OCI Developer

You have two microservices, A and B running in production. Service A relies on APIs from service B You want to test changes to service A without deploying all of its dependencies, which includes service B. Which approach should you take to test service A? - Test against production APIs - Test using API mocks - There is no need to explicitly test APIs - Test the APIs in private environments

Test using API mocks

You need to execute a script on a remote instance through Oracle Cloud Infrastructure Resource Manager. Which option can you use? - User /bin/sh with the full path to the location of the script to execute the script. - It cannot be done. - Download the script to a local desktop and execute the script. - Use remote-exec

Use remote-exec

You are tasked with developing an application that requires the use of OCI APIs to POST messages to a stream in the OCI Streaming service. Which statement is incorrect? - The request must include an authorization signing string including (but not limited to) x-content-sha256, content-type, and content length headers. - The Content-Type header must be set to application /json - An HTTP 401 will be returned if the client's clock is skewed more than 5 minutes from the server's - The request does not require an Authorization header

The request does not require an Authorization header

Which header is NOT required when signing GET requests to OCI APIs? - date or x-date - (request-target) - content-type - host

content-type

Which testing approaches is a must for achieving high velocity of deployments and releases of cloud-native applications? - Integration testing - A/B testing - Automated testing - Penetration testing

Automated testing

In the smaple Kubernetes manifest file below, what annotations should you add to create a private load balancer in OKE? apiVersion: v1 kind: Service metadata: name: my-nginx-svc labels: app: nginx annotations: <Fill in> spec: type: LoadBalancer ports: - port: 80 selector: app: nginx apiVersion: v1 kind: Service metadata: name: my-ginx-svc labels: app: nginx annotations: <Fill in> spec: type: LoadBalancer ports: - port: 80 selector: app: nginx

service.beta.kubernetes.io/oci-load-balancer-internal: "true" service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet1.oc1..aaaaa....vdfw"

Given a service deployed on OKE, which annotation should you add in the sample manifest file below to specify a 400 Mbps load balancer? apiVersion: v1 kind: Service metadata: name: my-nginx-svc labels: app: nginx annotations: <Fill in> spec: type: LoadBalancer ports: - port: 80 selector: app: nginx - service.beta.kubernetes.io/oci-load-balancer-kind: 400Mbps - service.beta.kubernetes.io/oci-load-balancer-value: 400Mbps - service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps - service.beta.kubernetes.io/oci-load-balancer-size: 400Mbps

service.beta.kubernetes.io/oci-load-balancer-shape: 400Mbps

Per CAP theorem, in which scenario do you NOT need to make any trade-off between the guarantees? - when there are no network partitions - when the system is running in the cloud - when the system is running on-premise - when you are using load balancers

when there are no network partitions

A pod security policy (PSP) is implemented in your OKE cluster. Which rule can you use to prevent a container from running as root using PSP? - NoPrivilege - RunOnlyAsUser - MustRunAsNonRoot - forbiddenRoot

MustRunAsNonRoot

In order to effectively test your cloud-native applications, you might utilize separate environments (development, testing, staging, production, etc.). which OCI service can you use to create and manage your infrastructure? - OCI Compute - OCI Container Engine for Kubernetes - OCI Resource Manager - OCI API Gateway

OCI Resource Manager

As a cloud-native developer, you are designing an application that depends on OCI Object Storage wherever the application is running. Therefore, provisioning of storage buckets should be part of your Kubernetes deployment process for the application. Which should you leverage to meet this requirement? - OCI Service Broker for Kubernetes - OCI Container Engine for Kubernetes - Open Service Broker API - Oracle Functions

OCI Service Broker for Kubernetes

Which two statements accurately describe an Oracle Functions application? - A small block of code invoked in response to an OCI Events service - A docker image containing all the functions that share the same configuration - An application based on Oracle Functions, OCI Events and OCI API Gateway services - A common context to store configuration variables that are available to all functions in the application - A logical group of functions

- A common context to store configuration variables that are available to all functions in the application - A logical group of functions

You want to push a new image in the OCIR. Which two actions do you need to perform? - Assign a tag via Docker CLI to the image. - Generate an auth token to complete the authentication via Docker CLI - Generate an API signing key to complete the authentication via Docker CLI - Assign an OCI defined tag via OCI CLI to the image. - Generate an OCI tag namespace in your repository.

