iTranslated by AI
A Simple Introduction to Google Kubernetes Engine (GKE) for Beginners
Introduction to Google Kubernetes Engine (GKE) for Rabbits
Hello, everyone! In this article, I will explain Google Kubernetes Engine (GKE) in an easy-to-understand way, even for beginners.
"Kubernetes seems hard..." "I hear about containers a lot but don't really get them..." I hear those kinds of things often, but it's okay, pyon! By reading this article, you'll be able to master everything from the basics of GKE to actual application deployment.
1. What is GKE?
Google Kubernetes Engine (GKE) is a managed Kubernetes service provided by Google Cloud. Kubernetes itself is an open-source platform for automating the deployment, scaling, and management of containerized applications, but building and operating a Kubernetes cluster on your own is quite a lot of work.
That's where GKE comes in! With GKE, you can easily create Kubernetes clusters on Google Cloud's infrastructure, and since Google manages them for you, the operational effort is significantly reduced.
The main features of GKE are as follows:
- Low operational burden as it is a managed service
- Automatic cluster scaling is possible
- Easy integration with other Google Cloud services
- Robust security measures
- Automatic upgrades to the latest Kubernetes versions
2. Basic Concepts of Kubernetes
To understand GKE, you first need to know the basic concepts of Kubernetes. I'll explain it simply from a rabbit's perspective, pyon!
What is Container Orchestration?
When operating applications using containers (like Docker) on a large scale, you need to manage and coordinate many containers. Container orchestration automates this process. Kubernetes is a typical tool for this.
It's like when rabbits grow carrots in a field; they coordinate and manage various tasks like sowing seeds, watering, and harvesting, pyon.
What is a Pod?
A Pod is the smallest deployable unit in Kubernetes and is a group of one or more containers. Containers within the same Pod run on the same node and share storage and network resources.
If you compare it to a rabbit's burrow, it's like an image where multiple rabbits (containers) live in a single burrow (Pod), pyon.
What is a Deployment?
A Deployment is a resource for creating and managing multiple replicas of Pods. It provides features like scaling and rolling updates.
This is like a leader rabbit who manages a rabbit colony, pyon. They decide how many rabbits are needed and which burrows they should live in.
What is a Service?
A Service is a resource that provides network access to Pods. Since Pods are created and deleted dynamically, a Service stabilizes access to them.
This is like a guide who helps visitors to a rabbit colony find a specific rabbit, pyon.
Other Important Resources
- Namespace: A virtual cluster that groups resources.
- ConfigMap/Secret: Manages configuration information or sensitive data.
- PersistentVolume: Persistent data storage.
- Ingress: Routes external HTTP traffic.
3. Basic Architecture of GKE
A GKE cluster consists of two main components: the control plane and nodes.
Control Plane and Nodes
- Control Plane: The component responsible for managing the cluster, which is managed by Google in GKE. It includes the API server, scheduler, and controller manager.
- Nodes: Worker machines that actually run the containers, which are Compute Engine VM instances. Each node runs a container runtime (such as Docker) and a Kubernetes agent called kubelet.
What is Standard Mode?
This is the traditional GKE mode, where you have fine-grained control over node pool configuration and management. You can specify the number of nodes and machine types and manually perform scaling and management, but this requires more management effort.
What is Autopilot Mode?
This is a new mode introduced in 2021 where node management is fully automated. Users only define the workloads (Pods), and the necessary resources are automatically provisioned. It is recommended in many cases because it significantly reduces operational effort and automatically optimizes costs.
In rabbit terms, while Standard mode is like digging and managing your own burrow, Autopilot mode is like letting someone else handle all the burrow management so you can focus only on eating carrots, pyon.
The Concept of Node Pools
A group of nodes with the same configuration is called a node pool. In GKE Standard mode, you can create multiple node pools, each with different machine types or GPUs. This allows for optimal resource allocation according to the workload.
4. Creating a GKE Cluster
Now, let's actually create a GKE cluster!
Prerequisites (Google Cloud account, enabling APIs)
- If you don't have a Google Cloud account, register for a new one and create a project.
- Enable billing for the project (new users can use the free tier).
- Enable the Google Kubernetes Engine API.
gcloud services enable container.googleapis.com
Preparing the Environment Using Cloud Shell
Using "Cloud Shell," which can be accessed from the Google Cloud Console, is convenient because you can use command-line tools directly from your browser. All necessary tools are pre-installed.
If you prefer to work in a local environment, you will need to install and properly configure the Google Cloud SDK and kubectl.
Creating an Autopilot Cluster
This time, we will create a cluster in Autopilot mode, which is simple and has low operational overhead.
gcloud container clusters create-auto my-first-cluster \
--region=us-central1
When you run this, an Autopilot cluster will be created in a few minutes. It takes about 5 to 10 minutes for the cluster creation to complete, so let's wait patiently, pyon.
Connecting to the Cluster
Once the cluster is created, get the authentication credentials to connect using kubectl.
gcloud container clusters get-credentials my-first-cluster --region=us-central1
Running this command allows you to operate the cluster with kubectl commands. You can verify the connection with the following command:
kubectl get nodes
5. Deploying a Sample Application
Now that the cluster is ready, let's actually deploy an application!
