Valid 1z0-1084-24 Dumps shared by ExamDiscuss.com for Helping Passing 1z0-1084-24 Exam! ExamDiscuss.com now offer the newest 1z0-1084-24 exam dumps, the ExamDiscuss.com 1z0-1084-24 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1z0-1084-24 dumps with Test Engine here:
You developed a microservices-based application that runs in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) cluster. Your security team wants to use SSL termination for this application. What should you do to create a secure SSL termination for this application using the fewest steps possible?
Correct Answer: A
The correct answer is: "Create a self-signed certificate and its corresponding key. Create a Kubernetes secret using the certificate and the key. Then add these annotations to the Kubernetes service: annotations: service. beta.kubernetes.io/oci-load-balancer-ssl-ports: '443' service.beta.kubernetes.io/oci-load-balancer-tls-secret: ssl certificate-secret." To create a secure SSL termination for your microservices-based application running in an OCI Container Engine for Kubernetes (OKE) cluster, you can follow these steps: Create a self-signed certificate and its corresponding key: Generate a self-signed SSL certificate and its private key using a tool like OpenSSL. Create a Kubernetes secret: Create a Kubernetes secret using the certificate and key obtained in the previous step. This secret will securely store the certificate and key within the Kubernetes cluster. Add annotations to the Kubernetes service: Modify the Kubernetes service that exposes your application and add the following annotations to enable SSL termination: annotations: service.beta.kubernetes.io/oci-load- balancer-ssl-ports: '443' (specify the SSL port as 443) annotations: service.beta.kubernetes.io/oci-load- balancer-tls-secret: ssl certificate-secret (specify the name of the Kubernetes secret containing the certificate and key) By following these steps, you can create a secure SSL termination for your application using a self- signed certificate and Kubernetes secret. The annotations added to the Kubernetes service ensure that the SSL port is configured correctly and the TLS secret is utilized for SSL termination when traffic reaches the load balancer. The other options provided are not the most suitable approaches for achieving secure SSL termination in an OCI Container Engine for Kubernetes (OKE) cluster: Adding annotations related to the OCI load balancer SSL secret key is not the correct approach for SSL termination in this scenario. Using Let's Encrypt to generate a self-signed certificate and configuring it on the OCI Load Balancer is not necessary when you can create and manage the SSL certificate within the Kubernetes cluster using a Kubernetes secret.