See how Google #Kubernetes Engine (#GKE) and AI come together to power real-world applications — faster, smarter, and more securely. Bobby Allen (Google Cloud Therapist) discusses why are enterprises turning to GKE for AI workloads with The New Stack's Frederic Lardinois at #GoogleCloudNext.

Aviation weather for Geilenkirchen Air Base airport (Germany) is “ETNG 251750Z AUTO 25018KT 9999 // FEW041/// BKN250/// BKN320/// 19/10 Q1011” : See what it means on https://www.bigorre.org/aero/meteo/etng/en #germany #geilenkirchenairbaseairport #etng #gke #metar #aviation #aviationweather #avgeek #airport vl

Beautiful weather for takeoff from Geilenkirchen Air Base airport (Germany) “ETNG 141350Z 33010KT CAVOK 23/06 Q1017 NOSIG” : See what it means on https://www.bigorre.org/aero/meteo/etng/en #germany #geilenkirchenairbaseairport #etng #gke #metar #aviation #aviationweather #avgeek #airport vl

Kubernetes 1.33 is available on GKE!🎉

Huge thanks to the amazing team at Google who contributed to the Kubernetes 1.33 release on GKE! 🙌From reliable upgrades to enhancing API server performance, their hard work is driving innovation in the cloud.

Read about their contributions here: https://opensource.googleblog.com/2025/05/kubernetes-1.33-available-on-gke.html
#GKE #Kubernetes #OpenSource

GKE — VPC-Native, Pods и VPC Firewall: Маркетинг против реальности

Привет, Хабр! Google, без преувеличения, изменил мир IT, подарив нам Kubernetes – систему, ставшую де-факто стандартом оркестрации контейнеров. И когда выбираешь управляемый Kubernetes от его же создателей, такой как Google Kubernetes Engine (GKE), ожидания, естественно, высоки. Уж кто-кто, а "первоисточник" должен уметь "готовить" свое детище идеально, предоставляя не только удобство, но и прозрачные, глубоко интегрированные и безопасные решения "из коробки". Особенно когда речь заходит о такой фундаментальной вещи, как сетевое взаимодействие и его безопасность. GKE предлагает два режима работы кластеров: routes-based и VPC-native. Именно VPC-native кластеры позиционируются Google как обеспечивающие более тесную интеграцию с сетью VPC. Как утверждает Google, одно из преимуществ таких кластеров заключается в том, что IP-адреса подов (pods) нативно маршрутизируемы внутри сети VPC кластера и других сетей VPC, подключенных к ней через VPC Network Peering (подробнее см. документацию GKE по IP-алиасам и VPC-native кластерам ). Это вселяет уверенность, что возможности VPC, включая мощный механизм GCP Firewall, будут доступны и для наших подов так же легко и нативно, как для обычных виртуальных машин. Однако, погружаясь в детали настройки контроля сетевого доступа для подов к ресурсам внутри VPC, но внешним по отношению к самому Kubernetes (например, к базам данных Cloud SQL или другим бэкендам), начинаешь сталкиваться с нюансами. Нюансами, которые заставляют усомниться в "бесшовности" этой интеграции. Эта статья – не попытка принизить достижения Google или GKE. Скорее, это повод для всех нас, инженеров, задуматься о тех важных деталях реализации, которые часто остаются "под капотом". Повод погрузиться глубже, понять, как все устроено на самом деле, и какие компромиссы или сложности скрываются за маркетинговыми лозунгами. Ведь чем сложнее архитектура безопасности, тем выше вероятность ошибки конфигурации, особенно если ее компоненты и их взаимодействие не до конца понятны. Если даже у такого гиганта, как Google, в его флагманском продукте для Kubernetes есть подобные неочевидные моменты, то нам, инженерам, работающим с этими системами ежедневно, тем более важно понимать все тонкости для обеспечения надежности и безопасности наших собственных окружений.

https://habr.com/ru/articles/907774/

#kubernetes #gke #firewall #network_security

I just killed our last #JupyterHub #GKE Project in my $DAYJOB. Our #Jupyter compute environments are now all fully on prem.

#Python #DataScience #Kubernetes #Baremetal #RStats #RStudio

I’m working on #Kubernetes these days. Recently, I wrote a series on how one could design a full-fledged testing pipeline targeting #GoogleKubernetesEngine. The second part mentions creating a #GKE instance in the context of a GitHub workflow. In this post, I want to assess #Crossplane by creating such an instance.

https://blog.frankel.ch/feet-wet-crossplane/

Kubernetes Storage Without the Pain: Simplyblock in 15 Minutes

https://www.simplyblock.io/blog/install-simplyblock-hyper-converged/

Finally, here are some practical suggestions. If you use #GKE, bring up a small cluster first just to pull containers, which are cached across clusters. If you are using AWS, #SOCI might help if you don't need to load large data during runtime. On any cloud a SSD is going to always help.

