Answer-first summary for fast verification
Answer: gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS
The health checks for HTTP(S) load balancers originate from specific IP ranges (130.211.0.0/22 and 35.191.0.0/16). If firewall rules block these ranges, health checks fail. The correct solution is to create an **INGRESS** firewall rule allowing TCP traffic from these source ranges to the instances. Option C creates such a rule. Options A (external IP assignment) and D (threshold adjustment) do not resolve firewall issues. Option B incorrectly uses EGRESS direction and destination ranges, which is irrelevant for incoming health checks.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Which commands should you execute to troubleshoot and resolve failing health checks on port 80 for your Compute Engine VM instances behind an HTTP(s) load balancer, where no traffic is being routed to the instances?
A
gcloud compute instances add-access-config instance-1
B
gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS
C
gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS
D
gcloud compute health-checks update http health-check --unhealthy-threshold 10
No comments yet.