Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Developer Exam - Topic 9 Question 64 Discussion

You are trying to connect to your Google Kubernetes Engine (GKE) cluster using kubectl from Cloud Shell. You have deployed your GKE cluster with a public endpoint. From Cloud Shell, you run the following command:You notice that the kubectl commands time out without returning an error message. What is the most likely cause of this issue?
A) Your user account does not have privileges to interact with the cluster using kubectl.
B) Your Cloud Shell external IP address is not part of the authorized networks of the cluster.
C) The Cloud Shell is not part of the same VPC as the GKE cluster.
D) A VPC firewall is blocking access to the cluster's endpoint.

Google Professional Cloud Developer Exam - Topic 9 Question 64 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 64
Topic #: 9
[All Professional Cloud Developer Questions]

You are trying to connect to your Google Kubernetes Engine (GKE) cluster using kubectl from Cloud Shell. You have deployed your GKE cluster with a public endpoint. From Cloud Shell, you run the following command:

You notice that the kubectl commands time out without returning an error message. What is the most likely cause of this issue?

Show Suggested Answer Hide Answer
Suggested Answer: A

https://cloud.google.com/load-balancing/docs/https/traffic-management-global#traffic_actions_weight-based_traffic_splitting

Deploying a new version of an existing production service generally incurs some risk. Even if your tests pass in staging, you probably don't want to subject 100% of your users to the new version immediately. With traffic management, you can define percentage-based traffic splits across multiple backend services.

For example, you can send 95% of the traffic to the previous version of your service and 5% to the new version of your service. After you've validated that the new production version works as expected, you can gradually shift the percentages until 100% of the traffic reaches the new version of your service. Traffic splitting is typically used for deploying new versions, A/B testing, service migration, and similar processes.

https://cloud.google.com/traffic-director/docs/advanced-traffic-management#weight-based_traffic_splitting_for_safer_deployments

https://cloud.google.com/architecture/implementing-deployment-and-testing-strategies-on-gke#split_the_traffic_2

https://cloud.google.com/load-balancing/docs/https/traffic-management-global#traffic_actions_weight-based_traffic_splitting


by Willow at Feb 07, 2023, 01:42 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Vernice
7 months ago
A firewall blocking access? That's a new one for me!
upvoted 0 times
...
Britt
7 months ago
C is unlikely, Cloud Shell should connect fine.
upvoted 0 times
...
Alex
7 months ago
Wait, could it be A? I thought I had permissions.
upvoted 0 times
...
Edelmira
8 months ago
Agreed, B makes the most sense here.
upvoted 0 times
...
Shawnda
8 months ago
I think it's probably B, the IP isn't authorized.
upvoted 0 times
...
Leonor
8 months ago
I feel like a firewall could definitely be a factor. I recall discussing firewall rules in class, but I can't remember the specifics.
upvoted 0 times
...
Latricia
8 months ago
I'm a bit confused about the VPC setup. I thought Cloud Shell could access GKE clusters regardless of VPC, but maybe I'm wrong?
upvoted 0 times
...
Iesha
8 months ago
I think it might be related to the Cloud Shell IP not being authorized. I saw a similar question in practice where that was the problem.
upvoted 0 times
...
Ashlyn
8 months ago
I remember something about needing the right permissions, but I'm not sure if that's the main issue here.
upvoted 0 times
...
Luther
8 months ago
Okay, the base DN should be the part of the entry that comes after the "DC=" components, so I think the answer is C.
upvoted 0 times
...
Annmarie
8 months ago
I feel like "Information and communication" makes the most sense since it directly addresses information flow, but I could be confusing it with something else I studied.
upvoted 0 times
...
Vincent
8 months ago
Okay, let me think this through. The options mention scalability, transport tunnels, group states, and MPLS vs. GRE. I'll need to make sure I understand the key distinctions between the two technologies.
upvoted 0 times
...
Chandra
1 year ago
I bet the person who set up this cluster forgot to open the firewall. That's the kind of thing that always trips me up!
upvoted 0 times
...
Roosevelt
1 year ago
This is a tricky one. Maybe the Cloud Shell is not in the same VPC as the cluster? Sounds like a connectivity problem to me.
upvoted 0 times
Irma
12 months ago
Maybe check if your user account has the privileges to interact with the cluster using kubectl.
upvoted 0 times
...
Van
1 year ago
It could also be that the Cloud Shell external IP address is not part of the authorized networks of the cluster.
upvoted 0 times
...
Iluminada
1 year ago
I think the issue might be with the VPC firewall blocking access to the cluster's endpoint.
upvoted 0 times
...
...
Alesia
1 year ago
My money's on the user account not having the right privileges. That's a common problem when working with Kubernetes clusters.
upvoted 0 times
Thurman
12 months ago
Let's verify the user account settings before trying anything else.
upvoted 0 times
...
Shalon
12 months ago
If the user account doesn't have the right privileges, that would explain the timeout.
upvoted 0 times
...
Stephaine
12 months ago
We should check if the user account has the necessary permissions.
upvoted 0 times
...
Ernestine
12 months ago
I think you're right, it's probably a user account issue.
upvoted 0 times
...
Pamella
12 months ago
True, it's always good to double-check permissions and network settings.
upvoted 0 times
...
Mignon
1 year ago
Could also be a firewall blocking access, that's something to check.
upvoted 0 times
...
Maryln
1 year ago
Yeah, I've run into that before. Make sure your user account has the right roles.
upvoted 0 times
...
Adrianna
1 year ago
I think you're right, it's probably a permissions issue.
upvoted 0 times
...
...
Starr
1 year ago
Wait, shouldn't the cluster have a private endpoint if it's deployed with a public endpoint? I'm guessing the firewall is blocking access.
upvoted 0 times
...
Yen
1 year ago
I believe it could also be because my Cloud Shell external IP address is not part of the authorized networks of the cluster.
upvoted 0 times
...
Nathan
1 year ago
Hmm, this looks like a networking issue. I wonder if the Cloud Shell's external IP is not authorized to access the cluster's endpoint.
upvoted 0 times
Isabella
1 year ago
Good point. It's important to check all these possibilities to troubleshoot the issue.
upvoted 0 times
...
Tran
1 year ago
It's possible. Or maybe my user account doesn't have the privileges to interact with the cluster using kubectl.
upvoted 0 times
...
Lawrence
1 year ago
That could be it. Maybe the VPC firewall is blocking access to the cluster's endpoint.
upvoted 0 times
...
Cheryl
1 year ago
I think the issue might be that the Cloud Shell's external IP is not part of the authorized networks.
upvoted 0 times
...
...
Rodrigo
1 year ago
I agree with Lamar. It's possible that the firewall is causing the timeout.
upvoted 0 times
...
Lamar
1 year ago
I think the issue might be with the VPC firewall blocking access to the cluster's endpoint.
upvoted 0 times
...

Save Cancel