Having created a Container Engine for Kubernetes (OKE) cluster, you can use Oracle Cloud Infrastructure (OCI) Logging to view and search the logs of applications running on the worker node compute instances in the cluster. Which task is NOT required to collect and parse applicationlogs? (Choose the best answer.) Create a dynamic group with a rule that includes all worker nodes In the cluster. Set the OCI Logging option to Enabled for the cluster. Enable monitoring for all worker nodes in the cluster. Configure a custom log in OCI Logging with the appropriate agent configuration.
Your team has created a serverless application deployed in Oracle Functions. It uses a Python function leveraging the Oracle Cloud Infrastructure (OCI) Python SDK to stop any OCI compute instance that does not comply with your corporate security standards. Although there are three non-compliant OCI compute instances, when you invoke this function, none of the instances were stopped. With respect to this issue, which of the following is a valid troubleshooting strategy? Enable function logging in the OCI console, add some print statements in your function code,and then view the logs to troubleshoot. Enable function remote debugging in the OCI console, and then use your favorite IDE to inspect the function running on Oracle Functions. Ensure that the application is deployed within the same OCI compartment as the instance, because you cannot enable function execution data from the OCI console. Enable function tracing in the OCI console, and then go to the OCI Monitoring console to view the function stack trace.
Your organization has mandated that all deployed container images used for microservices must be signed by a specified master encryption key (MEK). You have appropriately signed the container images as part of your build process, but must now ensure that they are automatically verified when they are deployed to Oracle Cloud Infrastructure (OCI) Container Engine for Kubemetes (OKE) clusters. Which option should be used to mandate image verification when deploying to OKEclusters, assuming that MEK is already stored in an available OCI Vault? (Choose the best answer.) Enable image verification policies separately for each Kubemetes pod deployment because this is enforced at the pod level. Enable image verification policies separately for each node pool within each OKE cluster because this is enforced at the node pool level. Enable image verification policies separately for each OKE cluster because this is enforced at the cluster level. Enable Image verification policies for your OKE service control plane which will enforce this for all OKE clusters.
You plan to implement logging in your services that will run in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). Which statement describes the appropriate logging approach? All services log to standard output only. Each service logs to its own log file. All services log to an external logging system. All services log to a shared log file.
From a DevOps process standpoint, it is a good practice to keep changes to an application under version control. Which of the following allows changes to a Docker image to be stored in a version control system? Updating docker-compose.yml Executing docker commit Executing docker save Updating Dockerfile.
Which TWO statements are correct regarding Docker images and containers? (Choose two.) Only one container can be spawned from a given image at a time. An image is a collection of immutable layers whereas a container is a running instance of an image. If multiple containers are spawned from the same image, then they all use the same copy of that image in memory. Writing and building a new Dockerfile is the only way you can create new Docker images. A container can exist without an image but an image cannot exist without a container.
You have created a repository in Oracle Cloud Infrastructure Registry (OCIR) in the us-ashburn-1 (iad) region in your tenancy with the heyoci namespace. Which three are valid tags for an image named myapp? (Choose three.) iad.ccir.io/heyoci/myapp:latest iad.ocir.io/heyoci/myapp:0.0.2-beta iad.ocir.io/heyoci/myproject/myapp:0.0.1 us-ashburn-1.ocir.io/myproject/heyoci/myapp:latest us-ashburn-1.ocir.io/heyoci/myapp:0.0.2-beta us-ashburn-1.ocir.io/heyoci/myproject/myapp:0.0.2-beta.
As a developer, you have been tasked with implementing a microservices-based application. Which THREE technologies are best suited to accomplish the task? (Choose three.) Terraform Big Data Anomaly Detection Service Mesh Docker Kubemetes.
You are developing a real-time monitoring application for a fleet of vehicles, which will be deployed on Oracle Cloud Infrastructure (OCI). You need to choose between using OCI Queue or OCI Streaming to handle the real-time data feeds from the vehicles. Based on the scenario described, which is the most appropriate choice for handling real-time data feeds? OCI Streaming, because it is designed for high-volume, continuous ingestion and processing of data, making it the best choice for a fleet of vehicles OCI Streaming, because it offers exactly-once message delivery, which is necessary for real-time applications OCI Queue, because it is optimized for low-latency messaging and ideal for real-time applications OCI Queue, because it provides at-least-once message delivery, which is critical for real-time monitoring applications.
You developed a microservices-based application that runs in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster. Your security team wants to use SSL termination for this application. What should you do to create a secure SSL termination for this application using the fewest steps possible? Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service.beta.kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-tls-secret: ssl certificate-secret Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service.beta.kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-security-list management-mode: "Frontend" Add these annotations to the kubernetes service: annotations: service.beta.kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-ssl-secret-key: ssl secret-key Generate a self-signed certificate using Let's Encrypt. Use that certificate on OCI Load Balancer. Create the Kubernetes service using this load balancer.
What are the TWO main reasons you would choose to implement a serverless architecture? (Choose two.) No need for integration testing Automatic horizontal scaling Easier to run long-running operations Reduced operational cost Improved in-function state management.
A DevOps engineer is troubleshooting the Meshifyd application, which is running in an Oracle Cloud Infrastructure (OCI) environment. The engineer has set up the OCI Logging service to store access logs for the application but notices that the logs from the Meshifyd application are not showing up in the logging service. The engineer suspects that there might be an issue with the logging configuration. Which two statements are potential reasons for logs from the Meshifyd application not showing up in the OCI Logging service? The logconfig.json file has incorrect or missing OCID for the custom log in the logobjectId field. The OCI Logging service is set up to pre access logs by creating a log group and custom log within the same compartment. The logconfig.json file has incorrect or missing information in the application namespace in the paths field. The logconfig.json file has incorrect or missing information in the application namespace in the src field. The logconfig.json file has incorrect or missing OCID for the custom log group in the logGroupObjectId field.
Which is NOT a valid option to execute a function deployed in Oracle Functions? Invoke from the Docker CLI. Send signed HTTP requests to the function's invoke endpoint. Invoke from the Fn Project CLI. Trigger by an event in the Oracle Cloud Infrastructure (OCI) Events service. Invoke from the OCI CLI.
What is the difference between blue/green and canary deployment strategies? (Choose the best answer.) In blue/green, current applications are slowly replaced with new ones. In canary, the application Is deployed Incrementally to a select group of people. In blue/green, both old and new applications are in production at the same time. In canary, the application Is deployed incrementally to a select group of people. In blue/green, current applications are slowly replaced with new ones. In canary, both old and new applications are in production at the same time. In blue/green, the application Is deployed In minor Increments to a select group of people. In canary, both old and new applications are simultaneously in production.
Which "Action Type" option is NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? Streaming Email Notifications Functions.
|
