You need to create a GKE cluster in an existing VPC that is accessible from on-premises. You must meet the following requirements:
- IP ranges for pods and services must be as small as possible.
- The nodes and the master must not be reachable from the internet.
- You must be able to use kubectl commands from on-premises subnets to manage the cluster.
How should you create the GKE cluster?

A. * Create a private cluster that uses VPC advanced routes. * Set the pod and service ranges as /24. * Set up a network proxy to access the master. B. * Create a VPC-native GKE cluster using GKE-managed IP ranges. * Set the pod IP range as /21 and service IP range as /24. * Set up a network proxy to access the master. C. * Create a VPC-native GKE cluster using user-managed IP ranges. * Enable a GKE cluster network policy, set the pod and service ranges as /24. * Set up a network proxy to access the master. * Enable master authorized networks. D. * Create a VPC-native GKE cluster using user-managed IP ranges. * Enable privateEndpoint on the cluster master. * Set the pod and service ranges as /24. * Set up a network proxy to access the master. * Enable master authorized networks.