Preparing the Sample Application
In this section, we will use the "hello-app" sample application provided by Google. This app is a simple web server that displays a message when accessed.
If you want to use your own application, you need to package it as a Docker container and push it to a container registry.
Creating a Deployment
First, let's create a Deployment. Save the following content in a file named deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-app
spec:
replicas: 3
selector:
matchLabels:
app: hello-app
template:
metadata:
labels:
app: hello-app
spec:
containers:
- name: hello-app
image: gcr.io/google-samples/hello-app:1.0
ports:
- containerPort: 8080
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 200m
memory: 256Mi
Then, apply it with the following command:
kubectl apply -f deployment.yaml
This creates three Pods, each running the hello-app container.
Creating and Exposing a Service
Next, create a Service to expose the application to the outside world. Save the following content in a service.yaml file:
apiVersion: v1
kind: Service
metadata:
name: hello-service
spec:
selector:
app: hello-app
ports:
- port: 80
targetPort: 8080
type: LoadBalancer
Then, apply it with the following command:
kubectl apply -f service.yaml
By specifying type: LoadBalancer, a Google Cloud Load Balancer will be automatically created, and an external IP address will be assigned.
Verifying Access to the Application
Once the Service is created, check the assigned external IP address:
kubectl get services hello-service
Access the IP address displayed in the EXTERNAL-IP column with a web browser, and you should see the message "Hello, World!". Congratulations, pyon! You have successfully deployed an application to GKE.
6. GKE Operational Management
After deploying the application, operational management is also important. GKE provides the following features:
Monitoring and Log Collection
GKE is integrated with Google Cloud Operations and provides the following features:
- Cloud Monitoring: Collect and analyze metrics for clusters and workloads.
- Cloud Logging: Centrally manage container logs.
- Error Reporting: Aggregate application errors.
You can access the monitoring dashboard from "Kubernetes Engine" -> "Clusters" in the console.
Autoscaling
GKE has several scaling options:
- Horizontal Pod Autoscaling (HPA): Automatically adjusts the number of Pods based on CPU usage or other metrics.
- Vertical Pod Autoscaling (VPA): Automatically adjusts the resource requests of Pods.
- Cluster Autoscaler: Automatically adjusts the number of nodes based on the workload.
In Autopilot mode, these scaling operations are managed by Google.
Cluster Upgrades
In GKE, Kubernetes version upgrades are provided periodically:
- Automatic Upgrades: Automatically upgrade within a maintenance window.
- Manual Upgrades: Control the timing and upgrade manually.
Autopilot mode uses automatic upgrades as the default, but you can select a release channel (Rapid, Regular, Stable).
Security Best Practices
Security best practices in GKE include:
- Workload Identity: Integrates GCP service accounts with Kubernetes service accounts.
- Binary Authorization: Only allows the deployment of authorized container images.
- Container-Optimized OS: A node OS with enhanced security.
- Secret Management: Safely manage sensitive information.
In addition, you can enhance security by setting network policies, Pod security policies, etc.
7. GKE Cost Optimization
Cost management is an important part of using cloud services. In GKE, the following optimizations are possible.
GKE Pricing Structure
GKE pricing primarily consists of the following elements:
- Cluster Management Fee: Cost for the control plane (not required for Autopilot).
- Computing Resources: Cost of Compute Engine instances used as nodes.
- Storage: Cost of storage such as Persistent Disks and GCS buckets.
- Network: Cost of data transfer and load balancing.
In Autopilot mode, you are billed at the Pod level, and you only pay for the resources you use.
Using Spot VMs
For interruptible workloads such as non-production environments or batch processing, you can achieve cost savings of up to 91% by using Spot VMs (formerly Preemptible VMs), which are offered at a significant discount.
# Example of creating a spot node pool in Standard mode
gcloud container node-pools create spot-pool \
--cluster=my-cluster \
--spot \
--machine-type=e2-standard-4
Optimizing Resource Requests and Limits
It is important to set appropriate resource requests and limits for your containers.
resources:
requests:
cpu: 100m # 0.1 CPU
memory: 128Mi
limits:
cpu: 200m # 0.2 CPU
memory: 256Mi
If resource requests are too low, performance issues will occur; if they are too high, costs will increase. It is important to monitor actual usage and make adjustments.
Cost Reduction via Autoscaling
- Horizontal Pod Autoscaling: Adjusts the number of Pods according to the load.
- Cluster Autoscaler: Automatically reduces unused nodes.
- Multi-tenancy: Runs multiple applications on the same cluster.
By utilizing these features, you can reduce resource waste and optimize costs.
8. Summary and Next Steps
How was it? In this article, we have covered a wide range of topics, from the basics of GKE to actual application deployment.
By using GKE, you can abstract away the complexity of Kubernetes and easily build a scalable and highly reliable application execution environment. Especially by using Autopilot mode, you can enjoy the benefits of Kubernetes while significantly reducing the operational burden.
To further your learning from here, the following topics are recommended, pyon:
- Integration with CI/CD pipelines
- Implementation of microservices architecture
- Introduction of service meshes such as Istio
- Advanced monitoring with Prometheus
Google Cloud documentation and tutorials are also extensive, so please check them out:
We hope that using GKE will help your applications leap forward in growth, pyon!
Discussion