Answer-first summary for fast verification
Answer: Cordon the node to prevent new Pods from being scheduled, the drain the node to safely remove existing Pods and reschedule them to other nodes.
To isolate a potentially compromised node in a GKE cluster while minimizing disruption to applications, the best approach is to cordon the node to prevent new Pods from being scheduled on it and then drain the node to safely remove existing Pods and reschedule them to other nodes. This method ensures that the suspicious node is isolated from the rest of the cluster without abruptly terminating the Pods, which could lead to application downtime or data loss. Tainting the node (Option A) does not isolate it but rather affects scheduling based on tolerations. Scaling down the deployment (Option B) only addresses the compromised container but does not isolate the node. Restarting the node (Option C) is disruptive and does not guarantee that the malicious activity will be stopped or that Pods will be rescheduled properly.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You receive a Cloud Monitoring alert about potential malicious activity on a node in your Google Kubernetes Engine (GKE) cluster, suggesting a compromised container. You need to isolate the node to prevent further compromise while minimizing disruption to other applications in the cluster. What is the recommended course of action?
A
Taint the suspicious node to prevent Pods that have interacted with it from being scheduled on other nodes in the cluster
B
Scale down the deployment associated with the compromised container to zero other nodes
C
Restart the node to disrupt the malicious activity, and force all Pods to be restructured on other nodes.
D
Cordon the node to prevent new Pods from being scheduled, the drain the node to safely remove existing Pods and reschedule them to other nodes.
No comments yet.