Skip to main content

Google Kubernetes Engine (GKE)

 

  • Secured and managed Kubernetes services with auto-scaling and multi-cluster support

Features

  • Can be configured to automatically scale node pool and clusters across multiple node pools based on changing workload requirements.
  • Auto-repair can be enabled to do health checks on node
  • Choose clusters tailored to your requirements based on:
    • Availability
    • Version Stability
    • Isolation
    • Pod Traffic requirements
  • Enable Cloud Logging and Cloud Monitoring via simple checkbox configurations.
  • Kubernetes version can be enabled to auto-upgrade with the latest release patch.
  • Supports Docker container format.
  • Integrates with Google Container Registry so you can easily access your private Docker images.

Kubernetes Cluster Architecture

  • kubectl
    • Is the main CLI tool for running commands and managing Kubernetes clusters.

  • Cluster
    • All of the Kubernetes objects that represent your containerized applications run on top of a cluster.
  • Node
    • Nodes are the worker machines that run your containerized applications and other workloads.
    • A cluster typically has one or more ,
    • Kubernetes runs your workload by placing containers into Pods to run on Nodes.
  • Node Pool
    • A node pool is a set of nodes within a cluster that have similar configurations.
  • Cluster Autoscaler
    • Cluster Autoscaler automatically resizes the number of nodes in a given node pool, based on the demands of your workloads.
  • Horizontal Pod Autoscaling
    • HPA automatically scales the number of pods in response to
      • your workload’s CPU or memory consumption
      • custom metrics reported from within Kubernetes
      • customer metrics reported externally.
    • Cannot be used for workloads that cannot be scaled, such as DaemonSets.

Kubernetes API Objects

  • Pods
    • Are the smallest deployable units of computing that you can create and manage in Kubernetes.
    • Every pod has its own IP address. 
  • Deployment
    • You describe the desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate.
  • Service
    • Serves as a load balancer to balance traffic across a set of Pods
    • You are allowed to specify which type of Service you would like to use:
      • ClusterIP: Exposes the Service on a cluster-internal IP.
      • NodePort: Exposes the Service on each Node’s IP at a static port (the NodePort).
      • LoadBalancer: Exposes the Service externally using a cloud provider’s load balancer.
  • Daemon Set
    • A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
  • ConfigMaps
    • ConfigMaps enable you to separate your configurations from your Pods and components, which helps keep your workloads portable.

GKE Sandbox

  • Provides a second layer of security between containerized workloads on GKE.
  • GKE Sandbox uses gVisor.
  • You cannot enable GKE Sandbox on a default node pool.
  • When using Sandbox, you must have at least 2 node pools.
  • It is not possible to use accelerators such as GPUs or TPUs

Pricing

Pricing for Cluster Management

  • One zonal cluster (single-zone or multi-zonal) per billing account is free.
  • The fee is flat, irrespective of cluster size and topology—whether it is a single-zone cluster, multi-zonal cluster or regional cluster, all accrue the same flat fee per cluster.
  • Billing is computed on a per-second basis for each cluster. The total amount is rounded to the nearest cent, at the end of each month.
  • The fee does not apply to Anthos GKE clusters.

Pricing for worker node

  • GKE uses Compute Engine instances for worker nodes in the cluster. You are billed for each of those instances according to Compute Engine’s pricing, until the nodes are deleted. Compute Engine resources are billed on a per-second basis with a one-minute minimum usage cost.
Labels:

Comments

Post a Comment

Popular posts from this blog

Google Cloud Pub/Sub

  Cloud Pub/Sub is a fully-managed real-time messaging service for event driven systems that allows you to send and receive messages between independent applications. Features Capable of global message routing to simplify multi-region systems. Synchronous, cross-zone message replication and per-message receipt tracking ensure at-least-once delivery at any scale. Pub/Sub delivers each message at least once, so the Pub/Sub service might redeliver messages. You can declare independent quota and billing for publishers and subscribers. Cloud Pub/Sub doesn’t have shards or partitions. You just need to set your quota, publish, and consume. Key Concepts Topic It is a named resource to which publishers send messages. Subscription Is a named resource representing the stream of messages from a specific topic, to be sent to the subscribing application. Message The combination of data and attributes that a publisher sends to a topic and is eventually sent to subscribers. Message attribute A key...
Post a Comment
Read more

Google Cloud Dataprep

  Cloud Dataprep by Trifacta is an intelligent data service for visually exploring, cleaning, and preparing structured and unstructured data for analysis, reporting, and machine learning. Features You can transform structured or unstructured datasets of any size — megabytes to petabytes — with equal ease and simplicity. Cloud Dataproc can transform datasets stored in CSV, JSON, or relational table formats. You can process data stored in Cloud Storage, BigQuery, or from your desktop, then export the refined data to BigQuery or Cloud Storage for storage, analysis, visualization, or machine learning. Uses a proprietary algorithm that interprets the data transformation intent of a user’s data selection. You can leverage hundreds of transformation functions readily available to turn your data into the asset you want. Cloud Dataprep enables users to collaborate on similar flow objects in real-time or to create copies for other team members to use for independent tasks. Explore your data ...
Post a Comment
Read more

Google Cloud Identity and Access Management

  Create and manage permissions for your Google Cloud resources with Identity Access Management (IAM). Provides a unified view into your organization’s security policy with built-in auditing to ease compliance purposes. Features Lets you authorize who can take specific actions on resources to give you full control and visibility on your Google Cloud services centrally. Permissions are represented in the form of  service.resource.verb Can map job functions into groups and roles. With IAM, users only get access to what they need to get the job done. Cloud IAM enables you to grant access to cloud resources at fine-grained levels, well beyond project-level access. You can leverage Cloud Identity to easily create or sync user accounts across applications and projects. IAM lets you set policies at the following levels of the resource hierarchy: Organization level The organization resource represents your company. IAM roles granted at this level are inherited by all resources under t...
Post a Comment
Read more