professional-cloud-architect question 229 discussion

View all Professional Cloud Architect on Google Cloud Platform here
back to google forum

Question 229 Topic 6

Your team needs to create a Google Kubernetes Engine (GKE) cluster to host a newly built application that requires access
to third-party services on the internet. Your company does not allow any Compute Engine instance to have a public IP
address on Google Cloud. You need to create a deployment strategy that adheres to these guidelines. What should you do?

  • A. Configure the GKE cluster as a private cluster, and configure Cloud NAT Gateway for the cluster subnet.
  • B. Configure the GKE cluster as a private cluster. Configure Private Google Access on the Virtual Private Cloud (VPC).
  • C. Configure the GKE cluster as a route-based cluster. Configure Private Google Access on the Virtual Private Cloud (VPC).
  • D. Create a Compute Engine instance, and install a NAT Proxy on the instance. Configure all workloads on GKE to pass through this proxy to access third-party services on the Internet.
Answer:

B


Explanation:
Reference: https://cloud.google.com/architecture/prep-kubernetes-engine-for-prod

User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0 / 1000
sanjay16shankar
1 month ago

a is correct

0