This is the latest VMware 2V0-71.23 actual questions, provided by Leads4Pass, a selected part is shared online for free.
Leads4Pass contains a total of 63 latest VMware 2V0-71.23 actual questions: https://www.leads4pass.com/2v0-71-23.html, providing two practice tools: PDF and VCE:
PDF shares exam questions and answers in text format, and VCE mode provides simulation exercises. Both modes contain the latest and complete exam questions and answers.
Practice the latest VMware 2V0-71.23 actual questions online
| IT provider | Number of exam questions | Related certifications | Free selection quantity |
| Leads4Pass (real-time updates, 365 days of free updates) | 63 Q&A | Application Modernization | 15 Q&A |
Question 1:
Which two resources can External DNS create records for? (Choose two.)
A. Virtual machines
B. Kubernetes pods
C. Kubernetes services
D. Kubernetes nodes
E. Contour HTTP Proxy
Correct Answer: CE
Explain:
Kubernetes services and Contour HTTP Proxy are two resources that External DNS can use to create records.
External DNS is a Kubernetes controller synchronizing exposed Kubernetes resources with DNS providers. It supports creating DNS records for Kubernetes services of type LoadBalancer or NodePort, as well as Ingress resources.
Contour HTTP Proxy is a custom resource definition (CRD) that provides an alternative way to configure HTTP routes on Kubernetes clusters. External DNS can also create DNS records for Contour HTTP Proxy resources, as long as they have an associated service of type LoadBalancer or NodePort.
References: Kubernetes-sigs/external-dns-GitHub, Contour HTTPProxy User Guide
Question 2:
Which three can be configured in a VM Class in VMware vSphere with Tanzu? (Choose three.)
A. Network
B. Operating system
C. CPU
D. Memory
E. PCI devices
F. Storage
Correct Answer: CDF
Explain:
A VM class in VMware vSphere with Tanzu specifies the CPU, memory, and resource reservations for a VM10. vSphere with Tanzu offers several preconfigured VM classes that you can use as is, edit, or delete.
You can also create custom VM classes in your vCenter Server instance and it will be available to all Supervisor Clusters and the namespaces created in these clusters11.
When you create or edit a VM class, you can configure the following attributes:
Name: A unique DNS-compliant name that identifies the VM class. vCPU Count: The number of virtual CPUs (vCPUs) for a VM. This is a VM hardware configuration.
CPU Resource Reservation: The guaranteed minimum CPU resource allocation for a VM. This value is expressed in percentage (%). Memory: The memory configured for a VM in MB, GB, or TB. This is a VM hardware configuration.
Memory Resource Reservation: The guaranteed minimum memory resource allocation for a VM. This value is expressed in percentage (%). Storage: The storage configured for a VM in MB, GB, or TB. This is a VM hardware configuration.
The other options are incorrect because:
Network is not an attribute that can be configured in a VM class. Network configuration is done at the namespace level by using network policies12. The operating system is not an attribute that can be configured in a VM class. Operating system configuration is done at the image level by using content libraries.
PCI devices are not an attribute that can be configured in a VM class. PCI devices are not supported by vSphere with Tanzu.
References: VM Classes, Create a Custom VM Class, Network Policies, [Content Libraries]
Question 3:
Which method describes how Kubernetes clusters are upgraded?
A. Use rolling upgrade
B. In-place upgrade of each node
C. Use canary upgrade
D. Deploy a new cluster with an upgraded Kubernetes release
Correct Answer: A
Explain:
A rolling upgrade is a method of upgrading a Kubernetes cluster without downtime by gradually replacing nodes or components with newer versions. A rolling upgrade ensures that there is no disruption to the availability and functionality of the cluster during the upgrade process.
A rolling upgrade can be performed manually or using tools such as kubeadm or kops5. The other options are incorrect because the in-place upgrade of each node is a method of upgrading a Kubernetes cluster by stopping each node or component and updating it to the newer version.
This method can cause downtime and disruption to the cluster during the upgrade process. Using a canary upgrade is not a valid method of upgrading a Kubernetes cluster. A canary upgrade is a technique for deploying new versions of applications or services by gradually exposing them to a subset of users or traffic before rolling them out to everyone6. It does not apply to cluster upgrades.
