A bastion host in a dark site environment serves as a secure entry point for managing the NKP deployment, providing access to the cluster infrastructure without direct Internet connectivity. The NKPA course outlines the prerequisites for preparing a Linux VM as a bastion host, focusing on secure access and time synchronization, which are critical for air-gapped Kubernetes deployments.
Get or create SSH Keys (Option B):The bastion host requires SSH keys to enable secure, passwordless access to the NKP cluster nodes and other infrastructure components (e.g., Nutanix AHV hosts). The NKPA course specifies that SSH keys must be generated or obtained and configured on the bastion host to facilitate secure communication during deployment and management tasks. The Nutanix Cloud Native (NCP-CN) 6.10 Study Guide states: “For a bastion host in an NKP dark site deployment, ensure SSH keys are created or obtained to enable secure access to cluster nodes and infrastructure.” The engineer can generate SSH keys using ssh-keygen and distribute the public key to the target systems.
Enable NTP Service (Option D):Time synchronization is essential in Kubernetes clusters to ensure consistent logging, certificate management, and scheduling. In a dark site with no Internet access, the bastion host must be configured to synchronize time with an internal NTP (Network Time Protocol) server or act as an NTP server itself. The NKPA course emphasizes enabling the NTP service on the bastion host to maintain accurate time across the air-gapped environment. The NCP-CN 6.10 Study Guide notes: “Enable the NTP service on the bastion host to ensure time synchronization in a dark site NKP deployment, as Kubernetes requires accurate time for proper operation.” The engineer can enable NTP using commands like systemctl enable ntpd and configure it to use an internal time source.
Incorrect Options:
A. Install LDAP Server: LDAP is used for centralized authentication, but it is not a requirement for a bastion host in an NKP dark site deployment. The course focuses on SSH access instead.
C. Install Docker: While Docker is needed on Kubernetes nodes for container runtimes, the bastion host’s role is to provide secure access and management, not to run containers.
[:, Nutanix Kubernetes Platform Administration (NKPA) Course, Section on Preparing for Dark Site Deployments., Nutanix Cloud Native (NCP-CN) 6.10 Study Guide, Chapter on NKP Deployment Prerequisites., Nutanix Cloud Bible, NutanixKubernetesPlatform Section: https://www.nutanixbible.com, , , ]
Submit