- Assign a tag via Docker CLI to the image. - Generate an auth token to complete the authentication via Docker CLI

Which two are required to enable OKE cluster access from the kubectl CLI? - An SSH key pair with the public key added to cluster worker nodes - Install and configure the OCI CLI - OCI Identity and Access Management Auth Token - Tiller enabled on the OKE cluster - A configured OCI API signing key pair

- Install and configure the OCI CLI - A configured OCI API signing key pair

Which two statements accurately describe Oracle SQL Developer Web OCI Autonomous Database? - After provisioning into an OCI compute instance, it can automatically connect to the OCI ADB instances - It is available for databases with both dedicated and shared Exadata infrastructure - It is available for databases with dedicated Exadata infrastructure only - It provides a development environment and a data modeler interface for OCI ADBs - It must be enabled via OCI Identity and Access Management policy to get access to the ADB instances

- It is available for databases with both dedicated and shared Exadata infrastructure - It provides a development environment and a data modeler interface for OCI ADBs

Which two are characteristics of microservices? - Microservices are hard to test in isolation. - Microservices can be independently deployed. - All microservices share a data store. - Microservices can be implemented in limited number of programming languages - Microservices communicate over lightweight APIs

- Microservices can be independently deployed. - Microservices communicate over lightweight APIs

Which two handle Oracle Functions authentication automatically? - Oracle Cloud Infrastructure SDK - cURL - Oracle Cloud Infrastructure CLI - Signed HTTP Request - Fn Project CLI

- Oracle Cloud Infrastructure CLI - Fn Project CLI

Which two are benefits of a distributed systems? - Privacy - Ease of testing - Resiliency - Security - Scalability

- Resiliency - Scalability

Which two are benefits of distributed systems? - Privacy - Security - Ease of testing - Scalability - Resiliency

- Scalability - Resiliency

Which two statements are true for serverless computing and serverless architectures? - Long running tasks are perfectly suited for serverless - Serverless function state should never be stored externally - Application DevOps team is responsible for scaling - Serverless function execution is fully managed by a third party - Applications running on FaaS platform

- Serverless function state should never be stored externally - Applications running on FaaS platform

Which two statements are true for service choreography? - Service choreography should not use events for communication - Service choreography is responsible for invoking other services - Service involved in choreography communicate through messages/messaging systems - Service choreography relies on a central coordinator - Decision logic in service choreography is distributed

- Service involved in choreography communicate through messages/messaging systems - Decision logic in service choreography is distributed

Which two statements are true for service choreogeraphy? - Service choreographer is responsible for invoking other services. - Services involved in choreography communicate through messages/messaging systems. - Serice choreography relies on a central coordinator. - Service choreography should not use events for communication. - Decision logic in service choreography is distributed.

- Services involved in choreography communicate through messages/messaging systems. - Decision logic in service choreography is distributed.

You are developing a serverless application with Oracle Functions and OCI Object Storage. Your function needs to read a JSON file object from an Object Storage bucket named "input-bucket" in compartment "qa-compartment". Your corporate security standards mandate the use of Resource Principals for this use case. Which two statements are needed to implement this use case? - Set up a policy with the following statement to grant read access to the bucket: all dynamic-group read-file-dg to read objects in compartment qa-compartment where target.bucket.name= 'input-bucket' - Set up the following dynamic group for your function's OCID: Name: read-file-dg Rule: resource.id = 'ocid.1.fnfunc.c1.phx.f;akfjawpgiewfifjwap' - Set up a policy to grant your user account read access to the bucket: allow user XYZ to read objects in compartment qacompartment where target.bucket.name='input-bucket' - No policies are needed. By default, every function has read access to Object Storage buckets in the tenancy.

- Set up a policy with the following statement to grant read access to the bucket: all dynamic-group read-file-dg to read objects in compartment qa-compartment where target.bucket.name= 'input-bucket' - Set up the following dynamic group for your function's OCID: Name: read-file-dg Rule: resource.id = 'ocid.1.fnfunc.c1.phx.f;akfjawpgiewfifjwap'

You have been asked to create a stateful application deployed in OKE that requires all of your worker nodes to mount and write data to persistent volumes. Which two OCI storage services should you use? - Use OCI File Services as persistent volume. - Use GlusterFS as persistent volume. - Use OCI Block Volume backed persistent volume. - Use open-source storage solutions on top of OCI - Use OCI Object Storage as persistent volume.

- Use OCI File Services as persistent volume. - Use OCI Block Volume backed persistent volume.

You have created a repository in OCIR in the us-ashburn-1 (iad) region in your tenancy with a namespace called "heyoci". Which three are valid tags for an image named "myapp"? - iad.ocir.io/heyoci/myproject/myapp:0.0.1 - us-ashburn-1.ocir.io/heyoci/myapp:0.0.2-beta - us-ashburn-1.ocir.io/heyoci/myproject/myapp:0.0.2-beta - us-ashburn-1.ocir.io/myproject/heyoci/myapp:latest - iad.ocir.io/myproject/heyoci/myapp:latest - iad.ocir.io/heyoci/myapp:0.0.2-beta - iad.ocir.io/heyoci/myapp:latest

- iad.ocir.io/heyoci/myproject/myapp:0.0.1 - iad.ocir.io/heyoci/myapp:0.0.2-beta - iad.ocir.io/heyoci/myapp:latest

Which OCI load balancer shape is used by default in OKE? - 400Mbps - 8000Mbps - There is no default. The shape has to be specified. - 100Mbps

100Mbps

With the volume of communication that can happen between different components in cloud-native applications, it is vital to not only test functionality, but also service resiliency. Which statement is true with regards to service resiliency? - Resiliency is about recovering from failures without downtime or data loss. - A goal of resiliency is not to bring a service to a functioning state after a failure. - Resiliency testing can be only done in a test environment. Resiliency is about avoiding failures.

Resiliency is about recovering from failures without downtime or data loss.

Your organization uses federated identity provider to login to your OCI environment. As a developer, you are writing a script to automate some operations and want use OCI CLI to do that. Your security team doesn't allow storing private keys on local machines. How can you authenticate with OCI CLI? - Run oci session refresh - profile <profile_name> - Run oci setup keys and provide your credentials - Run oci setup oci-cli-rc-file path/to/target/file - Run oci session authenticate and provide your credentials

Run oci session authenticate and provide your credentials

You are developing a distributed application and you need a call to a path to always return a specific JSON content. To fulfill the requirement you deploy an OCI API Gateway with the below API deployment specification. { "routes": [{ "path": "/hello" "methods": ["GET"] "backend": { "type": "___________" "status": 200, "headers": [{ "name": "Content-Type", "value": "application/json" }], "body" : "{\"myjosn\": \ "consisten response\"}" } }] } What is the correct value for type?

STOCK_RESPONSE_BACKEND

You are implementing logging in your services that will be running in OCI Container Engine for Kubernetes. Which statement describes the appropriate logging approach? - Each service logs its own log file - All services log to a shared log file - All services log to an external logging system - All services log to standard output only

All services log to standard output only

You are deploying an API via OCI API Gateway and you want to implement request policies to control access. Which is NOT available in OCI API Gateway? - Limiting the number of requests sent to backend services - Enabling CORS support - Providing authentication and authorization - Controlling access to OCI resources

Controlling access to OCI resources

In a Linux environment, what is the default location of the configuration file that OCI CLI uses for profile information? - /etc/.oci/config - /usr/local/bin/config - $HOME/.oci/config - usr/bin/oci/config

$HOME/.oci/config

Which two "Action Type" options are NOT available in an OCI Events rule definition? - Notifications - Functions - Streaming - Email - Slack

- Email - Slack

Which is NOT a supported SDK on OCI? - Go SDK - Java SDK - .NET SDK - Ruby SDK - Python SDK

.NET SDK

What is the minimum amount of storage that a persistent volume claim can obtain in OKE? - 50GB - 10GB - 1GB - 1TB

50GB

Which pattern can help you minimize the probability of cascading failures in your system during partial loss of connectivity or complete service failure? - Compensating transaction pattern - Anti-corruption layer pattern - Retry pattern - Circuit breaker pattern

Circuit breaker pattern

A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI Registry (OCIR). Which configuration is necessary to provide access to this repository from OKE? (Choose the best answer). - Add a generic secret on the cluster containing your identity credentials. Then specify a registryCredentials property in the deployment manifest. - Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in the application deployment manifest - Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest. - Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment.

Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest.

A programmer is developing a Node.js application which will run in a Linux server on their on-premises data center. This application will access various OCI services using OCI SDKs. What is the secure way to access OCI services with OCI Identity and Access Management (IAM)? - Create a new OCI IAM user associated with a dynamic group and a policy that grants the desired permissions to OCI services. Add the on-premises Linux server in the dynamic group. - Create an OCI IAM policy with the appropriate permissions to access the required OCI services and assign the policy to the on-premises Linux server. - Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, generate the key-pair used for signing API requests and upload the public key to the IAM user. - Create a new OCI IAM user , add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, add the username and password to a file used by Node.js authentication.

Create a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, generate the key-pair used for signing API requests and upload the public key to the IAM user.

You are developing a serverless application with Oracle Functions. You have created a function in compartment named prod. When you try to invoke your function you get the following error: Error invoking function. status: 502 message: dhcp options ocid1.dhcpoptions.oc1.iad.aa;sdklfja;sd does not exist or Oracle Functions is not authorized to use it. How can you resolve this error? - Create a policy: allow function-family to use virtual-network-family in compartment prod - Create a policy: allow any-user to manage function-family and virtual-network-family in compartment prod - Create a policy: allow service FaaS to use virtual-network-family in compartment prod - Deleting the function and redeploying it will fix the problem

Create a policy: allow service FaaS to use virtual-network-family in compartment prod

You are using OCI Resource Manager to manage your infrastructure lifecycle and wish to receive an email each time a Terraform action begins. How should you use the OCI Events service to do this without writing code? - Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Stack - Update" condition, and select the notification topic for the corresponding action. - Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Job - Create" condition, and select the notification topic for corresponding actions - Create a rule in OCI Events service matching the "Resource Manager Stack - Update" condition. Then, select "Action Type: Email" and provide the destination email address. - Create an OCI Email Delivery configuration with the destination email address. Then create an OCI Events rule matching "Resource Manager Job - Create" condition, and select the email configuration for the corresponding action.

Create an OCI Notifications topic and email subscription with the destination email address. Then create an OCI Events rule matching "Resource Manager Job - Create" condition, and select the notification topic for corresponding actions

A developer using OCI API Gateway must authenticate the API requests to their web application. The authentication process must be implemented using a custom scheme which accepts string parameters from the API caller. Which method can the developer use in this scenario? - Create an authorizer function using request header authorization - Create an authorizer function using token-based authorization. - Create a cross account functions authorizer. - Create an authorizer function using OCI Identity and Access Management based authentication.

Create an authorizer function using token-based authorization.

You encounter an unexpected error when invoking the Oracle Function named "myfunction" in application "myapp". Which can you use to get more information on the error? - fn --debug invoke myapp myfunction - fn --verbose invoke myapp myfunction - Call Oracle support with your error message - DEBUG=1 fn invoke myapp myfunction

DEBUG=1 fn invoke myapp myfunction

You have a containerized application that requires an ATP database. Which option is not valid for connecting to ATP from a container in Kubernetes? - Enable Oracle REST Data Services for the required schemas and connect via HTTPS. - Create a Kubernetes secret with contents from the instance Wallet files. Use this secret to create a volume mounted to the appropriate path in the application deployment manifest. - Use Kubernetes secretes to configure environment variables on the container with ATP instance OCID, and OCI API credentials. Then use the CreateConnection API endpoint from the service runtime. - Install the OCI Service Broker on the Kubernetes cluster and deploy ServiceInstance and ServiceBinding resources for ATP. Then use the specified binding name as a volume in the application deployment manifest.