Deploying a new cluster with an upgraded Kubernetes release is not a method of upgrading a Kubernetes cluster, but rather creating a new one. This method can be costly and time-consuming, as it requires migrating all the resources and configurations from the old cluster to the new one.
References: Upgrade A Cluster, Canary deployments
Question 4:
Where can an administrator register the vSphere management cluster in VMware Tanzu Mission Control?
A. In the VMware Tanzu Mission Control web console or CLI
B. In the vSphere Management Cluster with Jcubeccl
C. In the vSphere Client – Workload Cluster settings
D. In the vSphere Namespace with Jcubeccl
Correct Answer: A
Explain:
To register the vSphere management cluster in VMware Tanzu Mission Control, an administrator can use either the web console or the CLI of VMware Tanzu Mission Control.
The web console provides a graphical user interface to perform the registration, while the CLI provides a command-line interface to run a script that automates the registration process.
Both methods require the administrator to have access to the vSphere management cluster and to provide some information such as the cluster name, context, and namespace.
The registration process creates a service account and a secret in the vSphere management cluster and generates a kubeconfig file that is used by VMware Tanzu Mission Control to connect to the cluster.
References: VMware Tanzu Mission Control Documentation, Registering a vSphere Management Cluster
Question 5:
What is the key benefit of the Tanzu Service Mesh Autoscaler feature?
A. Autoscale microservices
B. Autoscale persistant volumes
C. Autoscale Supervisor control plane VMs
D. Autoscale Tanzu Kubernetes Grid cluster
Correct Answer: A
Explain:
The key benefit of the Tanzu Service Mesh Autoscaler feature is to autoscale microservices that meet changing levels of demand based on metrics, such as CPU or memory usage. These metrics are available to Tanzu Service Mesh without needing additional code changes or metrics plugins1.
Tanzu Service Mesh Autoscaler supports configuring an autoscaling policy for services inside a global namespace through the UI or API or using a Kubernetes custom resource definition (CRD) for services directly in cluster namespaces2.
Tanzu Service Mesh Autoscaler also supports two modes: performance mode, where services are scaled up but not down, and efficiency mode, where services are scaled up and down to optimize resource utilization.
References: VMware Aria Operations for Applications, Tanzu Service Mesh Service Autoscaling Overview – VMware Docs
Question 6:
Which statement describes a Container Storage Interface (CSI) in VMware Tanzu Kubernetes Grid?
A. It is a plug-in that only works with vSphere object storage.
B. It is a plug-in that is only used for clusters that require cloud-native storage.
C. It is a plug-in that allows providers to expose storage as persistent storage.
D. It is a plug-in that is required for ephemeral storage.
Correct Answer: C
Explain:
A Container Storage Interface (CSI) in VMware Tanzu Kubernetes Grid is a plug-in that allows providers to expose storage as persistent storage for Kubernetes clusters.
CSI is a standard interface that defines an abstraction layer for container orchestrators to work with storage providers3. VMware Tanzu Kubernetes Grid supports StorageClass objects for different storage types, provisioned by Kubernetes internal (“in-tree”) or external (“out-of-tree”) plug-ins.
Two of the supported storage types are vSphere Cloud Native Storage (CNS) and Amazon EBS, which use the vSphere CSI driver and the AWS EBS CSI driver respectively.
References: Tanzu Kubernetes Storage Class Example – VMware Docs, Deploying and Managing Cloud Native Storage (CNS) on vSphere – VMware Docs
Question 7:
An administrator will enable workload management in vSphere using NSX Advanced Load Balancer.
Which two components does the administrator need to prepare on NSX Advanced Load Balancer in advance? (Choose two.)
A. NSX Controller
B. Service Engine Group
C. Provide connectivity to the NSX manager
D. NSX Advanced Load Balancer Controller
E. Avi Kubernetes Operator
Correct Answer: BD
Explain:
To enable workload management in vSphere using NSX Advanced Load Balancer, an administrator needs to prepare two components on NSX Advanced Load Balancer in advance: the Service Engine Group and the NSX Advanced Load Balancer Controller1.
The Service Engine Group is a logical group of Service Engines that share the same configuration and resources. A Service Engine is a virtual machine that handles the data plane operations of NSX Advanced Load Balancer, such as load balancing, health monitoring, SSL termination, and more.
The administrator needs to configure a Service Engine Group for each Supervisor Cluster that will use NSX Advanced Load Balancer as the load balancer provider1. The NSX Advanced Load Balancer Controller is a virtual machine that handles the control plane operations of the NSX Advanced Load Balancer, such as configuration, analytics, orchestration, and management.
The administrator needs to deploy and configure the NSX Advanced Load Balancer Controller VM in the management network of the vSphere environment where workload management will be enabled1.
The other options are incorrect because The NSX Controller is not a component of NSX Advanced Load Balancer, but rather a component of NSX-T Data Center. The NSX Controller is a clustered virtual appliance that provides the control plane functions for logical switching and routing3.
It is not required for enabling workload management in vSphere using NSX Advanced Load Balancer. Providing connectivity to NSX Manager is not a component of NSX Advanced Load Balancer, but rather a prerequisite for enabling workload management in vSphere using NSX-T Data Center.
The NSX Manager is a virtual appliance that provides the management plane functions for NSX-T Data Center3. It is not required for enabling workload management in vSphere using NSX Advanced Load Balancer.
The Avi Kubernetes Operator is not a component of NSX Advanced Load Balancer, but rather an optional tool that can be used to automate the installation and configuration of NSX Advanced Load Balancer on Kubernetes clusters4. It is not required for enabling workload management in vSphere using NSX Advanced Load Balancer.
References: Install and Configure the NSX Advanced Load Balancer for vSphere with Tanzu with NSX, NSX Advanced Load Balancer Architecture, NSX-T Data Center Architecture, Avi Kubernetes Operator
Question 8:
Which statement about Tanzu Mission Control policies is correct?
A. Policies can be configured using a tag selector to restrict the scope of the policy.
B. Policies can only be applied to cluster groups.
C. Policies allow management and operation of the security posture of Kubernetes clusters, and other organizational objects.
D. Policies can be enforced using Kubernetes resources (NetworkPolicy, ResourceQuota etc) or using the Kyverno admission controller.
Correct Answer: C
Explain:
Policies are one of the features of Tanzu Mission Control that allow you to manage the operation and security posture of your Kubernetes clusters and other organizational objects.
Policies allow you to provide a set of rules that govern your organization and all the objects it contains. The policy types available in Tanzu Mission Control include access policy, image registry policy, network policy, quota policy, security policy, and custom policy.
Policies can be applied at the individual, group, or organizational level to control access, image registries, networking, resource consumption, security context, and more18.
The other options are incorrect because:
Policies can be configured using a tag selector to restrict the scope of the policy is false. Policies can be configured using a label selector, not a tag selector, to include or exclude certain objects from the policy. A label is a key/value pairattached to a Kubernetes object that allows you to specify identifying attributes for that object. A selector provides the means to identify the objects that have a given label18.
Policies can only be applied to clustergroups is false. Policies can be applied to various levels of the Tanzu Mission Control resource hierarchy, such as organization, cluster group, workspace, cluster, and namespace18.
Policies can be enforced using Kubernetes resources (NetworkPolicy, ResourceQuota, etc), or using the Kyverno admission controller is false. Policies are enforced by Tanzu Mission Control using its own admission controller and webhook server. Kyverno is an open-source policy engine for Kubernetes that is not related to Tanzu Mission Control.
References: Policy-Driven Cluster Management, [Kyverno]
Question 9:
Which statement describes a Global Namespace in VMware Tanzu Service Mesh?
A. Apply a single policy to multiple namespaces across multiple clusters.
B. Automatic placement of the workload to any global cluster based on traffic demand.
C. Define an application boundary and provide consistent traffic routing, connectivity, resiliency, and security for applications across multiple clusters.
D. Provide distributed ingress and egress services to support multiple namespaces across multiple clusters.
Correct Answer: C
Explain:
The statement that correctly describes a global namespace in VMware Tanzu Service Mesh is that it defines an application boundary and provides consistent traffic routing, connectivity, resiliency, and security for applications across multiple clusters.
A global namespace is a logical abstraction of an application from the underlying infrastructure that spans across multiple clusters and clouds4.
A global namespace connects the resources and workloads that make up the application into one virtual unit and manages their identity, discovery, connectivity, security, and observability4. A global namespace also enables automatic service discovery and cross-cluster communication within the application boundary4.
References: Global Namespaces – VMware Docs
Question 10:
Which two configurations are valid for Zonal Supervisor Deployment? (Choose two.)
A. five-zone
B. seven-zone
C. three-zone
D. two-zone
E. one-zone
Correct Answer: CE
Two configurations that are valid for Zonal Supervisor Deployment are three- zone and one zone. A Zonal Supervisor Deployment is a way of deploying the vSphere with Tanzu Supervisor Cluster across multiple vSphere clusters that are mapped to vSphere Zones1.
A vSphere Zone is a logical grouping of vSphere clusters that share common characteristics, such as network connectivity, power source, or physical location.
A Zonal Supervisor Deployment provides high availability and fault tolerance for Kubernetes workloads by distributing them across different zones1. The supported configurations for Zonal Supervisor Deployment are Three-zone: The Supervisor Cluster spans three vSphere clusters, each mapped to a different vSphere Zone.
This configuration provides the highest level of availability and fault tolerance, as it can tolerate the failure of any one zone1.
One-zone: The Supervisor Cluster runs on a single vSphere cluster that is mapped to a single vSphere Zone. This configuration is suitable for development or testing purposes but does not provide any availability or fault tolerance guarantees1.
References: Requirements for Zonal Supervisor Deployment – VMware Docs, Create vSphere Zones for a Multi-Zone Supervisor Deployment – VMware Docs
Question 11:
Which statement correctly describes the Cluster API?
A. It is a specialized toolset to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management in the Kubernetes ecosystem.
B. It enables pod networking and enforces network Kubernetes policies.
C. It is responsible for scanning language-specific packages in container images, such as Java, Python, Go, and others.
D. It is a native Kubernetes certificate management controller that adds certificates and certificate issuers as resource types in Kubernetes clusters.
Correct Answer: A
Explain:
The statement that correctly describes the Cluster API is that it is a specialized toolset to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management in the Kubernetes ecosystem.
Cluster API is a Kubernetes sub-project that provides declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters5. Cluster API uses a set of custom resource definitions (CRDs) to represent clusters, machines, and other objects. Cluster API also relies on providers to implement the logic for interacting with different infrastructure platforms5.
References: Introduction – The Cluster API Book
Question 12:
Which version of VMware vSphere introduces the capability for provisioning a workload cluster using a cluster class (ClusterClass) from VMware Tanzu Mission Control?
A. VMware vSphere 8
B. VMware vCenter Server 6.7 Update 3
C. VMware vSphere 6.7
D. VMware
Correct Answer: A
Explain:
VMware vSphere 8 is the version of VMware vSphere that introduces the capability for provisioning a workload cluster using a cluster class (ClusterClass) from VMware Tanzu Mission Control.
ClusterClass is a feature of Cluster API that allows users to define a reusable cluster configuration template and use it to create consistent clusters with a predefined shape and size. Tanzu Mission Control leverages ClusterClass to enable users to create Tanzu Kubernetes clusters in vSphere with Tanzu using a default cluster class.
The default cluster class specifies the number of control plane nodes, worker nodes, and the resources allocated to each node. To use ClusterClass with Tanzu Mission Control, the vSphere environment must be running version 8.0 or later, and the Supervisor Cluster must be upgraded from vSphere 7.0U3.
The other options are incorrect because: VMware vCenter Server 6.7 Update 3 is not a version of VMware vSphere, but rather a version of VMware vCenter Server, which is the centralized management platform for vSphere environments.
VMware vCenter Server 6.7 Update 3 does not support ClusterClass or Tanzu Mission Control. VMware vSphere 6.7 is an older version of VMware vSphere that does not support ClusterClass or Tanzu Mission Control. VMware vSphere 6.7 reached the end of general support on October 15, 2022.
VMware is not a version of VMware vSphere, but rather the name of the company that develops and sells VMware vSphere and other products.
