Google Cloud Professional Cloud DevOps Engineer — Question 115

You are configuring connectivity across Google Kubernetes Engine (GKE) clusters in different VPCs. You notice that the nodes in Cluster A are unable to access the nodes in Cluster B. You suspect that the workload access issue is due to the network configuration. You need to troubleshoot the issue but do not have execute access to workloads and nodes. You want to identify the layer at which the network connectivity is broken. What should you do?

Answer options

• A. Install a toolbox container on the node in Cluster Confirm that the routes to Cluster B are configured appropriately.
• B. Use Network Connectivity Center to perform a Connectivity Test from Cluster A to Cluster B.
• C. Use a debug container to run the traceroute command from Cluster A to Cluster B and from Cluster B to Cluster A. Identify the common failure point.
• D. Enable VPC Flow Logs in both VPCs, and monitor packet drops.

Correct answer: B

Explanation

The correct answer is B because the Network Connectivity Center provides a dedicated tool for testing connectivity between different networks, which is ideal for identifying issues between Cluster A and Cluster B. The other options either require permissions that are unavailable or do not directly test the connectivity at the network layer as effectively as the connectivity test does.