Enable Oracle REST Data Services for the required schemas and connect via HTTPS.

You are working on a serverless DevSecOps application using Oracle Functions. You have deployed a Python function that uses the OCI Python SDK to stop any OCI Compute instance that does not comply with your corporate security standards. There are 3 non-compliant OCI Compute instances. However, when you invoke this function none of the instances were stopped. How should you troubleshoot this? - Enable function remote debugging in the OCI console, and use your favorite IDE to inspect the function running on OCI Functions - Enable function tracing in the OCI Console, and go to OCI monitoring console to see the function stack trace - Enable function logging in the OCI console, include some print statement in your function code and use logs to troubleshoot this - There is no way to troubleshoot a function running on Oracle Functions

Enable function logging in the OCI console, include some print statement in your function code and use logs to troubleshoot this

You are developing a serverless application with Oracle Functions. Your function needs to store state in a database. Your corporate security standards mandate encryption of secret information like database passwords. As a function developer, which approach should you follow to satisfy this security requirement? - Use the Oracle Infrastructure Console and enter the password in the function configuration section in the provided input field. - Use OCI Key Management to auto-encrypt the password. It will inject the auto-decrypted password inside your function container. - Encrypt the password using OCI Key Management. Decrypt this password in your function code with the generated key. - All function configuration variables are automatically encrypted by Oracle Functions.

Encrypt the password using OCI Key Management. Decrypt this password in your function code with the generated key.

What is the open source engine for Oracle Functions? - Apache OpenWhisk - Open FaaS - Knative - Fn Project

Fn Project

You are a consumer of OCI Streaming service. Which API should you use to read and process the stream? - ListMessages - GetMessages - GetObject - ReadMessages

GetMessages

Which is NOT a valid option to execute a function deployed on Oracle Functions? - Send a signed HTTP request to the fucntion's invoke endpoint - Invoke from OCI CLI - Invoke from Docker CLI - Trigger by an event in OCI Events service - Invoke from Fn Project CLI

Invoke from Docker CLI

Which one of the statements describes a service aggregator pattern? - It is implemented in each service separately and uses a streaming service - It involves implementing a separate service that makes multiple calls to other backend services - It uses a queue on both sides of the service communication - It involves sending events through a message broker

It involves implementing a separate service that makes multiple calls to other backend services

Which statement is incorrect with regards to the OCI Notifications service? - Notification topics may be assigned as the action performed by an OCI Events configuration. - OCI Alarms can be configured to publish to a notification topic when triggered. - An OCI function may subscribe to a notification topic. - A subscription can forward notifications to an HTTPS endpoint. - A subscriptions can integrate with PagerDuty events. - It may be used to receive an email each time an OCI Autonomous Database backup is complete.

It may be used to receive an email each time an OCI Autonomous Database backup is complete.

What is one of the differences between a microservice and a serverless function? - Microservices are used for long running operations and serverless functions for short running operations. - Microservices always use a data store and serverless functions never use a data store. - Microservices are stateless and serverless functions are stateful. - Microservices are triggered by events and serverless functions are not.

Microservices are used for long running operations and serverless functions for short running operations.

You are working on a cloud native e-commerce application on OCI. Your application architecture has multiple OCI services, including Oracle Functions. You need to trigger these functions directly from other OCI services, without having to run custom code. Which OCI service cannot trigger your functions directly? - OCI Events Service - OCI Registry - OCI API Gateway - Oracle Integration

OCI Registry

Which statement accurately describes OCI Load Balancer integration with OKE? - OKE service provisions an OCI Load Balancer instance for each Kubernetes service with LoadBalaner type in the YAML configuration - OCI Load Balancer instance provisioning is triggered by OCI Events service for each Kubernetes service with LoadBalancer type in the YAML configuration. - OCI Load Balancer instance must be manually provisioned for each Kubernetes service that requires traffic balancing. - OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration.

OKE service provisions a single OCI Load Balancer instance shared with all the Kubernetes services with LoadBalancer type in the YAML configuration.