References: [Introducing ClusterClass and Managed Topologies in Cluster API], [Provision a Cluster in vSphere with Tanzu using a Cluster Class], [A First Look at ClusterClass Deployments using Tanzu Kubernetes Grid 2.0], [VMware vCenter Server 6.7 Update 3 Release Notes], [VMware Product Lifecycle Matrix]
Question 13:
What Kubernetes project does vSphere with Tanzu Supervisor Cluster use to automate the lifecycle management of Tanzu Kubernetes Grid Clusters?
A. Grafana
B. Cluster API
C. Contour
D. Kubeadm
Correct Answer: B
Explain:
The Kubernetes project that vSphere with Tanzu Supervisor Cluster uses to automate the lifecycle management of Tanzu Kubernetes Grid Clusters is Cluster API.
Cluster API is a Kubernetes project that provides declarative APIs for cluster creation, configuration, and management. Cluster API uses a set of custom resource definitions (CRDs) to represent clusters, machines, and other objects.
Cluster API also relies on providers to implement the logic for interacting with different infrastructure platforms5. vSphere with Tanzu Supervisor Cluster uses Cluster API to deploy and manage Kubernetes clusters on vSphere 7 across multiple vCenter Server instances and/or multiple data centers via Tanzu Mission Control6.
References: Taking Kubernetes to the People: How Cluster API Promotes Self … – VMware, Kubernetes-sigs/cluster-API – GitHub
Question 14:
What two steps are required to visualize API connectivity and enable API protection in VMware Tanzu Service Mesh? (Choose two.)
A. Activate API Discovery for the Global Namespace
B. Create API Security Policy for the Global Namespace
C. Enable Threat Detection Policy for the Global Namespace
D. Set a Distributed Firewall policy for the Global Namespace
E. Create an Autoscaling policy for API for the Global Namespace
Correct Answer: AB
Explain:
To visualize API connectivity and enable API protection in VMware Tanzu Service Mesh, the administrator needs to perform two steps: Activate API Discovery for the Global Namespace.
This allows Tanzu Service Mesh to automatically discover the API signatures between microservices running inside or outside the mesh. API Discovery creates a custom API schema for each API that is close to OpenAPI spec 3.0.
Tanzu Service Mesh graph renders the detected APIs in the Enforcing mode by default, which means that any new API is considered as a violated API unless accepted by the administrator1 Create API Security Policy for the Global Namespace.
This allows the administrator to block or allow layer 4 and layer 7 traffic, as well as create granular policies that provide API and data segmentation, OWASP 10 attack defense, schema validation, geofencing, data compliance, and egress controls.
The administrator can create the API Security policy through the Tanzu Service Mesh Console UI or by using the Tanzu Service Mesh API Explorer2
References:
Question 15:
What are the three Cluster API providers being used in VMware Tanzu Kubernetes Grid? (Choose three.)
A. CAPI
B. CAPz
C. CAPM
D. CAP
E. CAPV
F. CAPA
Correct Answer: BEF
Explain:
Cluster API is a Kubernetes project that provides declarative APIs for cluster creation, configuration, and management. Cluster API uses a set of custom resource definitions (CRDs) to represent clusters, machines, and other objects.
Cluster API also relies on providers to implement the logic for interacting with different infrastructure platforms.
VMware Tanzu Kubernetes Grid uses Cluster API to deploy and manage Kubernetes clusters on various platforms. The three Cluster API providers being used in VMware Tanzu Kubernetes Grid are: CAPZ: Cluster API Provider for Azure.
This provider enables Cluster API to create Kubernetes clusters on Microsoft Azure4. CAPV: Cluster API Provider for vSphere.
This provider enables Cluster API to create Kubernetes clusters on vSphere 6.7 or later. CAPA: Cluster API Provider for AWS. This provider enables Cluster API to create Kubernetes clusters on Amazon Web Services5.
References: VMware Tanzu Kubernetes Grid Documentation, Taking Kubernetes to the People: How Cluster API Promotes Self … – VMware
…
Sign up for Leads4Pass to get moreā¦
Finally:
Use PDF, VCE, or PDF+VCE to practice the complete VMware 2V0-71.23 actual questions: https://www.leads4pass.com/2v0-71-23.html, to help you pass the exam 100% successfully.
