ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 131 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 131
Topic #: 1
[All Professional Cloud Network Engineer Questions]

Your company has a single Virtual Private Cloud (VPC) network deployed in Google Cloud with on-premises connectivity already in place. You are deploying a new application using Google Kubernetes Engine (GKE), which must be accessible only from the same VPC network and on-premises locations. You must ensure that the GKE control plane is exposed to a predefined list of on-premises subnets through private connectivity only. What should you do?

  • A. Create a GKE private cluster with a private endpoint for the control plane. Configure VPC Networking Peering export/import routes and custom route advertisements on the Cloud Routers. Configure authorized networks to specify the desired on-premises subnets.
  • B. Create a GKE private cluster with a public endpoint for the control plane. Configure VPC Networking Peering export/import routes and custom route advertisements on the Cloud Routers.
  • C. Create a GKE private cluster with a private endpoint for the control plane. Configure authorized networks to specify the desired on-premises subnets.
  • D. Create a GKE public cluster. Configure authorized networks to specify the desired on-premises subnets.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by playpacman at Dec. 1, 2022, 1:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
fra_pavi
Highly Voted 1 year, 4 months ago
Selected Answer: A
Answer is A. Link: https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters?hl=en#cp-on-prem-routing. “Configure your VPC network to export its custom routes in the peering relationship to the control plane's VPC network. The control plane's VPC network is already configured to import custom routes. This provides a path for the control plane to send packets back to on-premises resources.”
upvoted 6 times
...
gcpengineer
Most Recent 7 months, 2 weeks ago
Hows vpc peering is relevant in on prem connectivity?
upvoted 1 times
gcpengineer
7 months, 1 week ago
control plan in google managed vpc
upvoted 1 times
...
...
pk349
1 year, 3 months ago
A. Create a GKE private cluster with a private endpoint for the control plane. Configure VPC Networking Peering export/import routes and custom route advertisements on the Cloud Routers. Configure authorized networks to specify the desired on-premises subnets.
upvoted 2 times
...
mshry
1 year, 4 months ago
Selected Answer: A
Answer is A because Private Clusters are a Type of VPC Peering with Google and you have to enable the export/import of route for the peering to have them advertised to the on-premises from your VPC.
upvoted 4 times
...
pfilourenco
1 year, 4 months ago
Selected Answer: A
A is correct to be able to connect from on-prem.
upvoted 4 times
pfilourenco
1 year, 4 months ago
gke create a network peering by deafault but without export custom routes. "Update the peering connection, enabling the export of custom routes, for the peering connection you identified in the previous step." https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#cp-on-prem-routing
upvoted 2 times
...
...
ccieman2016
1 year, 4 months ago
Selected Answer: C
100% sure for C, Configure authorized networks is required when access to control plane outside GKE's VPC. C
upvoted 2 times
pfilourenco
1 year, 4 months ago
you need to Configure VPC Networking Peering export/import routes and custom route advertisements on the Cloud Routers.
upvoted 1 times
pfilourenco
1 year, 4 months ago
https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#cp-on-prem-routing
upvoted 2 times
...
...
...
playpacman
1 year, 4 months ago
A is correct
upvoted 3 times
ccieman2016
1 year, 4 months ago
wrong guy, network peering to on premise?
upvoted 1 times
pfilourenco
1 year, 4 months ago
gke create a network peering by deafault but without export/import custom routes. "Update the peering connection, enabling the export of custom routes, for the peering connection you identified in the previous step." https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#cp-on-prem-routing
upvoted 2 times
...
pfilourenco
1 year, 4 months ago
network peering because of the control plane...
upvoted 1 times
...
playpacman
1 year, 4 months ago
True words, read it again and it’s only one VPC and onprem
upvoted 1 times
gcpengineer
7 months, 2 weeks ago
the control plan resides in google managed vpc
upvoted 1 times
...
pfilourenco
1 year, 4 months ago
study again.
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago