Answer-first summary for fast verification
Answer: Create the appropriate master authorized network entries to allow the instance to communicate to the master.
In a GKE private cluster, the master's control plane is accessible via a private endpoint within the VPC. The issue described suggests that the instance is attempting to communicate with the master through the public endpoint without proper authorization. The correct solution is to ensure the instance's IP address is included in the master authorized networks to allow communication. This is addressed by option D. Assigning a public IP address (Option A) or creating routes (Option B) does not resolve the authorization issue. Similarly, while firewall policies (Option C) are important for security, they are not the solution to the specific problem described.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You have created a private Google Kubernetes Engine cluster and are attempting to check pod statuses using kubectl. However, one of your instances cannot reach the master node, despite the cluster being operational.
What steps should you take to resolve this connectivity issue?
A
Assign a public IP address to the instance.
B
Create a route to reach the Master, pointing to the default internet gateway.
C
Create the appropriate firewall policy in the VPC to allow traffic from Master node IP address to the instance.
D
Create the appropriate master authorized network entries to allow the instance to communicate to the master.
No comments yet.