ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 268 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 268
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company recently migrated its application to an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that uses Amazon EC2 instances. The company configured the application to automatically scale based on CPU utilization.

The application produces memory errors when it experiences heavy loads. The application also does not scale out enough to handle the increased load. The company needs to collect and analyze memory metrics for the application over time.

Which combination of steps will meet these requirements? (Choose three.)

  • A. Attach the CloudWatchAgentServerPolicy managed IAM policy to the IAM instance profile that the cluster uses.
  • B. Attach the CloudWatchAgentServerPolicy managed IAM policy to a service account role for the cluster.
  • C. Collect performance metrics by deploying the unified Amazon CloudWatch agent to the existing EC2 instances in the cluster. Add the agent to the AMI for any new EC2 instances that are added to the cluster.
  • D. Collect performance logs by deploying the AWS Distro for OpenTelemetry collector as a DaemonSet.
  • E. Analyze the pod_memory_utilization Amazon CloudWatch metric in the ContainerInsights namespace by using the Service dimension.
  • F. Analyze the node_memory_utilization Amazon CloudWatch metric in the ContainerInsights namespace by using the ClusterName dimension.
Show Suggested Answer Hide Answer
Suggested Answer: ACE 🗳️
by xdkonorek2 at July 6, 2024, 10:38 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
trungtd
Highly Voted 11 months, 2 weeks ago
Selected Answer: ACE
A. This policy grants the necessary permissions for the Amazon CloudWatch agent to collect and publish metrics from the EC2 instances. C. The unified Amazon CloudWatch agent can collect both CPU and memory utilization metrics. Deploying it ensures you capture memory metrics across all EC2 instances in the EKS cluster. E. pod_memory_utilization metric provides detailed insights into memory usage at the pod level B. service account role is more relevant for applications running within Kubernetes pods needing AWS permissions. D irrelevant F Node-level metrics do not provide the granularity needed to diagnose pod-level memory issues effectively
upvoted 9 times
...
nickp84
Most Recent 1 month, 1 week ago
Selected Answer: ACE
D. Collect performance logs by deploying the AWS Distro for OpenTelemetry collector as a DaemonSet. The AWS Distro for OpenTelemetry (ADOT) collector is typically used for collecting traces, metrics, and logs from applications, often at the application or pod level, and is deployed as a Kubernetes workload (e.g., DaemonSet). While ADOT can collect certain metrics, it is primarily focused on application-level telemetry (e.g., custom metrics or traces) rather than system-level memory metrics for EC2 instances. The requirement emphasizes memory metrics, which are more effectively collected by the CloudWatch agent at the node level for EC2-based EKS clusters. Not Relevant: ADOT is less suited for collecting system-level memory metrics compared to the CloudWatch agent.
upvoted 1 times
...
[Removed]
10 months, 1 week ago
Selected Answer: ACE
vote for ACE
upvoted 3 times
...
jamesf
11 months ago
Selected Answer: ACE
After check, feel Option A better - provides necessary permissions at the EC2 instance level, which is where the CloudWatch agent runs. - is directly suitable for metrics collection because it ensures that EC2 instances can send metrics to CloudWatch. The CloudWatch agent on the EC2 instances needs the IAM policy to push metrics and logs to CloudWatch. Hope someone can explain further if choose option B instead of A.
upvoted 4 times
jamesf
10 months, 3 weeks ago
it seen BCE better as option B - attached the policy to EKS service account role for better Granular Control, Scalability and Management - this policy targets permissions at the Kubernetes level, granting specific pods or services within the cluster the ability to collect and send metrics.
upvoted 1 times
...
...
noisonnoiton
11 months, 2 weeks ago
Selected Answer: BCE
B - control permission with service account C - cloudwatch agent on k8s worker nodes E - monitoring with k8s service (pods)
upvoted 1 times
...
TEC1
11 months, 2 weeks ago
Selected Answer: BCE
I will go with B C E
upvoted 1 times
TEC1
11 months, 2 weeks ago
B- Necessary permissions C- Cloud watch agent installed E - understanding performance and scaling of the application within Kubernetes Enviro
upvoted 1 times
...
...
komorebi
11 months, 3 weeks ago
Selected Answer: CEF
Answer : C E F
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel