Your engineers need to pass database credentials to a Kubernetes Pod. The YAML they're using looks similar to the following:
apiVersion: "extensions/v1beta1"
kind: "Deployment"
metadata:
name: "products-service"
namespace: "default"
labels:
app: "products-service"
spec:
replicas: 3
selector:
matchLabels:
app: "products-service"
template:
metadata:
labels:
app: "products-service"
spec:
containers:
-
name: "products" image: "gcr.io/find-seller-app-dev/products:latest" env:
-
name: "database_user" value: "admin"
-
name: "database_password" value: "TheB3stP@ssW0rd"
What is Google's recommended best practice for working with sensitive information inside of Kubernetes?
A. Store the credentials in a ConfigMap.
B. Mount the credentials in a volume.
C. Use an environment variable.
D. Store the credentials in a Secret.
You're trying to provide temporary access to some files in a Cloud Storage bucket. You want to limit the time that the files are available to 10 minutes. With the fewest steps possible, what is the best way to generate a signed URL?
A. In the UI select the objects and click the Generate Signed URL button.
B. Create a service account and JSON key. Use the gsutil signurl -t 10m command and pass in the JSON key and bucket.
C. In the UI select the objects and click the "Sign With Key" button.
D. Create a service account and JSON key. Use the gsutil signurl -d 10m command and pass in the JSON key and bucket.
Your team has some new functionality that they want to roll out slowly so they can monitor for errors. The change contains some significant changes to the user interface. You've chosen to use traffic splitting to perform a canary deployment. You're going to start by rolling out the code to 15% of your users. How should you go about setting up traffic splitting?
A. Deploy the new version. Split the traffic using an IP or cookie based distribution.
B. Use the gcloud app deploy command with the distribution flag to deploy and split the traffic in one command.
C. Deploy the new version using the no-promote flag. Split the traffic using a random distribution.
D. Deploy the new version using the no-promote flag. Split the traffic using distribution.
You're about to deploy your team's App Engine application. They're using the Go runtime with a Standard Environment. Which command should you use to deploy the application?
A. gcloud app deploy app.yaml
B. gcloud app-engine apply app.yaml
C. gcloud app apply app.yaml
D. gcloud app-engine deploy app.yaml
You need to create a new development Kubernetes cluster with 4 nodes. The cluster will be named linux- academy-dev-cluster. Which of the following truncated commands will create a cluster?
A. gcloud container clusters create linux-academy-dev- cluster --num-nodes 4
B. kubectl clusters create linux-academy-dev-cluster 4
C. kubectl clusters create linux-academy-dev-cluster --num-nodes 4
D. gcloud container clusters create linux-academy-dev-cluster 4
You have a Cloud Storage bucket that needs to host static web assets. How do you make the bucket public?
A. Trick question. Don't ever make a bucket public.
B. Check the "make public" box in the UI.
C. Set allUsers to have the Storage Object Viewer role.
D. gsutil make-public gs://bucket-name
Your team has chosen to use Deployment Manager to create the Compute Engine infrastructure for your application. You've already run the gcloud deployment-manager deployments create command to create the deployment. You've updated 2 resources in the template and need to deploy the change. What command should you use?
A. gcloud deployment-manager resources apply
B. gcloud deployment-manager deployments update
C. gcloud deployment-manager resources update
D. gcloud deployment-manager deployments apply
You have an App Engine application serving as your front-end. It's going to publish messages to Pub/Sub. The Pub/Sub API hasn't been enabled yet. What is the fastest way to enable the API?
A. Use a service account to auto-enable the API.
B. Enable the API in the Console.
C. Application's in App Engine don't require external APIs to be enabled.
D. The API will be enabled the first time the code attempts to access Pub/Sub.
You have an autoscaled managed instance group that is set to scale based on CPU utilization of 60%. There are currently 3 instances in the instance group. You're connected to one of the instances and notice that the CPU usage is a 70%.
However, the instance group isn't starting up another instance.
What's the most likely reason?
A. The autoscaler is disabled.
B. The autoscaler takes 60 seconds before creating a new instance.
C. The load balancer doesn't recognize the instance as healthy.
D. The average CPU for the entire instance group is below 60%.
Your manager needs you to test out the latest version of MS-SQL on a Windows instance. You've created the VM and need to connect into the instance. What steps should you follow to connect to the instance?
A. Generate a Windows password in the console, then use a client capable of communicating via RDP and provide the credentials.
B. Generate a Windows password in the console, then use the RDP button to connect in through the console.
C. Connect in with your own RDP client using your Google Cloud username and password.
D. From the console click the SSH button to automatically connect.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Google exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ASSOCIATE-CLOUD-ENGINEER exam preparations and Google certification application, do not hesitate to visit our Vcedump.com to find your solutions here.