ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud DevOps Engineer All Questions

View all questions & answers for the Professional Cloud DevOps Engineer exam
Go to Exam

Exam Professional Cloud DevOps Engineer topic 1 question 111 discussion

Actual exam question from Google's Professional Cloud DevOps Engineer
Question #: 111
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

You are configuring connectivity across Google Kubernetes Engine (GKE) clusters in different VPCs. You notice that the nodes in Cluster A are unable to access the nodes in Cluster B. You suspect that the workload access issue is due to the network configuration. You need to troubleshoot the issue but do not have execute access to workloads and nodes. You want to identify the layer at which the network connectivity is broken. What should you do?

  • A. Install a toolbox container on the node in Cluster Confirm that the routes to Cluster B are configured appropriately.
  • B. Use Network Connectivity Center to perform a Connectivity Test from Cluster A to Cluster B.
  • C. Use a debug container to run the traceroute command from Cluster A to Cluster B and from Cluster B to Cluster A. Identify the common failure point.
  • D. Enable VPC Flow Logs in both VPCs, and monitor packet drops.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by PrayasMohanty at Oct. 11, 2023, 11:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jason_Cloud_at
Highly Voted 1 year, 1 month ago
Selected Answer: B
I will got with B just to identify what happend in the network level
upvoted 9 times
...
YushiSato
Highly Voted 1 year, 1 month ago
Selected Answer: B
I suspect that there is a mistake in the issue and that the Network Intelligence Center is correct, not the Network Connectivity Center. https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview
upvoted 7 times
...
xhilmi
Most Recent 1 year ago
Selected Answer: B
To identify and troubleshoot the network connectivity issue between Google Kubernetes Engine (GKE) clusters in different VPCs where nodes in Cluster A cannot access nodes in Cluster B, the recommended action is to use Network Connectivity Center, as stated in (Option B). By performing a Connectivity Test from Cluster A to Cluster B using Network Connectivity Center, you can assess the network path and identify potential issues affecting the connectivity. This diagnostic tool helps pinpoint where the connectivity breaks down, enabling you to analyze the network configuration and resolve any misconfigurations or obstacles that might be hindering communication between the clusters. This approach provides a focused and efficient way to troubleshoot the specific network layer where the connectivity issue occurs without requiring execute access to workloads and nodes in the clusters.
upvoted 2 times
...
Andrei_Z
1 year ago
Selected Answer: B
Network Connectivity Center is not the greatest tool but in this case we don't really have any options with the restrictions in the question so B
upvoted 2 times
Feliphus
12 months ago
Is it not easier the ans D, both VPC seems to be in the same GCP project ? It's only to allow the ingress rule in both VPC firewall rules If I read https://cloud.google.com/network-connectivity-center#simplified-data-transfer-over-google%E2%80%99s-network they talk to enable the communication between network outside the GCP scope But I realized I am the only who thinks in ans D
upvoted 1 times
...
...
ReachTango73
1 year, 2 months ago
B as the Q says but do not have execute access to workloads and nodes… so can’t run toolbox
upvoted 4 times
PrayasMohanty
1 year, 2 months ago
May not have execute access to workload and node, but may have access to project and create a new toolbox pod for testing the route to Cluster B
upvoted 1 times
gouravjoshi05
1 year, 2 months ago
When you don't have execute access in this case even after creating a new pod also you will not be able to exec inside the pod as we don't have access.
upvoted 2 times
...
...
...
PrayasMohanty
1 year, 2 months ago
Selected Answer: A
Vote for A Reference: https://cloud.google.com/container-optimized-os/docs/how-to/toolbox
upvoted 1 times
Jason_Cloud_at
1 year, 1 month ago
It says you dont have access to execute in workloads and node level, how can you install toolbox in the node ? I will go with B
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel