Which statement about microservices is FALSE? They are typically designed around business capabilities. It is fairly common for them to communicate with HTTP. Multiple microservices can run in one process. They are independently deployable.
Which testing measure should be considered when using test cases that simultaneously validate a deployment and perform a selected set of functional tasks? Resource Utilization Functionality Scalability Robust Deployment Resiliency.
What is the open source engine for Oracle Functions? Fn Project Apache OpenWhisk OpenFaas Knative.
Which feature is typically NOT associated with Cloud Native? Immutable Infrastructure Declarative APIs Containers Application Servers Service Meshes.
You want to push a new image in the Oracle Cloud Infrastructure (OCI) Registry.
Which TWO actions would you need to perform? (Choose two.) Generate an API signing key to complete the authentication via Docker CLI. Generate an auth token to complete the authentication via Docker CLI. Assign an OCI defined tag via OCI CLI to the image. Assign a tag via Docker CLI to the image. Generate an OCI tag namespace in your repository.
You plan to implement logging in your services that will run in Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE).
Which statement describes the appropriate logging approach? All services log to standard output only. Each service logs to its own log file. All services log to an external logging system. All serviceAAs log to a shared log file.
Which is ONE of the differences between a microservice and a serverless function? Microservices are used for long running operations while serverless functions are used for short running operations. Microservices are triggered by events while serverless functions are not. Microservices are stateless while serverless functions are stateful. Microservices always use a data store while serverless functions never use a data store.
What are the TWO main reasons you would choose to implement a serverless architecture? (Choose two.) No need for integration testing Automatic horizontal scaling Easier to run long-running operations Reduced operational cost Improved in-function state management.
You are a developing a microservices application that will be a consumer of the Oracle Cloud Infrastructure (OCI) Streaming service.
Which API method should you use to read and process a stream? GetStream ReadMessages ProcessStream ReadStream GetMessages.
As a Cloud Native developer, you develop two services in Node.js and deploy them to two different Container Engine for Kubernetes (OKE) clusters that use the same Virtual Cloud Network (VCN). Your security team wants to analyze the network communication between them. How can this requirement be met in the most cost-effective way? Rewrite the application and send the application logs to an outside log aggregator. Deploy a third-party logging service and aggregate the network flow logs. Use the OCI Logging service and enable VCN flow logs. Deploy Wireshark and intercept the packets.
You have created a repository in Oracle Cloud Infrastructure Registry (OCIR) in the us-ashburn-1 (iad) region in your tenancy with the heyoci namespace.
Which three are valid tags for an image named myapp? (Choose three.) iad.ocir.io/heyoci/myapp:latest iad.ocir.io/heyoci/myapp:0.0.2-beta iad.ocir.io/heyoci/myproject/myapp:0.0.1 us-ashburn-1.ocir.io/myproject/heyoci/myapp:latest us-ashburn-1.ocir.io/heyoci/myapp:0.0.2-beta us-ashburn-1.ocir.io/heyoci/myproject/myapp:0.0.2-beta.
Which of the following step is NOT required for setting up the Container Engine for Kubernetes (OKE) cluster access using a local installation of kubectl? Generate Auth token from the OCI console to access the OKE cluster using kubectl. Install and configure the Oracle Cloud Infrastructure (OCI) CLI. Set up the kubeconfig file. Generate an API signing key pair (if you do not already have one) and upload the public key of the API signing key pair.
Which TWO statements are correct regarding Docker images and containers? (Choose two.) Only one container can be spawned from a given image at a time. An image is a collection of immutable layers whereas a container is a running instance of an image. If multiple containers are spawned from the same image, then they all use the same copy of that image in memory. Writing and building a new Dockerfile is the only way you can create new Docker images. A container can exist without an image but an image cannot exist without a container.
Which option best defines microservices? A statically typed and compiled language. An open-source system for automating deployment, scaling, and management of containerized applications. A finely tuned piece of software that performs a single or small collection of tasks. An organized collection of structured information or data, typically stored electronically in a computer system.
