Enable OKE Cluster Access from kubectl CLI | Oracle Exam 1Z0-1043-20

BE.

The correct answers are A and C: An SSH key pair with the public key added to cluster worker nodes, and OCI Identity and Access Management Auth Token.

Here's a detailed explanation of each option:

A. An SSH key pair with the public key added to cluster worker nodes: To access an OKE cluster from the kubectl CLI, you need to have SSH access to the worker nodes in the cluster. Therefore, you need to generate an SSH key pair and add the public key to the worker nodes when you create the cluster. Once you have done this, you can use the kubectl CLI to connect to the cluster and manage Kubernetes resources.

B. Install and configure the OCI CLI: Although the OCI CLI is a useful tool for managing OCI resources, it is not required to access an OKE cluster from the kubectl CLI. Therefore, this option is incorrect.

C. OCI Identity and Access Management Auth Token: To authenticate with the OKE cluster, you need to provide an authentication token that is generated by OCI Identity and Access Management (IAM). This token can be generated using the OCI CLI or the OCI console. Once you have the token, you can use it with the kubectl CLI to authenticate and manage the cluster.

D. Tiller enabled on the OKE cluster: Tiller is a server-side component of Helm, which is a package manager for Kubernetes. Tiller is not required to access an OKE cluster from the kubectl CLI, so this option is incorrect.

E. A configured OCI API signing key pair: OCI API signing keys are used to authenticate requests to OCI APIs. They are not required to access an OKE cluster from the kubectl CLI, so this option is incorrect.

In summary, to enable OKE cluster access from the kubectl CLI, you need to generate an SSH key pair and add the public key to the worker nodes, and obtain an authentication token from OCI IAM.