ExamGecko
Search Search Login
Home Home / VMware / 5V0-23.20
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator needs to assign access to a vSphere Namespace. Which two valid roles may be assigned to a user or a group of users? (Choose two.)
Which object is deployed on the workload network when vSphere with Tanzu is configured with vSphere network stack?
Which command should be used by a developer to log in to the vSphere with Tanzu Supervisor Cluster?
When creating a Supervisor Namespace, which item must be added to ensure that the end user can consume the namespace?
Which description reflects a use case for an embedded image registry?
Which two configurations are needed to meet the minimum vSphere with Tanzu on vSphere Distributed Switch Network Requirements? (Choose two.)
What is true of a Tanzu Kubernetes Cluster?
A developer is trying to deploy a Kubernetes Application into a namespace within a Supervisor Cluster The deployment must utilize the latest assets that have been pushed into the Registry Service. What should the developer add to the YAML file to ensure that the deployment is successful?
How do Tanzu Kubemetes clusters communicate with Storage Policy Based Management to request PersistentVolumes?
Which functionality does the Cloud Native Storage (CNS) component take advantage of to support the creation of container volumes?

Question 17 - 5V0-23.20 discussion

Report
Export

How can a vSphere administrator replace the Supervisor Cluster API endpoint certificate?

A.
Use the certificate-manager CLI utility to replace the Supervisor Cluster API endpoint certificate.
Answers
A.
Use the certificate-manager CLI utility to replace the Supervisor Cluster API endpoint certificate.
B.
Use the vSphere Client to replace the Workload platform MTG certificate.
Answers
B.
Use the vSphere Client to replace the Workload platform MTG certificate.
C.
Use the vSphere Client to replace the NSX Load Balancer certificate.
Answers
C.
Use the vSphere Client to replace the NSX Load Balancer certificate.
D.
Use kubectl to replace the Supervisor Cluster API endpoint certificate.
Answers
D.
Use kubectl to replace the Supervisor Cluster API endpoint certificate.
Suggested answer: B

Explanation:

As a vSphere administrator, you can replace the certificate for the virtual IP address (VIP) to securely connect to the Supervisor Cluster API endpoint with a certificate signed by a CA that your hosts already trust. The certificate authenticates the Kubernetes control plane to DevOps engineers, both during login and subsequent interactions with the Supervisor Cluster.

Prerequisites

Verify that you have access to a CA that can sign CSRs. For DevOps engineers, the CA must be installed on their system as a trusted root.

Procedure

In the vSphere Client, navigate to the Supervisor Cluster.

Click Configure then under Namespaces select Certificates.

In the Workload platform MTG pane, select Actions > Generate CSR.

Provide the details for the certificate.

Once the CSR is generated, click Copy.

Sign the certificate with a CA.

From the Workload platform MTG pane, select Actions > Replace Certificate.

Upload the signed certificate file and click Replace Certificate.

Validate the certificate on the IP address of the Kubernetes control plane.

Show Answer
asked 16/09/2024
giorgi durglishvili
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms