Editor's note: This is the first of many posts on unique differentiated capabilities in Google Kubernetes Engine. Stay tuned in the coming weeks as we discuss GKE’s more advanced features.
Kubernetes has come a long way since Google open-sourced it in 2014. Since then, the community has developed a robust suite of installation, management, and configuration tooling for a variety of use cases. But many organizations are overwhelmed by having to run Kubernetes on their own, and instead adopt Google Kubernetes Engine (GKE), our managed service. Their concern isn’t the underlying infrastructure; they just want a strong foundation that lets them focus on their business.
Today, we’re introducing GKE Advanced, which adds enterprise-grade controls, automation and flexibility, building on what we’ve learned managing our robust worldwide infrastructure. Going forward, we’ll refer to our existing GKE offering as GKE Standard.
Here are the two GKE editions at a glance:
GKE Advanced delivers advanced infrastructure automation, integrated software supply chain tooling for enhanced security, a commitment to reliability with a financially backed SLA, and support for running serverless workloads. These new, advanced GKE features and tooling help you operate in fast-moving environments to simplify the management of workloads and clusters, and scale hands-free. You still benefit from Kubernetes’ portability and third-party ecosystem, but with an enhanced feature set.
GKE Standard includes all the features and capabilities that are generally available today, providing a managed service for less complex projects. You can continue to take advantage of the rich ecosystem of first-party and third-party integrations in GCP, including those available in the GCP Marketplace.
Let’s take a closer look at features GKE Advanced will include:
GKE Advanced is financially backed by an SLA that guarantees availability of 99.95% for regional clusters, providing peace of mind for mission-critical workloads.
Manually scaling a Kubernetes cluster for availability and reliability can be complex and time consuming. GKE Advanced includes two new features to make it easier: Vertical Pod Autoscaler (VPA), which watches resource utilization of your deployments and adjusts requested CPU and RAM to stabilize the workloads; and Node Auto Provisioning, which optimizes cluster resources with an enhanced version of Cluster Autoscaling.
Additional layer of defense
DevOps and system administrators often need to run third-party software in their Kubernetes cluster but still want to make sure that it’s isolated and secure. GKE Advanced includes GKE Sandbox, a lightweight container runtime based on gVisor that adds a second layer of defense at the pod layer, hardening your containerized applications without any code or config changes, or requiring you to learn a new set of controls.
Software supply-chain security
Malicious or accidental changes during the software development lifecycle can lead to downtime or compromised data. With Binary Authorization, container images are signed by trusted authorities during the build and test process. By enforcing that only verified images are integrated into the build-and-release process, you gain tighter control over your container environment.
You want to quickly develop and launch applications, without having to worry about the underlying infrastructure on which your code runs. Cloud Run on GKE provides a consistent developer experience for deploying and running stateless services, with automatic scaling (even to zero instances), networking and routing, logging, and monitoring; all based on Knative.
Understand your infrastructure usage
When multiple tenants share a GKE cluster, it can be hard to estimate which tenant is consuming what portion of resources. GKE usage metering allows you to see your cluster's resource usage broken down by Kubernetes namespaces and labels, and attribute it to meaningful entities such as customers, departments and the like.
With the addition of advanced autoscaling and security, support for serverless workloads, enhanced usage reporting—all backed financially by an SLA, GKE Advanced gives you the tools and confidence you need to build the most demanding production applications on top of our managed Kubernetes service. GKE Advanced will be released with a free trial later in Q2. Have questions about GKE Advanced? Contact your Google customer representative for more information, and sign up for our upcoming webcast, Your Kubernetes, Your Way Through GKE.