A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR).
Which configuration is necessary to provide access to this repository from OKE? Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in the application deployment manifest. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment. Add a generic secret on the cluster containing your identity credentials. Then specify a registryCredentials property in the deployment manifest.
Your Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) administrator has created an OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of the nodes for troubleshooting purpose.
Which step should you take to obtain the log file? Use the username opc and password to login. It is impossible because OKE is a managed Kubernetes service. SSH into the nodes using the private key. SSH into the node using the public key.
You developed a microservices-based application that runs in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster. Your security team wants to use SSL termination for this application.
What should you do to create a secure SSL termination for this application using the fewest steps possible? Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations:
service.beta.kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load- balancer-tls-secret: ssl certificate-secret Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations:
service.beta.kubernetes.io/oci-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load- balancer-security-list management-mode: "Frontend" Add these annotations to the kubernetes service: annotations: service.beta.kubernetes.io/oci- load-balancer-ssl-ports: "443" service.beta.kubernetes.io/oci-load-balancer-ssl-secret-key: ssl secret- key Generate a self-signed certificate using Let's Encrypt. Use that certificate on OCI Load Balancer.
Create the Kubernetes service using this load balancer.
You are building a cloud native serverless travel application with multiple Oracle Functions in Java, Python, and Node.js. You need to build and deploy these functions to a single application named travel-app.
Which command will help you complete this task successfully? fn function deploy app travel-app--all fn app deploy --app travel-app --all fn app --app travel-app deploy --ext java pyljs fn deploy --app travel-app --all.
Which of the following is NOT a criterion that is usually met by a microservice? Organized around business capabilities. Tightly coupled Highly maintainable Independently deployable.
You have just finished building and compiling the software required to implement the API microservice component. You need to rebuild the API docker image, and plan to tag it as:
ocIdevops/api:latest Which docker command would re-create the API docker image? docker build -t OCIdevops/api:latest docker create -t OCIdevops/api:latest docker image -t OCIdevops/api:latest docker compile -t OCI devops/api:latest.
You are developing a polyglot serverless application using Oracle Functions.
Which language cannot be used to write your function code? PL/SQL Python Node.js Go Java.
(CHK_4>2) You have a scenario where a DevOps team wants to store secrets in Oracle Cloud Infrastructure (OCI) Vault so that it can inject the secrets into an app's environment variables (for example, MYSQL_DB_PASSWD) at deployment time.
Which is NOT valid about managing secrets in the OCI Vault service? New secret versions automatically expire in 90 days unless you configure an expiry rule. You can manually create new secrets as well as new secret versions using the OCI Console: A unique OCID is automatically generated for each secret and remains unchanged even when creating a new secret version. A secret reuse rule prevents the use of secret contents across different versions of a secret.
You are creating an API deployment in Oracle Cloud Infrastructure (OCI) API Gateway and you want to configure request policies to control access.
Which is NOT available in OCI API Gateway? Controlling access to the backend OCI resources. Limiting the number of requests sent to the backend services. Enabling Cross-Origin Resource Sharing (CORS) support. Providing authentication and authorization.
You are building a container image and pushing it to Oracle Cloud Infrastructure Registry (OCIR). You need to ensure that these images never get deleted from the repository.
Which action should you take? Write a policy to limit access to the specific repository in your compartment. Create a group and assign a policy to perform lifecycle operations on images. Set global policy of image retention to "Retain All Images". Edit the tenancy global retention policy.
Your organization has deployed their e-commerce application on Oracle Container Engine for Kubernetes (OKE) and they are using the Oracle Cloud Infrastructure Registry (OCIR) service as their Docker image repository. They have deployed the OKE cluster using the 'custom create' option, and their Virtual Cloud Network (VCN) has three public subnets with associated Route Tables, Security Lists, and Internet Gateway. However, their application containers are failing to deploy. On investigation, they discover that the images are not being pulled from the designated OCIR repository, even though the YAML configuration has the correct path to the images.
What is a valid concern here that needs to be further investigated? Security List rule for TCP port 22 needs to be added to connect to the OCIR service. VCN hosting the OKE cluster worker nodes needs to have a NAT gateway to access OCIR repositories. Identity and Access Management (IAM) credentials need to be added for each user that deploys applications to the OKE cluster. OKE cluster needs to have a secret with the credentials of their OCIR repository and use that secret in the Kubernetes deployment manifest.
Your team has created a serverless application deployed in Oracle Functions. It uses a Python function leveraging the Oracle Cloud Infrastructure (OCI) Python SDK to stop any OCI compute instance that does not comply with your corporate security standards. Although there are three non- compliant OCI compute instances, when you invoke this function, none of the instances were stopped. With respect to this issue, which of the following is a valid troubleshooting strategy? Enable function logging in the OCI console, add some print statements in your function code, and then view the logs to troubleshoot. Enable function remote debugging in the OCI console, and then use your favorite IDE to inspect the function running on Oracle Functions. Ensure that the application is deployed within the same OCI compartment as the instance, because you cannot enable function execution data from the OCI console. Enable function tracing in the OCI console, and then go to the OCI Monitoring console to view the function stack trace.
A Docker image consists of one or more layers, each of which represents a Dockerfile instruction. The layers are stacked and each one is a delta of the changes from the previous layer.
What permission is associated with these layers? read mostly write only movable read only write once.
Oracle Functions monitors all deployed functions and collects and reports various metrics.
Which is NOT available when viewing the Application metrics in the Oracle Cloud Infrastructure (OCI) Console? The length of time a function runs for. The number of retries made by the function before failing due to an error. The number of requests to invoke a function that failed due to throttling. The number of requests to invoke a function that failed with an error response.
Which TWO are required to access the Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster from the kubectl CLI? (Choose two.) Tiller enabled on the OKE cluster. An SSH key pair with the public key added to the cluster worker nodes. Install and configure the OCI CLI. A configured OCI API signing key pair. OCI Identity and Access Management (IAM) Auth Token.
Which TWO statements accurately describe an Oracle Functions application? (Choose two.) A common context to store configuration variables that are available to all functions in the application. A Docker image containing all the functions that share the same configuration. An application based on Oracle Functions, Oracle Cloud Infrastructure (OCI) Events, and OCI API Gateway services. A small block of code invoked in response to an OCI Events service.
A logical group of functions. A Docker image containing all the functions that share the same configuration.
A developer using Oracle Cloud Infrastructure (OCI) API Gateway needs to authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string-based parameters from the API caller.
Which approach should the developer use in this scenario? Create a cross account functions authorizer. Create an authorizer function using OCI Identity and Access Management 91AM) based authentication. Create an authorizer function using request header authorization. Create an authorizer function using token-based authorization.
To enforce mutual TLS (mTLS) authentication for clients of your microservices, your team has chosen to leverage the Oracle Cloud Infrastructure (OCI) API Gateway service to create new API Deployments that will direct requests to your microservices.
Which is NOT valid regarding the mTLS options in OCI API Gateway? Custom CA or custom CA bundles can be added to your gateway's trust store ONLY if they already exist in the OCI Certificates service. Adding a custom certificate authority (CA) or custom CA bundle to your gateway's trust store for mTLS is optional unless you need to reject certificates that do not contain particular values (such as a domain name). The mTLS request policy can only be enabled at the API deployment specification level, which then applies globally to ALL routes in that deployment. Once the mTLS request policy is enabled, ALL requests with valid certificates are routed to the backend unless you have defined one or more particular values (such as a domain name).
With the volume of communication that can happen between different components in cloud-native applications, it is vital to not only test functionality, but also service resiliency.
Which statement is true regarding service resiliency? Resiliency is about avoiding failures. Resiliency testing can be done only in a test environment. Resiliency is about recovering from failures without downtime or data loss. Resiliency is about not bringing a service to a functioning state after a failure.
You have two microservices, A and B running in production. Service A relies on APIs from service B. You want to test changes to service A without deploying all of its dependencies, which includes service B.
Which approach should you take to test service A? Test using a previous test version of service B. Test using an API mock of service Test using the current production version of service B. This is not possible because service B is a dependency.
You are developing a distributed application and you need a call to a path to always return a specific JSON content deploy an OCI API Gateway with the below API deployment specification.
What is the correct value for type? { "routes" : [{ "path" : "/hello", "methods" : ["Get"), "backend" : { "type" : " ---- ------------ ", "status" : 200, "headers" : [{ "name" : "Content-Type", "value" : "application/json" }] "body" : "{\"myjson\": \"consistent response\"}" }}]} STOCK_RESPONSE_BACKEND CONSTANT_BACKEND JSON_BACKEND HTTP_BACKEND.
Which statement accurately describes the Oracle Cloud Infrastructure (OCI) Load Balancer integration with OCI Container Engine for Kubernetes (OKE)? OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalancer type in the YAML configuration. OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration. OCI Load Balancer instance provisioning is triggered by the OCI Events service for each Kubernetes service with LoadBalancer type in the YAML configuration. OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing.
Which TWO are part of the Cloud Native Computing Foundation (CNCF) container runtime? (Choose two.) rkt-o runc getcd containerd.
Which is NOT a valid option to execute a function deployed in Oracle Functions? Invoke from the Docker CLI. Send signed HTTP requests to the function's invoke endpoint. Invoke from the Fn Project CLI. Trigger by an event in the Oracle Cloud Infrastructure (OCI) Events service. Invoke from the OCI CLI.
From a DevOps process standpoint, it is a good practice to keep changes to an application under version control.
Which of the following allows changes to a Docker image to be stored in a version control system? Updating docker-compose.yml Executing docker commit Executing docker save Updating Dockerfile.
(CHK_4>3) Your development team decides to create and deploy some business logic to serverless Oracle Functions. You are asked to help facilitate the monitoring, logging, and tracing of these services.
Which is NOT valid about troubleshooting Oracle Functions? Oracle Functions invocation is enabled by default Oracle Functions invocation logs are enabled at the application level. Oracle Functions metrics are available at both the function and application level. Oracle Functions tracing is enabled at the function level.
(CHK_4>2) Which TWO statements are NOT valid regarding the Oracle Cloud Infrastructure (OCI) Streaming service? (Choose two.) OCI Streaming stores all data for 24 hours by default, but that can be extended up to 7 days.B Although OCI Streaming automatically encrypts all data while in transit, it is the developer's responsibility to encrypt data at rest, if needed. The throughput of a stream is defined by a partition. A partition provides 1 MB/sec data input and 2 MB/sec data output. A stream can be configured with either a public or a private endpoint with support for customer managed encryption keys. OCI Streaming can support up to 2,000 requests per second to each partition.
To effectively test your cloud native applications for "unknown unknowns", you need to employ various testing and deployment strategies.
Which strategy involves exposing new functionality or features to only a small set of users? A/B Testing Component Testing Blue/Green Deployment Canary Deployment.
Your team has chosen to use master encryption key (MEK) within an Oracle Cloud Infrastructure (OCI) Vault for encrypting Kubernetes secrets associated with your microservice deployments in OCI Container Engine for Kubernetes (OKE) clusters so that you can easily manage key rotation.
Which of the following is NOT valid about rotating keys in the OCI Vault service? Once rotated, older key versions can be used for encryption until they are deleted. Both software and HSM-protected MEKS can be rotated. When you rotate an MEK, a new key version is automatically generated. Each key version is tracked internally with separate unique OCIDS.
You are developing a serverless application with Oracle Functions and Oracle Cloud Infrastructure Object Storage. Your function needs to read a JSON file object from an Object Storage bucket named "input-bucket" in compartment "qa-compartment". Your corporate security standards mandate the use of Resource Principals for this use case.
Which two statements are needed to implement this use case? (Choose two.) Set up a policy to grant all functions read access to the bucket: allow all functions in compartment qa-compartment to read objects in target.bucket.name= "input-bucket' Set up a policy to grant your user account read access to the bucket: allow user XYZ to read objects in compartment qa-compartment where target.bucket.name= "input-bucket' Set up the following dynamic group for your function's OCID: Name: read-file-dg Rule: resource.id = "ocid.fnfunc.oc.phx.aaaaaaaakeaobctakezjz5i4ujj7g25q7sx5m vr55pms6f4da' No policies are needed. By default, every function has read access to Object Storage buckets in the tenancy. Set up a policy with the following statement to grant read access to the bucket: allow dynamic- group read-file-dg to read objects in compartment qa- compartment where target.bucket.name= 'input-bucket'.
Which one of the following is NOT a valid backend-type supported by Oracle Cloud Infrastructure (OCI) API Gateway? STOCK_RESPONSE_BACKEND HTTP BACKEND ORACLE_FUNCTIONS_BACKEND ORACLE_STREAMS_BACKEND.
You encounter an unexpected error when invoking Oracle Functions from your Cloud Shell session named myfunction in the myapp application.
Which option will get you more information on the error? fn --verbose invoke myapp myfunction fn --debug invoke myapp myfunction Contact Oracle support with your error message DEBUG=1 fn invoke myapp myfunction.
Which of the following TWO statements are TRUE about deleting a Kubernetes cluster? (Choose two.) Upon deleting a cluster, other resources created during the cluster creation process or associated with the cluster (such as VCNS, Internet Gateways, NAT Gateways, Route Tables, Security Lists, B.
Load Balancers, and Block Volumes) are deleted automatically. If you change the auto-generated name of a worker node and then delete the cluster, the renamed worker node is not deleted. Upon deleting a cluster, no other resources created during the cluster creation process or associated with the cluster (such as VCNS. Internet Gateways, NAT Gateways, Route Tables, Security Lists. Load Balancers, and Block Volumes) are deleted automatically. Changing the auto-generated name of a worker node does not affect the deletion of the worker node when the cluster in which it is created is deleted. You cannot change the autogenerated names of the worker nodes in the format oke-c<part-of cluster- CCID>-<part-of-node-pool-OCID>-<part-of-subnet-OCID>-<slot> within a Kubernetes cluster.
(CHK_1>3) You have an e-commerce application that loads customers' transactional data into the Oracle Cloud Infrastructure (OCI) Streaming service. The data must now be extracted and transformed before sending it to a third-party REST endpoint. You have been directed to leverage the OCI Service Connector Hub to automate this process.
Which configuration option would address this requirement? Configure a new service connector as follows: · Source: Streaming · Task: Functions · Target: Functions Configure a new service connector as follows: · Source: Streaming · Task: API Gateway · Target: Notifications Configure a new service connector as follows: · Source: Streaming · Task: None · Target: Notifications Configure a new service connector as follows: · Source: Streaming · Task: API Gateway · Target: Functions Configure a new service connector as follows: · Source: Streaming · Task: Functions · Target: API Gateway.
Which THREE are valid statements regarding the OCI Container Engine for Kubernetes (OKE) service? (Choose three.) You must have access to an Oracle Cloud Infrastructure tenancy. Your tenancy must have sufficient quota on different types of resources. OKE cannot use existing network resources for the creation of a new cluster. OKE automatically creates and configures new network resources for the new cluster. There is a limit of three clusters within each region, but there is no limit on the number of nodes and pods you can create within each cluster.
Which TWO are characteristics of microservices? (Choose two.) Microservices communicate over lightweight APIs. Microservices can be implemented in limited number of programming languages. All microservices share a data store. Microservices are hard to test in isolation. Microservices can be independently deployed.
When developing microservices, each one can be developed in the language of choice.
Which term describes this type of development? (Choose the best answer.) Agile DevOps Distributed Polyglot.
A developer has created another version of a microservice and wants 10% of the traffic to flow towards it for testing purposes. The application is already configured using OCI (Oracle Cloud Infrastructure) Service Mesh.
Which of the following steps is the right approach to achieve this goal? Create a new Kubernetes deployment for the new version of the microservice and set the traffic splitting percentage to 10% in the Kubernetes service manifest. Use Kubernetes HPA (Horizontal Pod Autoscaler) to scale the new version of the microservice to handle 10% of the traffic automatically. Create a new entry in the routeRules field of the ingress gateway route table manifest to configure traffic splitting between the old and new versions of the microservice and set the percentage to 10%. Create a new entry in the routeRules field of the virtual service route table manifest to configure traffic splitting between the old and new versions of the microservice and set the percentage to 10%.
As part of meshifying the E-commerce application, you need to create a virtual deployment and a virtual service in the OCI Service Mesh.
Which of the following statements best describes the difference between a virtual deployment and a virtual service in this context? A virtual deployment is used to associate the pods in a Kubernetes cluster to a microservice, while a virtual service is used to allow resources that are outside of the mesh to communicate with resources inside the mesh. A virtual deployment is a group of instances/pods running a specific version of the actual microservice, while a virtual service is a single representation of the microservice. A virtual deployment is a configuration for service discovery type, host name, network protocol, and logging, while a virtual service is a list of routing rules used to manage ingress traffic to a microservice. A virtual deployment is a version of a virtual service in the mesh, while a virtual service is a list of routing rules used to manage ingress traffic to a virtual deployment.
Kubernetes includes various elements such as compute, network, and storage. Compute is essentially CPU (units) and memory (bytes). Within an OKE cluster, what is considered to be the smallest unit of deployment with respect to compute? Container Service Pod Namespace Deployment resource.
Which is NOT a valid backend-type option available when configuring an Oracle Cloud Infrastructure (OCI) API Gateway Deployment? HTTP_BACKEND ORACLE_STREAMS_BACKEND ORACLE_FUNCTIONS_BACKEND.
As a cloud-native developer, you are designing an application that depends on Oracle Cloud Infrastructure (OCI) Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application.
Which of the following should you leverage to meet this requirement? (Choose the best answer.) Oracle Functions OCI Service Broker for Kubernetes Open Service Broker API OCI Container Engine for Kubernetes.
Which "Action Type" option is NOT available in an Oracle Cloud Infrastructure (OCI) Events rule definition? Streaming Email Notifications Functions.
Having created a Container Engine for Kubernetes (OKE) cluster, you can use Oracle Cloud Infrastructure (OCI) Logging to view and search the logs of applications running on the worker node compute instances in the cluster.
Which task is NOT required to collect and parse applicationlogs? (Choose the best answer.) Create a dynamic group with a rule that includes all worker nodes In the cluster. Set the OCI Logging option to Enabled for the cluster. Enable monitoring for all worker nodes in the cluster. Configure a custom log in OCI Logging with the appropriate agent configuration.
Your organization has mandated that all deployed container images used for microservices must be signed by a specified master encryption key (MEK). You have appropriately signed the container images as part of your build process, but must now ensure that they are automatically verified when they are deployed to Oracle Cloud Infrastructure (OCI) Container Engine for Kubemetes (OKE) clusters.
Which option should be used to mandate image verification when deploying to OKEclusters, assuming that MEK is already stored in an available OCI Vault? (Choose the best answer.) Enable image verification policies separately for each Kubemetes pod deployment because this is enforced at the pod level. Enable image verification policies separately for each node pool within each OKE cluster because this is enforced at the node pool level. Enable image verification policies separately for each OKE cluster because this is enforced at the cluster level. Enable Image verification policies for your OKE service control plane which will enforce this for all OKE clusters.
As a developer, you have been tasked with implementing a microservices-based application. Which THREE technologies are best suited to accomplish the task? (Choose three.) Terraform Big Data Anomaly Detection Service Mesh Docker Kubemetes.
Which two statements about containers are FALSE? A container is essentially the same as a virtual machine. Containers are not scalable. Containers are highly portable. Containers are highly reusable. Containerized applications run on top of a container host that in turns runs on the operating system.
