Sameness and trust

1. Sameness and trust

With fleets, you can view and control clusters from a single view in the Google Cloud Console. But fleets are more than just groups of clusters. They rely on sameness and trust to provide a foundation for advanced multi-cluster management capabilities. Within a fleet of clusters, some Kubernetes objects that have the same name, like namespaces, are treated equally, even if they are in different clusters. This is called sameness, and it simplifies fleet management. For example, you can use Policy Controller to apply a security policy to all fleet services with the namespace foo, regardless of where the clusters are located. Another key principle is trust. When clusters and teams trust each other, resources can be managed at the fleet level instead of individually configuring each cluster. This simplifies management and allows for consistent policies across all environments. Organize your fleet based on your organization's unique technical and operational requirements. Each fleet is associated with a Google Cloud project called the fleet host project. This project is primarily used to manage and view your fleet, but it can also include clusters from other projects. For example, you can use fleets for your production, test, and development environments, or for different departments in your company. Within each fleet, you can use scopes to control access and manage different teams. Clusters with services that frequently communicate with each other have significant advantages when managed in a fleet. To improve resource management and security, align your Kubernetes clusters with your environment. Create dedicated fleets for production, development, and other environments. This isolation enhances stability and allows for environment-specific optimizations. Strive for the largest possible fleet size that preserves sameness and trust, which allows for scalability and easier management. When you need more granular access control, Cloud Service Mesh provides that flexibility. We have mentioned teams a couple of times in this module. A team is a way to organize and manage access to your fleet resources. For example, we can have two teams, a backend team and a frontend team. Each team has access to resources within the cluster. This can include some resources that may be shared with other teams, such as with cluster 2, and some that are not shared, such as with clusters 1 and 3. Teams might go against the principles of sameness within GKE for several reasons, even though sameness is designed to simplify management and ensure consistency. Advantages of using teams to organize and manage access to your fleet resources include compliance and regulatory requirements, development and testing differences, varying application requirements, organizational silos and autonomy, and technical debt and legacy systems. We will examine teams in more detail later in this course.

2. Let's practice!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.

Manage Scalable Workloads in GKE

AdvancedSkill Level

0.0+

0 reviews

In this introduction, you'll explore the course goals and preview each section.

Exercise 1: Course introduction