2V0-71.23 Exam Dumps : VMware Tanzu for Kubernetes Operations Professional

The Kubernetes RBAC API declares four kinds of Kubernetes object: Role, ClusterRole, RoleBinding and ClusterRoleBinding. These objects are used to define permissions and assign them to users or groups within a cluster. A Role or ClusterRole contains rulesthat represent a set of permissions on resources or non-resource endpoints. A RoleBinding or ClusterRoleBinding grants the permissions defined in a Role or ClusterRole to a set of subjects (users, groups, or service accounts). A RoleBinding applies only within a specific namespace, while a ClusterRoleBinding applies cluster-wide.

The other options are incorrect because:

• CloudPolicyObject is not a valid Kubernetes object type. It might be confused with NetworkPolicy, which is an object type that defines how pods are allowed to communicate with each other and other network endpoints.
• Container type and Container object are not valid Kubernetes object types. They might be confused with Pod, which is an object type that represents a group of one or more containers running on a node.
• ClusterObject and ClusterNode are not valid Kubernetes object types. They might be confused with Cluster and Node, which are concepts that describe the logical and physical components of a Kubernetes cluster.

References: Using RBAC Authorization, Kubernetes RBAC: Concepts, Examples & Top Misconfigurations

A VM class in VMware vSphere with Tanzu specifies the CPU, memory, and resource reservations for a VM10. vSphere with Tanzu offers several preconfigured VM classes which you can use as is, edit, or delete. You can also create custom VM classes in your vCenter Server instance and it will be available to all Supervisor Clusters and the namespaces created in these clusters11.

When you create or edit a VM class, you can configure the following attributes:

• Name: A unique DNS compliant name that identifies the VM class.
• vCPU Count: The number of virtual CPUs (vCPUs) for a VM. This is a VM hardware configuration.
• CPU Resource Reservation: The guaranteed minimum CPU resource allocation for a VM. This value is expressed in percentage (%).
• Memory: The memory configured for a VM in MB, GB, or TB. This is a VM hardware configuration.
• Memory Resource Reservation: The guaranteed minimum memory resource allocation for a VM. This value is expressed in percentage (%).
• Storage: The storage configured for a VM in MB, GB, or TB. This is a VM hardware configuration.

The other options are incorrect because:

• Network is not an attribute that can be configured in a VM class. Network configuration is done at the namespace level by using network policies12.
• Operating system is not an attribute that can be configured in a VM class. Operating system configuration is done at the image level by using content libraries.
• PCI devices are not an attribute that can be configured in a VM class. PCI devices are not supported by vSphere with Tanzu.

References: VM Classes, Create a Custom VM Class, Network Policies, [Content Libraries]

A Container Storage Interface (CSI) in VMware Tanzu Kubernetes Grid is a plug-in that allows providers to expose storage as persistent storage for Kubernetes clusters. CSI is a standard interface that defines an abstraction layer for container orchestrators to work with storageproviders3. VMware Tanzu Kubernetes Grid supports StorageClass objects for different storage types, provisioned by Kubernetes internal (“in-tree”) or external (“out-of-tree”) plug-ins. Two of the supported storage types are vSphere Cloud Native Storage (CNS) and Amazon EBS, which use the vSphere CSI driver and the AWS EBS CSI driver respectively4. References: Tanzu Kubernetes Storage Class Example - VMware Docs, Deploying and Managing Cloud Native Storage (CNS) on vSphere - VMware Docs