You have an application running in Google Kubernetes Engine (GKE) with cluster autoscaling enabled. The application exposes a TCP endpoint. There are several replicas of this application. You have a Compute Engine instance in the same region, but in another Virtual Private Cloud (VPC), called gce-network, that has no overlapping IP ranges with the first VPC. This instance needs to connect to the application on GKE. You want to minimize effort. What should you do?
A. 1. In GKE, create a Service of type LoadBalancer that uses the application’s Pods as backend.
2. Set the service’s externalTrafficPolicy to Cluster.
3. Configure the Compute Engine instance to use the address of the load balancer that has been created.
B. 1. In GKE, create a Service of type NodePort that uses the application’s Pods as backend.
2. Create a Compute Engine instance called proxy with 2 network interfaces, one in each VPC.
3. Use iptables on this instance to forward traffic from gce-network to the GKE nodes.
4. Configure the Compute Engine instance to use the address of proxy in gce-network as endpoint.
C. 1. In GKE, create a Service of type LoadBalancer that uses the application’s Pods as backend.
2. Add an annotation to this service: cloud.google.com/load-balancer-type: Internal
3. Peer the two VPCs together.
4. Configure the Compute Engine instance to use the address of the load balancer that has been created.
D. 1. In GKE, create a Service of type LoadBalancer that uses the application’s Pods as backend.
2. Add a Cloud Armor Security Policy to the load balancer that whitelists the internal IPs of the MIG’s instances.
3. Configure the Compute Engine instance to use the address of the load balancer that has been created.
|
Download Printable PDF. VALID exam to help you PASS. |
 |