Which THREE statements about containers are TRUE? A container is essentially the same as a virtual machine. Containers are not scalable. Containers are highly portable. Containers are highly reusable. Containerized applications run on top of a container host that in turns runs on the operating system.
What is the minimum amount of storage that a persistent volume claim can obtain in Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)?(Choose the best answer.) 1 TB 1 GB 10 GB 50 GB.
You have deployed a Python application on Oracle Cloud Infrastructure Container Engine for Kubernetes. However, during testing you found a bug that you rectified and created a new Docker image. You need to make sure that if this new Image doesn't work then you can roll back to the previous version. Using kubectl, which deployment strategies should you choose? Rolling Update A/B Testing Canary Deployment Blue/Green Deployment.
As a cloud-native developer, you are designing an application that depends on Oracle Cloud Infrastructure (OCI) Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application.
Which should you leverage to meet this requirement? (Choose the best answer.) OCI Service Broker for Kubernetes OCI Container Engine for Kubernetes Oracle Functions Open Service Broker API.
What is the maximum execution timeout of Oracle Functions? 5 minutes 120 minutes 60 seconds 1 hour.
You have a containerized app that requires an Autonomous Transaction Processing (ATP) Database.
Which option is not valid for connecting to ATP from a container in Kubernetes? (Choose the best answer) Install the Oracle Cloud Infrastructure Service Broker on the Kubernetes cluster and deploy ServiceInstance and ServiceBinding resources for ATP. Then use the specified binding name as a volume in the application deployment manifest Create a Kubernetes secret with contents from the instance Wallet files. Use this secret to create a volume mounted to the appropriate path in the application deployment manifest Enable Oracle REST Data Services for the required schemas and connect via HTTPS Use Kubernetes secrets to configure environment variables on the container with ATP instance OCID and OCI API credentials. Then use the CreateConnection API endpoint from the service runtime.
Which Oracle Cloud Infrastructure (OCI) service is NOT supported using OCI Service Broker for Kubernets? OCI Streaming Service OCI Events Service OCI Autonomous Transaction Processing OCI Object Storage OCI Autonomous Data Warehouse.
Your team has been tasked with debugging a Cloud Native application developed and deployed using the following Oracle Cloud Infrastructure (OCI) services: Object Storage, Events, Functions, API Gateway, and Autonomous Database.
Which of these is NOT a valid option to use for troubleshooting issues in OCI? Configure the application to send logs to the OCI Logging Service. Use the OCI Service Connector Hub to configure a service connector to automatically send logs to the OCI Logging Analytics Service. Leverage OCI Cloud Guard to extract and visualize the debug logs generated by your application. Because those OCI Services publish metrics to the OCI Monitoring service, you can view their service metric information there. By enabling Function traces, you can trace performance issues in the Application Performance Monitoring Service.
Which concept in OCI Queue is responsible for hiding a message from other consumers for a predefined amount of time after it has been delivered to a consumer? Maximum retention period Visibility timeout Delivery count Polling timeout.
Which of these is a valid use case for OCI Queue? Managing network traffic between services Storing and retrieving large files Sending real-time streaming data Building decoupled and scalable systems.
Which Dockerfile instruction informs Docker to use a base image that matches that matches the provided repository and tag? BASE FROM USING ENTRYPOINT.
Which term describes a group formed by a master machine and worker machine in a Kubernetes architecture? Cluster Pod Node Container Deployment.
Which of these is NOT a valid authentication method for accessing an OCI API Gateway deployment? HTTP Basic API Key OAuth SAML Token.
In the shared responsibility model, who should perform patching, upgrading, and maintaining of the worker nodes in provisioned Oracle Container Engine for Kubernetes (OKE) clusters? Oracle Support does it. It is the responsibility of the customer. It is an automated process.
How are cloud native application versions deployed to an OKE cluster when using a blue/green deployment strategy? Current applications are slowly replaced with new application versions. New application versions are deployed in minor increments to a select group of people. Both old and new application versions are deployed to production at the same time.
|
