Google Associate-Cloud-Engineer Quiz 13 Topic 5 Questions 61-65

Question: 1

Your engineers need to pass database credentials to a Kubernetes Pod. The YAML they're using looks similar to the following:

apiVersion: "extensions/v1beta1"

kind: "Deployment"

metadata:

name: "products-service"

namespace: "default"

labels:

app: "products-service"

spec:

replicas: 3

selector:

matchLabels:

app: "products-service"

template:

metadata:

labels:

app: "products-service"

spec:

containers:

- name: "products"

image: "gcr.io/find-seller-app-dev/products:latest"

env:

- name: "database_user"

value: "admin"

- name: "database_password"

value: "TheB3stP@ssW0rd"

What is Google's recommended best practice for working with sensitive information inside of Kubernetes?

AStore the credentials in a ConfigMap.

BMount the credentials in a volume.

CUse an environment variable.

DStore the credentials in a Secret.

Show Answer

Question: 2

You're trying to provide temporary access to some files in a Cloud Storage bucket. You want to limit the time that the files are available to 10 minutes. With the fewest steps possible, what is the best way to generate a signed URL?

AIn the UI select the objects and click the Generate Signed URL button.

BCreate a service account and JSON key. Use the gsutil signurl -t 10m command and pass in the JSON key and bucket.

CIn the UI select the objects and click the 'Sign With Key' button.

DCreate a service account and JSON key. Use the gsutil signurl -d 10m command and pass in the JSON key and bucket.

Show Answer

Question: 3

Your team has some new functionality that they want to roll out slowly so they can monitor for errors. The change contains some significant changes to the user interface. You've chosen to use traffic splitting to perform a canary deployment. You're going to start by rolling out the code to 15% of your users. How should you go about setting up traffic splitting?

ADeploy the new version. Split the traffic using an IP or cookie based distribution.

BUse the gcloud app deploy command with the distribution flag to deploy and split the traffic in one command.

CDeploy the new version using the no-promote flag. Split the traffic using a random distribution.

DDeploy the new version using the no-promote flag. Split the traffic using distribution.

Show Answer

Question: 4

You need to connect to one of your Compute Engine instances using SSH. You've already authenticated gcloud, however, you don't have an SSH key deployed yet. In the fewest steps possible, what's the easiest way to connect to the app?

ACreate a key with the ssh-keygen command. Upload the key to the instance. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.

BUse the gcloud compute ssh command.

CCreate a key with the ssh-keygen command. Then use the gcloud compute ssh command.

DRun gcloud compute instances list to get the IP address of the instance, then use the ssh command.

Show Answer

Question: 5

You've created a Pod using the kubectl run command. Now you're attempting to remove the Pod, and it keeps being recreated. Which command might help you as you attempt to remove the pod?

Agcloud container describe pods

Bkubectl get pods

Ckubectl get secrets

Dkubectl get deployments

Show Answer

Google Associate-Cloud-Engineer Quiz:13 Topic:5 Questions:61-65