PROFESSIONAL-CLOUD-DEVOPS-ENGINEER · Question #73
PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Question #73: Real Exam Question with Answer & Explanation
The correct answer is B: Use Network Connectivity Center to perform a Connectivity Test from Cluster A to Cluster B.. Network Connectivity Center's Connectivity Tests allow you to test network reachability between two endpoints (e.g., GKE nodes in different VPCs) by analyzing the network configuration - routes, firewall rules, VPC peering - without requiring exec access to nodes or workloads. It
Question
You are configuring connectivity across Google Kubernetes Engine (GKE) clusters in different VPCs. You notice that the nodes in Cluster A are unable to access the nodes in Cluster B. You suspect that the workload access issue is due to the network configuration. You need to troubleshoot the issue but do not have execute access to workloads and nodes. You want to identify the layer at which the network connectivity is broken. What should you do?
Options
- AInstall a toolbox container on the node in Cluster Confirm that the routes to Cluster B are
- BUse Network Connectivity Center to perform a Connectivity Test from Cluster A to Cluster B.
- CUse a debug container to run the traceroute command from Cluster A to Cluster B and from
- DEnable VPC Flow Logs in both VPCs, and monitor packet drops.
Explanation
Network Connectivity Center's Connectivity Tests allow you to test network reachability between two endpoints (e.g., GKE nodes in different VPCs) by analyzing the network configuration - routes, firewall rules, VPC peering - without requiring exec access to nodes or workloads. It identifies the exact layer where connectivity breaks. Options A and C require exec access into nodes or containers, which the user does not have. VPC Flow Logs (D) can show dropped packets but require manual log analysis and do not pinpoint the broken layer directly.
Topics
Community Discussion
No community discussion yet for this question.