Topic 1 Question 245
You want to set up a Google Kubernetes Engine cluster. Verifiable node identity and integrity are required for the cluster, and nodes cannot be accessed from the internet. You want to reduce the operational cost of managing your cluster, and you want to follow Google-recommended practices. What should you do?
Deploy a private autopilot cluster.
Deploy a public autopilot cluster.
Deploy a standard public cluster and enable shielded nodes.
Deploy a standard private cluster and enable shielded nodes.
ユーザの投票
コメント(9)
- 正解だと思う選択肢: A
In a private cluster, nodes only have internal IP addresses, which means that nodes and Pods are isolated from the internet by default. https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters
Shielded GKE Nodes provide strong, verifiable node identity and integrity to increase the security of Google Kubernetes Engine (GKE) nodes. Note: For GKE Autopilot clusters, the Shielded GKE Nodes feature is enabled by default and cannot be overridden. https://cloud.google.com/kubernetes-engine/docs/how-to/shielded-gke-nodes
👍 5scanner22023/09/04 - 正解だと思う選択肢: A
Note: For GKE Autopilot clusters, the Shielded GKE Nodes feature is enabled by default and cannot be overridden.
👍 4rsvd2023/08/11 - 正解だと思う選択肢: A
The Shielded GKE node feature is enabled by default for all Autopilot clusters and is impossible to disable manually. https://www.googlecloudcommunity.com/gc/Architecture-Framework-Community/Manage-GKE-Cluster-Security-with-Autopilot-Mode/ba-p/396435
👍 23arle2023/08/09
シャッフルモード