quite confusing from the comments and multiple people having diff. options
upvoted 6 times
...
sachinrikhe
2 years, 1 month ago
Container Group is the only logical But storage volume should be azure file share "Azure File Share allows the containers to share a persistent volume for storing data, and it can be mounted to the containers as a file system. It also provides a durable and highly available storage solution that persists through container crashes and can be deployed on stop or restart of the containers." Cloned Git does not provide a mechanism for deploying the application or managing its dependencies.
upvoted 3 times
rgullini
2 years ago
Azure File Share requires root. It is EmptyDir
upvoted 3 times
dddddd111
1 year, 6 months ago
No, using Azure File Share does not require running containers as root. Azure File Share allows you to mount a shared file system to containers in Azure Container Instances without the need for elevated privileges. You can mount Azure File Share to your containers securely without running them as root, ensuring better security practices.
upvoted 2 times
...
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago