Topic 1 Question 198
You deployed an application on a managed instance group in Compute Engine. The application accepts Transmission Control Protocol (TCP) traffic on port 389 and requires you to preserve the IP address of the client who is making a request. You want to expose the application to the internet by using a load balancer. What should you do?
Expose the application by using an external TCP Network Load Balancer.
Expose the application by using a TCP Proxy Load Balancer.
Expose the application by using an SSL Proxy Load Balancer.
Expose the application by using an internal TCP Network Load Balancer.
ユーザの投票
コメント(14)
- 正解だと思う選択肢: A
The answer has to be A: external TCP Network Load Balancer.
From the Google doc "Choose a load balancer" (https://cloud.google.com/load-balancing/docs/choosing-load-balancer) it clearly states: "You'd choose a passthrough (passthrough = non-proxy) Network Load Balancer to preserve client source IP addresses (...)".
I also found a source that shows how to preserves a client’s IP address in the TCP payload in a Proxy TCP load balancer (https://medium.com/google-cloud/preserving-client-ips-through-google-clouds-global-tcp-and-ssl-proxy-load-balancers-3697d76feeb1)... with A LOT of effort... but with such a clear statement from the google doc, I would stick to A.
By the way, I think that Google made a real mess with the load balancer types. This is the only thing more simple in AWS than in GCP.
👍 4JaimeMS2023/07/01 - 正解だと思う選択肢: A
Anser is A! If you are using a TCP/UDP network load balancer that preserves the client IP address (AWS Network Load Balancer, GCP External Network Load Balancer, Azure Load Balancer) or you are using Round-Robin DNS, then you can use the externalTrafficPolicy: Local setting to also preserve the client IP inside Kubernetes by bypassing kube-proxy and preventing it from sending traffic to other nodes.
👍 4TomFoot2023/07/02 - 正解だと思う選択肢: B
The correct answer in this scenario would be option B: Expose the application by using a TCP Proxy Load Balancer.
A TCP Proxy Load Balancer is suitable for preserving the client's IP address when accepting TCP traffic on a specific port, such as port 389 in this case. When a client makes a request to the load balancer, the load balancer maintains the client's source IP address and forwards the traffic to the appropriate backend instances in the managed instance group. This allows the application to see the original client IP address and respond accordingly.
Option A, using an external TCP Network Load Balancer, does not preserve the client's IP address. The load balancer's IP address is seen as the source IP by the application, which may not meet the requirement.
👍 2on2it2023/07/04
シャッフルモード