FREE Cloud Engineer: Google Associate Questions and Answers
Your team uses Splunk for centralized logging, and Splunk logs are the basis for many of your reports and dashboards. Splunk Forwarder must be installed on each node of your new Kubernetes Engine autoscaled cluster. The logs are forwarded to a central Splunk server by the Splunk forwarder. You want to reduce administrative costs. What is the most effective strategy to install Splunk Forwarder throughout the cluster's nodes?
Explanation:
Include the forwarder agent in a DaemonSet deployment. is the right answer
The one-pod-per-node approach is followed by DaemonSets in GKE, either across the entire cluster or only a selection of nodes. DaemonSets automatically add pods to new nodes when you add them to a node pool. Therefore, you may automate the installation and configuration of the Splunk forwarder agent on each GKE cluster node by configuring the pod to utilize the Splunk forwarder agent image and with some minimal design (for example, defining which logs need to be forwarded).
Every year, auditors visit your teams and request a review of all the prior year's Google Cloud Identity and Access Management (Cloud IAM) policy updates. The analysis and auditing processes have to be streamlined and accelerated. What ought you to do?
Explanation:
A decent storage choice with analysis capabilities is BigQuery. Additionally, ACLs and views can be used to limit access to the data. BigQuery manages project and dataset permissions via access control lists (ACLs). You can utilize BigQuery, a petabyte-scale analytics data warehouse, to execute SQL queries over enormous volumes of data almost instantly. In BigQuery, generating an authorized view also refers to granting a view access to a dataset. You can share query results with specific users and groups using an approved idea without giving them access to the underlying tables. You can limit which columns (fields) users can query using the SQL query for the view. You establish an authorized idea in this tutorial.
A business plans to move its online application to Google App Engine. They would nonetheless keep using their on-site database. How do they configure the application?
Explanation:
Using a cloud VPN, Google App Engine offers connectivity to on-premises systems. Subnetworks can be created within your Compute Engine network. By doing so, you can enable VPN scenarios like accessing corporate network databases.
Your virtual machines are operating on a network with the subnet mask 255.255.255.240. There are no more available IP addresses on the present subnet, and you need an additional 10 IP addresses for new virtual machines. All current and recent VMs should be able to connect without needing different routes. What ought you to do?
Explanation:
Use gcloud to expand the IP range of the current subnet. is the right answer
The existing subnet's subnet mask is 255.255.255.240, which means that the maximum number of addresses that can be used is 16. Since there are 4 bits open in the network prefix of /28, or 2 to the power of 4, there are 16 IP addresses.
The corporate apps of your client are being moved to the Google Cloud Platform. The security team requests complete visibility into every project within the company. You create your account as the organization administrator and provide the Google Cloud Resource Manager. Which Cloud IAM (Google Cloud Identity and Access Management) roles ought the security team be assigned?
Explanation:
The project viewer gives the visibility that the security team requires while adhering to the principle of least privilege. Refer to Organization and Project Access Control in the GCP manual.
You need to move a group of media files totaling more than 50 GB each to Google Cloud Storage. The documents are located in your on-site data center. What kind of relocation strategy might you employ to hasten the transfer process?
Explanation:
Gsutil provides object composition or parallel upload to handle the upload of larger files.
For big, local files you want to upload in parallel to cloud storage, the gsutil program can also automatically use object composition. A large file is divided into smaller bits, uploaded in parallel, then reconfigured once in the cloud (and deleted from the temporary components it created locally).
Your team strives to deploy your application to the GKE cluster in the desired state configuration. YAML files represent the Kubernetes deployment and service objects. The replicas parameter in app deployment.yaml specifies that your application is intended to run on two pods. The GKE load balancer is described in the app service. Your service uses YAML.
You created the Kubernetes resources by running
kubectl apply -f app-deployment.yaml
kubectl apply -f app-service.yaml
Although your deployment is now handling live traffic, it has performance problems. You would like to make five more replicas. What should you do to update the replicas in the deployed Kubernetes objects currently in use?
Explanation:
Edit the number of replicas in the YAML file and rerun the kubectl apply. kubectl apply -f app-deployment.yaml. is the right answer.
This one is the only method that ensures you use the desired state configuration. You may keep the Kubernetes cluster in its intended condition by modifying the YAML file to contain five replicas and applying it using Kubectl apply.