You are developing a polyglot serverless application using Oracle Functions. Which language cannot be used to write your function code? - PL/SQL - Python - Node.js - Go

PL/SQL

Which concept is NOT related to OCI Resource Manager? - Job - Stack - Queue - Plan

Queue

You are processing millions of files in an OCI Object Storage bucket. Each time a new file is created, you want to send an email to the customer and create an order in a database. The solution should perform and minimize cost. Which action should you use to trigger this email? - Schedule a cron job that monitors the OCI Object Storage bucket and emails the customer when a new file is created. - Use OCI Events service and OCI Notification service to send an email each tie a file is created. - Schedule an Oracle Function that checks the OCI Object Storage bucket every minute and emails the customer when a file is found. - Schedule an Oracle Function that checks the OCI Object Storage bucket every second and emails the customer when a file is found.

Schedule an Oracle Function that checks the OCI Object Storage bucket every minute and emails the customer when a file is found.

You are building a container image and pushing it to OCIR. You need to make sure that these images never get deleted from the repository. Which action should you take? - Create a group and assign a policy to perform lifecycle operations on images. - Set global policy of image retention to "Retain All Images". - In your compartment, write a policy to limit access to the specific repository. - Edit the tenancy global retention policy.

Set global policy of image retention to "Retain All Images".

As a cloud-native developer, you have written a web service for your company. You have used OCI API Gateway service to expose the HTTP backend. However, your security team has suggested that your web service should handle Distributed Denial of Service (DDoS) attack. You are time-constrained and you need to make sure that this implemented as soon as possible. What should you do in this scenario? - Use a third party service integration to implement a DDoS attack mitigation - Use OCI VCN segregation to control DDoS - Use OCI API Gateway service to configure rate limiting - Re-write your web service and implement rate limiting

Use OCI API Gateway service to configure rate limiting

You have written a Node.js function and deployed it to Oracle Function. Next, you need to call this function from a microservice written in Java deployed on OKE. Which can help you to achieve this? - Use the OCI CLI with kubectl to invoke the function from the microservice - Oracle Functions does not allow a microservice deployed on OKE to invoke a function. - OKE does not allow a microservice to invoke a function from Oracle Functions.. - Use the OCI Java SDK to invoke the function from the microservice.

Use the OCI Java SDK to invoke the function from the microservice

A leading insurance firm is hosting its customer portal in OKE with an OCI Autonomous Database. Their support team discovered a lot of SQL injection attempts and cross-site scripting attacks to the portal, which is starting to affect the production environment. What should they implement to mitigate this attack? - Network Security Lists - Network Security Groups - Network Security Firewall - Web Application Firewall

Web Application Firewall

You are building a cloud native, serverless travel application with multiple Oracle Functions in Java, Python, and Node.js. You need to build and deploy these functions to a single application named travel-app. Which command will help you complete this task successfully? - oci fn function deply --app travel-app --all - fn deploy --app travel-app --all - oci fn application --application-name travel-app deploy --all - fn function deploy --all --application-name travel-app

fn deploy --app travel-app --all

You created a pod called "nginx" and its state is set to Pending. Which command can you run to see the reason why the "nginx" pod is in the pending state? - kubectl logs pod nginx - kubectl describe pod nginx - kubectl get pod nginx - Through the Oracle Cloud Infrastructure Console

kubectl describe pod nginx

How can you find details of the tolerations field for the sample YAML file below? apiVersion: v1 kind: Pod metadata: name: busybox namespace: default spec: containers: - image: busybox command: - sleep - "3600" imagePullPolicy: IfNotPresent name: busybox restartPolicy: Always tolerations: ...

kubectl explain pod.spec.tolerations

How do you perform a rolling update in Kubernetes? - kubectl rolling-update - kubectl upgrade --image=image:v2 - kubectl update --c - kubectl rolling-update --image=image:v2

kubectl rolling-update --image=image:v2

Your OKE administrator has created an OKE cluster with one node pool in a public subnet. You have been asked to provide a log file from one of the nodes for troubleshooting purpose. Which step should you take to obtain the log file? - ssh into the node using public key - ssh into the nodes using private key - It is impossible since OKE is a managed Kubernetes service - Use the username opc and password to login.

ssh into the nodes using private key