Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Cloud Computing

Google Announces VPC-Native Clusters for Kubernetes Engine

In a recent post on the Google Cloud Platform blog, Google announced the ability for admins to create native Virtual Private Cloud clusters within Google Kubernetes Engine.



Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

These VPC-native clusters make it easy to create enterprise-level systems that are capable of scaling to meet high levels of demand, while also ensuring the security of the applications and data that are contained within the clusters. This is possible due to support for Alias IP routing, which enables admins to assign a range of internal IP addresses to resources within a cluster.

While the Google Cloud Platform has offered the ability to use Alias IPs for a while now, it wasn’t previously available for Google’s Kubernetes Engine. And as a result of this addition, admins can expect improved scalability, as the VPC control panel takes care of routing traffic along routes that are used for Pod networking.

As a result of this update, admins can expect enhanced scaling abilities, with VPC-native clusters not having quotas or limits when it comes to Routes. This allows for admins to increase the size of a VPC-native cluster without having to worry about performance degradation or other issues related to increased bandwidth.

Alias IP also enables Google’s Kubernetes Engine Pods to have direct access to other Google Cloud Platform services, including Google Cloud Storage and Google’s BigQuery data warehouse among other services that are served from the domain.

In terms of security, Alias IP lets users perform anti-spoofing checks for the nodes that are contained within a cluster, checking traffic to ensure that it was not sent from potentially malicious sources.

Another benefit of this update is that admins no longer have to worry about the possibility of inadvertently allocating their VPC IP space twice. And should they require it, admins also have more granular control over IP subnet assignments, without having to worry about potential IP address conflicts with VPC pods and other resources, as Google Cloud Platform has built-in checks that are designed to prevent this.

For those organizations that are using a hybrid configuration, Alias IP subnets can also be used to connect a Kubernetes Engine cluster to on-site resources.

With many organizations choosing hybrid or cloud-based solutions for storing data and building applications, it’s crucial that organizations do what it takes to ensure not only the security of the data and applications but also that users are able to access what that they need when they need it.

While there are a variety of companies that offer cloud storage and processing services, the recent updates to Google’s Kubernetes Engine show that those who choose Google’s Cloud Platform services will be able to meet the demands of users, even under increased load, while also ensuring that the data and applications are being accessed only by those who require access.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: