Skip to main content

Overview

This guide walks you through deploying a production-ready Kubernetes cluster on Google Kubernetes Engine (GKE). GKE provides a fully managed Kubernetes environment with automatic updates, built-in security, and seamless integration with Google Cloud services.

Prerequisites

Before you begin, ensure you have:
  • A Google Cloud Platform (GCP) account with billing enabled
  • gcloud CLI installed (Installation Guide)
  • kubectl installed (Installation Guide)
  • Appropriate IAM permissions to create GKE clusters

Initial Setup

1. Authenticate with Google Cloud

Log in to your Google Cloud account: 
gcloud auth login
This opens your browser to complete the authentication flow.

2. Initialize gcloud Configuration

Set up your default configuration: 
gcloud init
This interactive command will:
  • Select or create a configuration
  • Choose your Google Cloud project
  • Set default compute region and zone

3. Set Your Project

Switch to or confirm your target project: 
gcloud config set project [YOUR_PROJECT_ID]
Replace [YOUR_PROJECT_ID] with your actual GCP project ID.

Creating a GKE Cluster

Standard Cluster Creation

Create a standard GKE cluster using the GCP Console or gcloud CLI:

Using gcloud CLI

gcloud container clusters create exchange-cluster \
  --zone us-central1-a \
  --num-nodes 3 \
  --machine-type e2-standard-4 \
  --disk-size 50 \
  --enable-autoscaling \
  --min-nodes 3 \
  --max-nodes 10 \
  --enable-autorepair \
  --enable-autoupgrade
Production Best Practices:
  • Use at least 3 nodes for high availability
  • Enable autoscaling to handle traffic spikes
  • Enable auto-repair and auto-upgrade for maintenance
  • Choose appropriate machine types based on workload requirements

Using GCP Console

  1. Navigate to Kubernetes Engine > Clusters in the GCP Console
  2. Click Create Cluster
  3. Configure your cluster settings:
    • Name: Choose a descriptive name (e.g., exchange-cluster)
    • Location type: Zonal or Regional
    • Zone/Region: Select based on your users’ location
    • Node pool: Configure size, machine type, and autoscaling
GCP Console - Cluster Overview

View Cluster Status

List all clusters in your project: 
gcloud container clusters list
This displays:
  • Cluster name
  • Location
  • Master version
  • Node count
  • Status

Connecting to Your Cluster

Get Cluster Credentials

Configure kubectl to access your GKE cluster: 
gcloud container clusters get-credentials [CLUSTER_NAME] --location [LOCATION]
Example: 
gcloud container clusters get-credentials exchange-cluster --location us-central1-a
This command:
  • Fetches cluster endpoint and authentication data
  • Updates your kubeconfig file (~/.kube/config)
  • Sets the current context to your cluster

Verify Connection

Test your connection: 
kubectl cluster-info
kubectl get nodes

Managing Multiple Contexts

View all available contexts: 
kubectl config get-contexts
Switch between clusters: 
kubectl config use-context [CONTEXT_NAME]
Example: 
kubectl config use-context gke_my-project_us-central1-a_exchange-cluster

GCP Console Overview

The GCP Console provides powerful visualization and management tools for your GKE cluster.

Cluster Dashboard

GKE Cluster Dashboard
The dashboard shows:
  • Cluster health and status
  • Node pool information
  • Resource utilization
  • Cluster version and configuration

Workloads View

GKE Workloads
Monitor your deployments:
  • Running pods and their status
  • Deployment configurations
  • Resource requests and limits
  • Container logs and events

Services and Ingress

GKE Services
Manage networking:
  • Service endpoints
  • Load balancers
  • Ingress configurations
  • External IPs

Node Pools

GKE Node Pools
Configure compute resources:
  • Node pool size and autoscaling
  • Machine types and configurations
  • Node taints and labels
  • Upgrade strategies

Cluster Configuration

Enable Required APIs

Ensure necessary GCP APIs are enabled: 
gcloud services enable container.googleapis.com
gcloud services enable compute.googleapis.com

Configure Cluster Autoscaling

Update autoscaling settings: 
gcloud container clusters update [CLUSTER_NAME] \
  --enable-autoscaling \
  --min-nodes 3 \
  --max-nodes 10 \
  --location [LOCATION]

Resize Node Pool

Manually adjust node count: 
gcloud container clusters resize [CLUSTER_NAME] \
  --num-nodes 5 \
  --location [LOCATION]

Security Best Practices

Production Security Checklist:
  • Enable Workload Identity for secure GCP service access
  • Use private clusters to restrict public access
  • Enable Binary Authorization for container image verification
  • Configure network policies to control pod-to-pod communication
  • Regularly update to the latest GKE version
  • Use GCP IAM for fine-grained access control

Enable Workload Identity

gcloud container clusters update [CLUSTER_NAME] \
  --workload-pool=[PROJECT_ID].svc.id.goog \
  --location [LOCATION]

Monitoring and Logging

GKE integrates with Google Cloud’s operations suite:
  • Cloud Monitoring: Real-time metrics and alerting
  • Cloud Logging: Centralized log management
  • Cloud Trace: Distributed tracing for microservices
Access logs from kubectl: 
kubectl logs -f deployment/[DEPLOYMENT_NAME]

Upgrading Your Cluster

Check Available Versions

gcloud container get-server-config --location [LOCATION]

Upgrade Control Plane

gcloud container clusters upgrade [CLUSTER_NAME] \
  --master \
  --cluster-version [VERSION] \
  --location [LOCATION]

Upgrade Node Pools

gcloud container clusters upgrade [CLUSTER_NAME] \
  --node-pool [POOL_NAME] \
  --location [LOCATION]

Cost Optimization

Cost-Saving Strategies:
  • Use Preemptible VMs for non-critical workloads (up to 80% savings)
  • Enable cluster autoscaling to match demand
  • Use appropriate machine types (e2 series for general workloads)
  • Set resource requests and limits on pods
  • Delete unused load balancers and persistent disks

Troubleshooting

Common Issues

Cannot connect to cluster: 
# Re-fetch credentials
gcloud container clusters get-credentials [CLUSTER_NAME] --location [LOCATION]

# Verify context
kubectl config current-context
Insufficient quota errors: Check your project quotas in GCP Console under IAM & Admin > Quotas. Node not ready: 
kubectl describe node [NODE_NAME]
kubectl get events --sort-by=.metadata.creationTimestamp

Next Steps

ArgoCD GitOps

Set up continuous deployment with ArgoCD

gcloud CLI Reference

Master essential gcloud commands

Additional Resources

Build docs developers (and LLMs) love

Get started for freeTalk to us