Google Kubernetes Engine is a managed environment for deploying, managing, and scaling containerized applications. GKE is based on the Kubernetes open source container orchestration platform and built on Compute Engine virtual machines. GKE offers features like node auto-repair, load balancing, logging and monitoring, automatic scaling, and automatic upgrades. This page describes the differences between the Trusted Cloud and Google Cloud versions of GKE.
For more detailed information about GKE, see the GKE overview and the rest of the GKE documentation.
You can find recommendations and best practices for using GKE in Trusted Cloud, including recommended alternatives where features differ from Google Cloud, in the Recommendations section.
Key differences
There are some differences between the Trusted Cloud version of GKE and the Google Cloud version. Some notable differences include the following:
- GKE modes: Only GKE Autopilot clusters are available. GKE Standard clusters are unavailable.
- Storage: Only balanced Persistent Disk is available for storage on GKE.
- Compute Engine virtual machines: Only the C3 and A3 machine series are available. Other machine types are unavailable.
A more detailed list of differences is provided in the rest of this section. If you are already familiar with Google Cloud, we recommend that you review these differences carefully, particularly before designing an application to run on Trusted Cloud. We also recommend reviewing the general differences between Google Cloud and your universe in the Trusted Cloud by S3NS overview.
If you would like to use a particular GKE feature that isn't currently available in Trusted Cloud, contact Trusted Cloud support. To be notified when new features roll out in Trusted Cloud, subscribe to the release notes.
Hardware and OS
| Modes of operation | Only GKE Autopilot clusters are available. GKE Standard clusters are unavailable. |
| Compute Engine virtual machines | Only the C3 machine series is available. Other machine types are unavailable. |
| GKE Enterprise | GKE Enterprise is unavailable. This includes management features like fleets and team scopes, and the following features:
|
| GPUs and TPUs | GPUs are available on A3 machine types. TPUs are unavailable. |
| Node pools | The following node configuration features are unavailable:
|
| Release channels | Only the Stable and Regular release channels are available. |
| Maintenance windows and exclusions | You can't schedule maintenance windows or exclusions. |
Availability and disaster recovery
| Regions and zones | Trusted Cloud has only a single region, though with multiple zones. Multi-region features and cross-region failover are not supported. Deployment across multiple zones for resiliency is supported. |
| Storage | The only storage type available is Hyperdisk Balanced. All other storage types are unavailable. |
| Backup for GKE | Backup for GKE is unavailable. |
| Autoscaling | The Performance HPA profile is unavailable. |
Cost management
| Cost optimization metrics | Some cost optimization recommendations might be unavailable. |
Integrations
| Cloud Storage | Transferring data from Cloud Storage by using GKE Volume Populator is unavailable. |
Security
| Security features | The following security features are unavailable:
|
| Sensitive data encryption | Encrypting Secrets at the application layer is not supported. |
Network
| IP addressing | Only VPC-native clusters are supported. Route-based clusters are unavailable. |
| Maximum Pods per node | There is a maximum limit of 32 Pods per node. |
| Network isolation | The following customization options for network isolation are unavailable:
|
| Application exposure | GKE Ingress controller is unavailable. |
| Multi-cluster networking | Multi Cluster Ingress and multi-cluster Services (MCS) are unavailable. | Observability | GKE Dataplane V2 observability tools are unavailable. |
| Load balancing | Weighted load balancing is unavailable. |
| IP ranges | The available IP address ranges, such as for ingress firewall rules, depend on your environment, as follows:
|
Workloads
| Predefined compute classes | Only the general-purpose and Accelerator compute classes are available.
All other predefined compute classes are unavailable. Custom compute classes are unavailable.
|
Insights and observability
| Logging and monitoring | Workload metrics are unavailable. |
| Google Cloud Observability | All Google Cloud Observability integrations and dashboards are unavailable. |
| Cluster notifications | Cluster notifications are unavailable. |
AI/ML features
| Ray Operator | The Ray Operator for GKE is unavailable. |
| Parallelstore | Parallelstore for GKE is unavailable. |
Recommendations
Related guides
The following information might also affect how you use and design for GKE in Trusted Cloud by S3NS. These guides include general information about working in Trusted Cloud, including documentation, security and access control, billing, tooling, and service usage.
For details about other services and features in Trusted Cloud and their differences from their Google Cloud counterparts, see the product list.