Topic 1 Question 212
You are troubleshooting your Dataflow pipeline that processes data from Cloud Storage to BigQuery. You have discovered that the Dataflow worker nodes cannot communicate with one another. Your networking team relies on Google Cloud network tags to define firewall rules. You need to identify the issue while following Google-recommended networking security practices. What should you do?
Determine whether your Dataflow pipeline has a custom network tag set.
Determine whether there is a firewall rule set to allow traffic on TCP ports 12345 and 12346 for the Dataflow network tag.
Determine whether there is a firewall rule set to allow traffic on TCP ports 12345 and 12346 on the subnet used by Dataflow workers.
Determine whether your Dataflow pipeline is deployed with the external IP address option enabled.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: B
Focus on Network Tags:
Adheres to the recommended practice of using network tags for firewall configuration, enhancing security and flexibility. Avoids targeting specific subnets, which can be less secure and harder to manage.
👍 2e70ea9e2023/12/30 - 正解だと思う選択肢: B
This option focuses directly on ensuring that the firewall rules are set up correctly for the network tags used by Dataflow worker nodes. It specifically addresses the potential issue of worker nodes not being able to communicate due to restrictive firewall rules blocking the necessary ports.
👍 2raaad2024/01/02 - 正解だと思う選択肢: B
Because network tags are used and Dataflow uses TCP ports 12345 and 12346 as stated on https://cloud.google.com/dataflow/docs/guides/routes-firewall
👍 2Smakyel792024/01/07
シャッフルモード