GKE - Google Kubernetes Engine

• Container story - GKE.
• GKE Overview.
• Standard Cluster Architecture.

• GKE Videos.

• CLI examples.

Cluster Types

Learn more about the Types of Clusters.

• Level of cluster management.
• Modes of operation.
• Cluster configuration choices.
• Cluster availability type.
• Cluster networking.
  • Alias IP: VPC-native clusters.

Operation Modes

The level of flexibility, responsibility, and control that you require for your clusters determines the mode of operation to use in GKE :

• Autopilot : Manages the underlying infrastructure such as node configuration, autoscaling, auto-upgrades, baseline security configurations and baseline networking configuration.
• Standard : Provides you with node configuration flexibility. You manage the underlying infrastructure, including configuring the individual nodes.

Choose a GKE mode of operation

Cluster availability type

• zonal cluster : Have a single control plane in a single zone.
  • Single-zone cluster : Control plane and worker nodes running in the same zone.
  • Multi-zonal cluster : The control plane running in a single zone, and has worker nodes running in multiple zones.
• regional cluster : Has multiple replicas of the control plane, running in multiple zones within a given region. Nodes in a regional cluster can run in multiple zones or a single zone.

In contrast to zonal clusters that have a single control plane in a single zone, regional clusters increase the availability of both a cluster's control plane and its nodes by replicating them across multiple zones in a region. Might be expensive in Standard Mode.

Securing GKE

• GCP IAM.
• K8S RBAC.
• Workload Identity.

Workload Identity allows a Kubernetes service account in your GKE cluster to act as an IAM service account.
Pods that use the configured Kubernetes service account automatically authenticate as the IAM service account when accessing Google Cloud APIs.