One of the most annoying parts of writing with #gke #kubernetes cluster as opposed to #aws and #azure is that the authentication plugin for kubectl takes as long as 20-30s before I can get a response from the API server.

I can't imagine myself staying with #gcp for more than the upcoming year. 🏃🏼‍♂️

This week’s post is the third and final in my series about running tests on #Kubernetes for each pull request. In the 1st post, I described the app and how to test locally using #Testcontainers and in a #GitHub workflow. The second post focused on setting up #GKE and running end-to-end tests on Kubernetes.

In this post, I’ll show how to benefit from the best of both worlds with #vCluster: a single cluster with testing from each PR in complete isolation from others.

https://blog.frankel.ch/pr-testing-kubernetes/3/

I’m continuing my series on running the test suite for each PR on #Kubernetes. In the previous post, I laid the groundwork for our learning journey.

This week, I will raise the ante:

* Create and configure a #GoogleKubernetesEngine instance
* Create a Kubernetes manifest for the app, with #Kustomize for customization
* Allow the #GitHub workflow to use the #GKE instance
* Build the Docker image and store it in the GitHub Docker repo
* Finally, run the end-to-end test

https://blog.frankel.ch/pr-testing-kubernetes/2/

HOLY MOLEY. I think I've done it. Given the amount of docs on this, I wouldn't be surprised to hear I'm basically the only person on the planet who's got this working!

The crucial bit I'd missed is that even though the GCE ingress terminates SSL, it will - for HTTP/2 only - re-encrypt the connection to your backend. Your backend service therefore needs to be able to talk SSL. Any old cert will do - I generated some self-signed ones.

The thing that took me a day to figure out is that a bad SSL handshake just looks like a network connection failure to the load balancer, so I spent ages doing network debugging.

What. A. Palaver.

#grpc #gke #gcp #tech

Résumé de ma journée à faire du debug #gcp #gke

GKE 在推廣拿 240.0.0.0/4 來當 Private IP 用

看到「Leveraging Class E IPv4 Address space to mitigate IPv4 exhaustion issues in GKE」這篇，GKE 在推 240.0.0.0/4 當作 Private IP 用，可以看到文章裡面一直在說 240.0.0.0/4 跑起來沒有什麼問題，也可以透過 N

https://blog.gslin.org/archives/2024/09/29/12007/gke-%e5%9c%a8%e6%8e%a8%e5%bb%a3%e6%8b%bf-240-0-0-0-4-%e4%be%86%e7%95%b6-private-ip-%e7%94%a8/

#Cloud #Computer #GCP #Murmuring #Network #Service #address #cloud #engine #gke #google #ip #ipv4 #kubernetes #platform #private

NATO Air Base Geilenkirchen Open Day 2017 #photography #awacs #aircraft #avation #avgeek #aviation #aviationphotography #gke #geilenkirchen #military #nato #etng #highlight #militaryaircraft #openday #wearenato (Flickr 01.07.2017) https://www.flickr.com/photos/7489441@N06/34880050474

NATO Air Base Geilenkirchen Open Day 2017 #photography #avgeek #aviation #nato #wearenato #gke #etng #highlight (Flickr 01.07.2017) https://www.flickr.com/photos/7489441@N06/34912020153

Any thoughts on why it takes under 5 minutes to provision a simple 2-node test #cluster on #AKS with #Terraform, but 25-30 mins to do the same on #EKS and #GKE? No hate, but it makes me want to avoid the latter two when I want to test something quickly.

#kubernetes #k8s

I put together a #howto guide which explains how to create a #GKE cluster on Google Cloud using #terraform deployed using #githubactions

This might be of interest to someone, I wrote it so I don’t forget

#devops #tech #sysadmin #tech

https://daveknowstech.notion.site/How-to-Setup-an-automated-GKE-deployment-using-Github-Actions-and-Terraform-4f03b2e99c114beabc2f0ae4ef19f11b

⚠️ Heads up #velero users!

When you're relying on velero using #prometheus metric-based alerts make sure to not only alert on
`velero_backup_failure_total` but also on
`velero_backup_partial_failure_total` 🧐

After running velero reliably for years on #gke our backups suddenly started failing *partially*.

Turns out #GCP must have changed something in AuthN, requiring an additional role to perform disk snapshots.
As this resulted in partial failures only we almost missed it.