Practice Test 3 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test
You have been tasked with the creation of a GKE cluster that met the requirements outlined below:
- Master and Worker nodes are not accessible via a public IP to security reasons.
- Ability to download software and updates as needed from the internet.
- Ability to manage the cluster using kubectl from outside GCP
Which of the following configurations can achieve this?
A. Create a Public route-based Cluster,
Enable access master using its external IP
Enable master authorised networks.
Use Cloud NAT for outbound connectivity
B. Create a Private route-based Cluster,
Use Cloud NAT for outbound connectivity
Specify a master IP range
Enable master authorised networks. Add authorised networks
C. Create a Public VPC-native Cluster,
Enable access master using its external IP
Enable master authorised networks.
D. Create a Private VPC-native Cluster,
Specify a master IP range
Use Cloud NAT for outbound connectivity
Add authorised networks.
Answer: D
Options A, C are incorrect because the requirements specify the cluster should not be
accessible via an external IP, so a public cluster is a wrong choice.
Option B is incorrect. Private clusters are VPC-native by default, there is no Private route-
based cluster.
Option D is correct, it meets all the requirements.
https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters explains how to create a private GKE cluster.
Comments are closed, but trackbacks and pingbacks are open.