GCP
Google Kubernetes Engine (GKE) - From Basics to Advanced
Learn how to orchestrate containerized applications using Google Kubernetes Engine. Covers cluster management, deployment strategies, and scaling.
March 7, 2024
Technical Writer
5 min read
Google Kubernetes Engine (GKE) - From Basics to Advanced
Google Kubernetes Engine (GKE) is a managed Kubernetes service that lets you deploy, manage, and scale containerized applications on Google Cloud. This comprehensive guide covers everything from basic concepts to advanced features.
Architecture Overview
graph TB
subgraph GKE["GKE Cluster"]
direction TB
subgraph ControlPlane["Control Plane"]
direction LR
API["API Server"]
ETCD["etcd"]
SCHED["Scheduler"]
CM["Controller Manager"]
end
subgraph NodePools["Node Pools"]
direction LR
subgraph Pool1["Default Pool"]
N1["Node 1"]
N2["Node 2"]
end
subgraph Pool2["Custom Pool"]
N3["Node 3"]
N4["Node 4"]
end
end
subgraph Workloads["Workload Types"]
direction LR
PODS["Pods"]
DEPLOY["Deployments"]
STS["StatefulSets"]
DS["DaemonSets"]
end
end
subgraph Services["GCP Services"]
direction TB
LB["Load Balancer"]
IAM["IAM"]
LOG["Cloud Logging"]
MON["Cloud Monitoring"]
end
GKE --> Services
classDef primary fill:#4285f4,stroke:#666,stroke-width:2px,color:#fff
classDef secondary fill:#34a853,stroke:#666,stroke-width:2px,color:#fff
classDef tertiary fill:#fbbc05,stroke:#666,stroke-width:2px,color:#fff
class GKE,ControlPlane primary
class NodePools,Workloads secondary
class Services tertiary
Cluster Types and Features
| Feature | Standard Cluster | Autopilot | |---------|-----------------|-----------| | Node Management | Manual | Automated | | Pricing | Per node | Per pod | | Control | Full control | Limited control | | Use Case | Custom workloads | Simple deployments | | Scaling | Manual/Auto | Fully automated |
Getting Started
1. Cluster Creation
# Create standard cluster gcloud container clusters create my-cluster \ --zone us-central1-a \ --num-nodes 3 \ --machine-type e2-standard-4 # Create autopilot cluster gcloud container clusters create-auto my-autopilot \ --region us-central1
2. Basic Deployment
# deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-app spec: replicas: 3 selector: matchLabels: app: my-app template: metadata: labels: app: my-app spec: containers: - name: my-app image: gcr.io/PROJECT_ID/my-app:v1 ports: - containerPort: 8080 resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "200m" memory: "256Mi"
Node Pool Management
1. Creating Node Pools
# Create new node pool gcloud container node-pools create pool-2 \ --cluster my-cluster \ --zone us-central1-a \ --num-nodes 2 \ --machine-type n1-standard-4 # Enable autoscaling gcloud container clusters update my-cluster \ --enable-autoscaling \ --min-nodes 1 \ --max-nodes 5 \ --zone us-central1-a
2. Node Pool Configuration
# node-pool.yaml apiVersion: container.google.com/v1beta1 kind: NodePool metadata: name: custom-pool spec: initialNodeCount: 3 autoscaling: minNodeCount: 1 maxNodeCount: 5 config: machineType: n1-standard-4 diskSizeGb: 100 oauthScopes: - "https://www.googleapis.com/auth/cloud-platform" labels: env: prod taints: - key: dedicated value: gpu effect: NoSchedule
Workload Management
1. Deployment Strategies
# rolling-update.yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-app spec: replicas: 5 strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 1 template: # ... pod template spec
2. StatefulSet Example
# statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: web spec: serviceName: "nginx" replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 volumeMounts: - name: www mountPath: /usr/share/nginx/html volumeClaimTemplates: - metadata: name: www spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi
Networking
1. Service Types
# load-balancer.yaml apiVersion: v1 kind: Service metadata: name: my-app annotations: cloud.google.com/neg: '{"ingress": true}' spec: type: LoadBalancer ports: - port: 80 targetPort: 8080 selector: app: my-app
2. Ingress Configuration
# ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: my-ingress annotations: kubernetes.io/ingress.class: "gce" spec: rules: - host: my-app.example.com http: paths: - path: /* pathType: ImplementationSpecific backend: service: name: my-app port: number: 80
Security
1. Pod Security
# pod-security.yaml apiVersion: v1 kind: Pod metadata: name: secure-pod spec: securityContext: runAsUser: 1000 runAsGroup: 3000 fsGroup: 2000 containers: - name: secure-container image: nginx securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true
2. Network Policies
# network-policy.yaml apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: api-allow spec: podSelector: matchLabels: app: api policyTypes: - Ingress ingress: - from: - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 8080
Monitoring and Logging
1. Custom Metrics
# custom-metrics.yaml apiVersion: monitoring.googleapis.com/v1 kind: CustomMetric metadata: name: my-metric spec: type: custom.googleapis.com/my-metric metricKind: GAUGE valueType: INT64 labels: - key: service valueType: STRING
2. Logging Configuration
# logging-config.yaml apiVersion: v1 kind: ConfigMap metadata: name: fluentd-config data: fluent.conf: | <source> @type tail path /var/log/containers/*.log pos_file /var/log/fluentd-containers.log.pos tag kubernetes.* read_from_head true <parse> @type json time_key time time_format %Y-%m-%dT%H:%M:%S.%NZ </parse> </source>
Performance Optimization
1. Resource Management
# resource-quotas.yaml apiVersion: v1 kind: ResourceQuota metadata: name: compute-resources spec: hard: requests.cpu: "4" requests.memory: 4Gi limits.cpu: "8" limits.memory: 8Gi
2. Horizontal Pod Autoscaling
# hpa.yaml apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: my-app-hpa spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: my-app minReplicas: 1 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 50
Cost Optimization
-
Cluster Optimization
- Use appropriate machine types
- Implement node auto-provisioning
- Use preemptible VMs where possible
- Configure cluster autoscaling
-
Workload Optimization
- Set resource requests/limits
- Use horizontal pod autoscaling
- Implement pod disruption budgets
- Use node affinity rules
Best Practices
-
High Availability
- Use regional clusters
- Deploy across zones
- Implement pod anti-affinity
- Use PodDisruptionBudgets
-
Security
- Enable Workload Identity
- Use Binary Authorization
- Implement network policies
- Regular security updates
-
Monitoring
- Set up proper alerting
- Monitor cluster health
- Track resource usage
- Implement logging
Conclusion
GKE provides a powerful platform for running containerized applications at scale. Key takeaways:
- Choose the right cluster type
- Implement proper security measures
- Use autoscaling effectively
- Monitor performance and costs
- Follow best practices
For more information, refer to the official GKE documentation.
gcp
compute
kubernetes
gke
containers
