In this course, you will learn about some of the more advanced options available when creating a Google Kubernetes Engine cluster.
You will learn the main differences between:
- Standard vs. Autopilot clusters
- Private vs. Public clusters
- Zonal vs. Regional clusters
- Routes-based vs. VPC-native clusters
- GCP Network Engineers
- GCP Security Engineers
- Anyone preparing for a Google Cloud certification (such as the Professional Cloud Network Engineer exam)
- Basic understanding of Kubernetes and GKE
- Some experience building and deploying containers
Creating a new cluster in GKE can be kind of overwhelming, especially if you are just starting out. There are so many options to choose from. You have to consider many things including: node pool size, CPU and memory, availability type, routing and network isolation. While some people will know exactly what they need, others may not understand or even care about this level of detail. Luckily, Google supports both by offering GKE Standard and GKE Autopilot.
GKE Standard gives you the greatest amount of control. With a Standard cluster, you have to make a bunch of decisions up front. You need to specify cluster-wide settings like the release channel and version number. You will specify details about your nodes like the size of your pool, what kind of machine types to use, and what operating system to install. Standard mode allows you to be very “hands-on”. This means you are going to be responsible for monitoring the health of your nodes and as well as understanding the required amount of compute capacity. Basically, Standard provides the most options, but it requires more work.
GKE Autopilot takes the opposite approach. Autopilot tries to hide most of the complexity by making the tough decisions for you. Autopilot clusters are pre-configured with optimized settings. So you don’t need to do a bunch of research. Google’s best practices have already been implemented for you. Autopilot also handles most of the maintenance work. All nodes will be automatically repaired and upgraded as needed. And auto-scaling means that it can handle whatever workloads you throw at it.
In addition to being easier, Autopilot can also help save you money. With Autopilot you pay per pod instead of per node. So on a Standard cluster, you provision a number of nodes and you have to pay for those nodes whether you use them or not. An Autopilot cluster only creates nodes as you need them. So when you deploy pods, Autopilot will add nodes and you are billed for those nodes. But when you remove pods, Autopilot can remove some nodes and then you will stop getting charged for those. An “empty” Standard cluster can cost a lot of money. An “empty” Autopilot cluster won’t be free, but it will cost a lot less.
Alright, so that covers the basics. Now, let me show you how to go about creating both a Standard and an Autopilot GKE cluster. As you can see here, I have already logged in to the GCP console. To get to the GKE screen, you can search for either “GKE” or “Kubernetes”.
If you don’t have any clusters like me, you will see this screen. So to start, just to click on one of the create buttons (either here or here). Once you do that you will be asked which type of cluster you want to create. If you already know which one you want you can click the appropriate button. Or if you can click on this compare button to get a summary of the main differences between the two.
The other nice feature on this page is you can click on “Try the Demo” and you will get a nice tutorial that will walk you through the appropriate steps. Everything is explained and links are even provided. As you complete each section, just click on the next button to proceed. And the best thing is this tutorial won’t go away even when you navigate to a different page. So if you are ever having issues creating a cluster yourself, I would recommend checking that out.
Ok, let me close the tutorial and get back to creating those clusters. First, I am going to create an Autopilot cluster. Actually, your first step before clicking on “Create” should be to verify that you have selected the correct project. Here you can see that I have selected my “Daniel-Sandbox” project. This is where I want my clusters to live, so this is fine. Make sure to pick the correct project before proceeding.
Alright, now I can create an Autopilot cluster. You will see that the form is pretty streamlined. You really only need to enter three things: The name, region, and whether it will be public or private. Of course, default values are provided. Once you are happy with your selection, then you just have to click on “Create”.
The reason this form is so short is that a bunch of decisions have already been made for you. You can see here that it is going to automatically provision, scale and maintain my nodes. Notice that I don’t have to choose the number of nodes or pick the machine types. It’s also going to use VPC-native routing. And Shielded GKE Nodes and Workload Identity are enabled, as well as logging and monitoring.
Now if you want, there are a few more advanced options you can change down here. Under “Networking Options” I can change the network to use for the cluster. I can also modify address ranges for the nodes and services. Now, most people won’t mess with this, but it is here if you need it. Under “Advanced Options” you can do other things like enable the maintenance window or turn on encryption. You can also set up metadata to help you distinguish between multiple clusters. But this is all optional. In this demo, I just want a basic cluster that I can deploy containers to. So I will go ahead and click on “Create”.
Creation can take a little while, so while I wait on my Autopilot cluster to finish, I am going to start creating my Standard cluster. You will notice that the Standard form has quite a few more options available. In fact, there are multiple pages of options you have to go through. If you click on the side menu here, you can see everything that is available to choose. Standard exposes all the possibilities along with all the complexity.
Let's run through the main settings you will need to consider. Of course, you need to pick a good name. I am going to change this to “Standard-cluster-1” so I can easily tell it apart from the Autopilot cluster. Then you need to decide if this is going to be Zonal or a Regional cluster. You then need to set up your node pool. So that means picking the number of nodes. You need to choose the operating system they are going to run, along with picking a machine type. This is going to require some understanding about how much processing power and memory capacity is needed to run your workloads. You then should pick the appropriate security settings for your nodes and add any necessary metadata. Now that is a lot. But, this is just the start.
Next, you also need to configure any automation, networking, and security settings for the entire cluster itself. And finally, you might need to enable some extra features here. Once you do all that, you can create your Standard cluster.
So I started the creation of the two clusters. Let me fast forward a bit until they are both available. Ok. Now you can see my Autopilot cluster here. And here is my Standard. They look pretty similar from this view. The Autopilot cluster is not showing any nodes because it will automatically create them as needed. And since I haven’t deployed anything to it yet, right now it is still empty. The Standard one has 3 nodes because that is what I choose during creation. You will start to notice more differences if I open up each one in a different tab.
You cannot edit the settings that have a padlock icon next to them. You can edit the settings that have a pencil icon. So there are certain things you can change and others you cannot. One of the big differences between Standard and Autopilot is that Autopilot has a lot of these grayed-out pencil icons. So at first glance it appears that you can change a lot of settings in an Autopilot cluster, but when you look closer you will see that is not the case. I have a few settings I can change here, but not many. Standard clusters have a lot more black pencil icons than gray. So you can edit most of these settings. And if you do see a gray pencil on a Standard cluster, it usually means you just need to enable an API or another feature first. So for example, in this case I need to enable the Binary Authorization API before I can change this setting.
So that is pretty much it. Now you should understand how to create both an Autopilot cluster and a Standard cluster.
So Autopilot is great for most use cases. Unless you are trying to do something pretty advanced, it should provide you with a solid production environment to run your containers. If you have more advanced knowledge of Kubernetes and you need an option or two that Autopilot does not support, then you can choose Standard.
Be aware that you cannot convert a cluster between the two types. If you want to switch, then you actually have to create a whole new cluster and then migrate your containers over. So make sure you understand the differences before choosing one over the other. I also recommend you play around with both, to experiment and get a good feel of the similarities and differences.
Daniel began his career as a Software Engineer, focusing mostly on web and mobile development. After twenty years of dealing with insufficient training and fragmented documentation, he decided to use his extensive experience to help the next generation of engineers.
Daniel has spent his most recent years designing and running technical classes for both Amazon and Microsoft. Today at Cloud Academy, he is working on building out an extensive Google Cloud training library.
When he isn’t working or tinkering in his home lab, Daniel enjoys BBQing, target shooting, and watching classic movies.