Google Announces VPC-Native Clusters for Kubernetes Engine
These VPC-native clusters make it easy to create enterprise-level systems that are capable of scaling to meet high levels of demand, while also ensuring the security of the applications and data that are contained within the clusters. This is possible due to support for Alias IP routing, which enables admins to assign a range of internal IP addresses to resources within a cluster.
While the Google Cloud Platform has offered the ability to use Alias IPs for a while now, it wasn’t previously available for Google’s Kubernetes Engine. And as a result of this addition, admins can expect improved scalability, as the VPC control panel takes care of routing traffic along routes that are used for Pod networking.
As a result of this update, admins can expect enhanced scaling abilities, with VPC-native clusters not having quotas or limits when it comes to Routes. This allows for admins to increase the size of a VPC-native cluster without having to worry about performance degradation or other issues related to increased bandwidth.
Alias IP also enables Google’s Kubernetes Engine Pods to have direct access to other Google Cloud Platform services, including Google Cloud Storage and Google’s BigQuery data warehouse among other services that are served from the googleapis.com domain.
In terms of security, Alias IP lets users perform anti-spoofing checks for the nodes that are contained within a cluster, checking traffic to ensure that it was not sent from potentially malicious sources.
Another benefit of this update is that admins no longer have to worry about the possibility of inadvertently allocating their VPC IP space twice. And should they require it, admins also have more granular control over IP subnet assignments, without having to worry about potential IP address conflicts with VPC pods and other resources, as Google Cloud Platform has built-in checks that are designed to prevent this.
For those organizations that are using a hybrid configuration, Alias IP subnets can also be used to connect a Kubernetes Engine cluster to on-site resources.
With many organizations choosing hybrid or cloud-based solutions for storing data and building applications, it’s crucial that organizations do what it takes to ensure not only the security of the data and applications but also that users are able to access what that they need when they need it.
While there are a variety of companies that offer cloud storage and processing services, the recent updates to Google’s Kubernetes Engine show that those who choose Google’s Cloud Platform services will be able to meet the demands of users, even under increased load, while also ensuring that the data and applications are being accessed only by those who require access.