You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
GKE Overview
GKE Overview
Google Kubernetes Engine (GKE) is a managed Kubernetes service on Google Cloud that lets you deploy, manage, and scale containerised applications using the Kubernetes orchestration system. GKE removes the operational burden of managing the Kubernetes control plane, allowing you to focus on deploying and running your workloads.
What Is GKE?
GKE is a production-ready, managed environment for running containers. It is built on Kubernetes — the open-source container orchestration system originally developed by Google — and provides a fully managed experience with automatic upgrades, integrated monitoring, and seamless integration with other Google Cloud services.
Key Features
| Feature | Description |
|---|---|
| Managed control plane | Google manages the Kubernetes API server, etcd, scheduler, and controller manager |
| Auto-scaling | Horizontal Pod Autoscaler, Vertical Pod Autoscaler, and Cluster Autoscaler |
| Auto-repair | Unhealthy nodes are automatically detected and replaced |
| Auto-upgrade | Kubernetes versions are automatically upgraded with minimal disruption |
| Integrated monitoring | Built-in integration with Cloud Monitoring, Cloud Logging, and Cloud Trace |
| Security | Container-Optimized OS, Shielded GKE Nodes, Workload Identity, Binary Authorization |
GKE Modes: Standard vs Autopilot
GKE offers two modes of operation:
Standard Mode
In Standard mode, you manage the underlying node infrastructure. You choose machine types, configure node pools, manage node scaling, and are responsible for node-level security and maintenance. You pay for the Compute Engine VMs running as nodes, regardless of whether pods are scheduled on them.
Autopilot Mode
In Autopilot mode, Google manages the entire cluster infrastructure, including nodes. You only define your workloads (pods), and GKE provisions the right amount of compute resources. You pay per pod based on the CPU, memory, and ephemeral storage requested — not per node. Autopilot enforces security best practices by default.
| Aspect | Standard | Autopilot |
|---|---|---|
| Node management | You manage | Google manages |
| Billing | Per node (VM) | Per pod (resources requested) |
| SSH access to nodes | Yes | No |
| DaemonSets | Yes | Limited |
| Privileged containers | Allowed | Not allowed |
| Node configuration | Full control | Managed by Google |
| Security hardening | You configure | Enforced by default |
Creating a GKE Cluster
# Create a Standard mode cluster
gcloud container clusters create my-cluster \
--region europe-west2 \
--num-nodes 3 \
--machine-type e2-standard-4 \
--enable-autoscaling --min-nodes 1 --max-nodes 10
# Create an Autopilot cluster
gcloud container clusters create-auto my-autopilot-cluster \
--region europe-west2
# Get credentials to interact with the cluster
gcloud container clusters get-credentials my-cluster \
--region europe-west2
GKE and the Kubernetes API
Once you have a GKE cluster, you interact with it using standard Kubernetes tools — kubectl, Helm, Kustomize, and the Kubernetes API. Everything you know about Kubernetes applies to GKE.
# Check cluster nodes
kubectl get nodes
# Deploy an application
kubectl create deployment nginx --image=nginx:latest --replicas=3
# Expose the deployment
kubectl expose deployment nginx --type=LoadBalancer --port=80
# Check running pods
kubectl get pods -o wide
GKE Networking
GKE clusters use Google Cloud's VPC networking. Key networking concepts include:
| Concept | Description |
|---|---|
| VPC-native clusters | Pods and Services get IP addresses from the VPC (alias IP ranges) |
| Cloud Load Balancing | Services of type LoadBalancer create Google Cloud Load Balancers automatically |
| Ingress | GKE Ingress creates HTTP(S) Load Balancers for routing external traffic |
| Network policies | Control pod-to-pod traffic using Calico or GKE Dataplane V2 |
| Private clusters | Nodes have no public IP addresses — only accessible via the VPC |
Integration with Google Cloud Services
GKE integrates deeply with the Google Cloud ecosystem:
| Integration | Description |
|---|---|
| Cloud Logging & Monitoring | Automatic log and metric collection from clusters, nodes, and pods |
| Artifact Registry | Store and manage container images |
| Cloud Build | Build container images and deploy to GKE via CI/CD |
| Workload Identity | Map Kubernetes service accounts to Google Cloud service accounts |
| Config Connector | Manage Google Cloud resources using Kubernetes manifests |
| Cloud SQL Auth Proxy | Securely connect pods to Cloud SQL databases |
| Secret Manager | Access secrets from pods using the CSI driver |
Pricing
GKE pricing consists of two components:
| Component | Cost |
|---|---|
| Cluster management fee | Per cluster per hour (free for one Autopilot or one zonal Standard cluster) |
| Compute | Standard: pay for Compute Engine VMs (nodes). Autopilot: pay per pod resources |
The GKE free tier includes one zonal Standard cluster or one Autopilot cluster at no management fee.
Summary
GKE is Google Cloud's managed Kubernetes service, providing a production-ready platform for running containerised workloads. It offers two modes — Standard (you manage nodes) and Autopilot (Google manages everything). GKE handles control plane management, auto-scaling, auto-repair, auto-upgrade, and integrates with Cloud Logging, Monitoring, Artifact Registry, Workload Identity, and other Google Cloud services. For most new workloads, Autopilot is the recommended starting point.