Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Google
  5. PROFESSIONAL-CLOUD-DEVOPS-ENGINEER

Free PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Exam Braindumps (page: 24)

Page 23 of 46
PDF with 201 Questions

You are building and deploying a microservice on Cloud Run for your organization Your service is used by many applications internally You are deploying a new release, and you need to test the new version extensively in the staging and production environments You must minimize user and developer impact.
What should you do?

  1. Deploy the new version of the service to the staging environment Split the traffic, and allow 1 % of traffic through to the latest version Test the latest version If the test passes gradually roll out the latest version to the staging and production environments
  2. Deploy the new version of the service to the staging environment Split the traffic, and allow 50% of traffic through to the latest version Test the latest version If the test passes, send all traffic to the latest version Repeat for the production environment
  3. Deploy the new version of the service to the staging environment with a new-release tag without serving traffic Test the new-release version If the test passes; gradually roll out this tagged version Repeat for the production environment
  4. Deploy a new environment with the green tag to use as the staging environment Deploy the new version of the service to the green environment and test the new version If the tests pass, send all traffic to the green environment and delete the existing staging environment Repeat for the production environment

Answer(s): C

Explanation:

The best option for deploying a new release of your microservice on Cloud Run and testing it extensively in the staging and production environments with minimal user and developer impact is to deploy the new version of the service to the staging environment with a new-release tag without serving traffic, test the new-release version, and if the test passes, gradually roll out this tagged version. A tag is a label that you can assign to a revision of your service on Cloud Run. You can use tags to create different versions of your service without affecting traffic. You can also use tags to gradually roll out traffic to a new version of your service by using traffic splitting. This way, you can test your new release extensively in both environments and minimize user and developer impact.



You work for a global organization and run a service with an availability target of 99% with limited engineering resources. For the current calendar month you noticed that the service has 99 5% availability. You must ensure that your service meets the defined availability goals and can react to business changes including the upcoming launch of new features You also need to reduce technical debt while minimizing operational costs You want to follow Google-recommended practices What should you do?

  1. Add N+1 redundancy to your service by adding additional compute resources to the service
  2. Identify, measure and eliminate toil by automating repetitive tasks
  3. Define an error budget for your service level availability and minimize the remaining error budget
  4. Allocate available engineers to the feature backlog while you ensure that the sen/ice remains within the availability target

Answer(s): C



You are developing the deployment and testing strategies for your CI/CD pipeline in Google Cloud

You must be able to
· Reduce the complexity of release deployments and minimize the duration of deployment rollbacks
· Test real production traffic with a gradual increase in the number of affected users You want to select a deployment and testing strategy that meets your requirements What should you do?

  1. Recreate deployment and canary testing
  2. Blue/green deployment and canary testing
  3. Rolling update deployment and A/B testing
  4. Rolling update deployment and shadow testing

Answer(s): B

Explanation:

The best option for selecting a deployment and testing strategy that meets your requirements is to use blue/green deployment and canary testing. A blue/green deployment is a deployment strategy that involves creating two identical environments, one running the current version of the application (blue) and one running the new version of the application (green). The traffic is switched from blue to green after testing the new version, and if any issues are discovered, the traffic can be switched back to blue instantly. This way, you can reduce the complexity of release deployments and minimize the duration of deployment rollbacks. A canary testing is a testing strategy that involves releasing a new version of an application to a subset of users or servers and monitoring its performance and reliability. This way, you can test real production traffic with a gradual increase in the number of affected users.



You are creating a CI/CD pipeline to perform Terraform deployments of Google Cloud resources Your CI/CD tooling is running in Google Kubernetes Engine (GKE) and uses an ephemeral Pod for each pipeline run You must ensure that the pipelines that run in the Pods have the appropriate Identity and Access Management (1AM) permissions to perform the Terraform deployments You want to follow Google-recommended practices for identity management What should you do? Choose 2 answers

  1. Create a new Kubernetes service account, and assign the service account to the Pods Use Workload Identity to authenticate as the Google service account
  2. Create a new JSON service account key for the Google service account store the key as a Kubernetes secret, inject the key into the Pods, and set the boogle_application_credentials environment variable
  3. Create a new Google service account, and assign the appropriate 1AM permissions
  4. Create a new JSON service account key for the Google service account store the key in the secret management store for the CI/CD tool and configure Terraform to use this key for authentication
  5. Assign the appropriate 1AM permissions to the Google service account associated with the Compute Engine VM instances that run the Pods

Answer(s): A,C

Explanation:

The best options for ensuring that the pipelines that run in the Pods have the appropriate IAM permissions to perform the Terraform deployments are to create a new Kubernetes service account and assign the service account to the Pods, and to use Workload Identity to authenticate as the Google service account. A Kubernetes service account is an identity that represents an application or a process running in a Pod. A Google service account is an identity that represents a Google Cloud resource or service. Workload Identity is a feature that allows you to bind Kubernetes service accounts to Google service accounts. By using Workload Identity, you can avoid creating and managing JSON service account keys, which are less secure and require more maintenance. You can also assign the appropriate IAM permissions to the Google service account that corresponds to the Kubernetes service account.






Post your Comments and Discuss Google PROFESSIONAL-CLOUD-DEVOPS-ENGINEER exam with other Community members:

Exam Discussions & Posts