16 Questions
What is the primary requirement for the operational team in managing instances on Compute Engine?
Administrative access to the servers
What is the benefit of using a configuration management tool to deploy SSH keys?
Operationally efficient deployment of credentials
What is the role that needs to be granted to the Google group corresponding to the operational team?
compute.osAdminLogin
What is the recommended range for a custom VPC subnet?
10.0.0.0/8
What is the primary consideration when creating a custom VPC subnet?
Largest possible range
What is the benefit of using SSH keys in managing instances on Compute Engine?
Improved operational efficiency
What is the primary advantage of granting the compute.osAdminLogin role to the Google group?
Simplifying administrative tasks
What is the relevant RFC for private network ranges?
RFC 1918
How many IP addresses are available in the 24-bit block 10.0.0.0/8?
16777216
What is the purpose of enabling binary logging in Cloud SQL (MySQL)?
To enable point-in-time recovery
What does the 20-bit block 172.16.0.0/12 provide?
1048576 IP addresses
What is the correct configuration for autohealing for network load balancing?
Create a managed instance group with an Autohealing health check
What is the purpose of health checks for load balancing?
To detect unresponsive instances and direct traffic away from them
How many IP addresses are available in the 16-bit block 192.168.0.0/16?
65536
What is the purpose of health checks for auto healing?
To detect and recreate failed instances
Why should you use separate health checks for load balancing and auto healing?
Because load balancing health checks detect unresponsive instances and direct traffic away from them, while auto healing health checks detect and recreate failed instances
Study Notes
CertyIQ - Managing Instances and Networking
- To manage a large number of instances on Compute Engine, each team member needs administrative access to the servers, and security teams need to determine who accessed a given instance.
- Solution: Ask each team member to generate a new SSH key pair and add the public key to their Google account. Grant the compute.osAdminLogin role to the Google group corresponding to the team.
VPC and Subnet Ranges
- To create a custom VPC with a single subnet, the subnet's range should be as large as possible.
- Recommended range: 10.0.0.0/8 (16777216 IP Addresses), a private network range defined by IETF and adhered to by all cloud providers.
Relational Data on Google Cloud Platform
- For a cost-effective solution for relational data, select Cloud SQL (MySQL) and verify that the enable binary logging option is selected to support point-in-time recovery.
Autohealing for Network Load Balancing
- To configure autohealing for network load balancing, create a managed instance group and set the Autohealing health check to healthy (HTTP) with 3 attempts of 10 seconds each to re-create VMs if they are unresponsive.
- Note: Use separate health checks for load balancing and autohealing.
Managing access to Compute Engine instances for team members with administrative access while ensuring secure credential deployment and tracking access.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
