{"id":12849,"date":"2023-04-27T16:22:41","date_gmt":"2023-04-27T09:22:41","guid":{"rendered":"https:\/\/gcloudvn.com\/?p=12849"},"modified":"2024-05-24T16:03:28","modified_gmt":"2024-05-24T09:03:28","slug":"autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you","status":"publish","type":"post","link":"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/","title":{"rendered":"Autopilot is now GKE\u2019s default mode of operation \u2014 here\u2019s what that means for you"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Ah, Kubernetes. So powerful and yet so much effort to learn and operate. Everyone wants all the goodness but no one is crazy about all the effort. The infrastructure abstraction and scaling is great, but who wouldn\u2019t love less manual node shaping and endless bin packing for cost optimization?<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Google <\/span><span style=\"font-weight: 400;\">introduce<\/span><span style=\"font-weight: 400;\"> Autopilot mode for <\/span><a href=\"https:\/\/gcloudvn.com\/en\/google-kubernetes-engine-gke\/\"><span style=\"font-weight: 400;\">Google Kubernetes Engine<\/span><\/a> <span style=\"font-weight: 400;\">(GKE) in 2021 precisely to address this conundrum. Autopilot is a cluster mode of operation that puts Kubernetes in the hands of mere mortals. Whether you tried Autopilot mode back then or have been waiting to get in on the action, a lot has changed and it\u2019s time for a fresh look. That\u2019s because Autopilot got a big promotion \u2014 it\u2019s now officially the default and recommended mode of GKE cluster operation in the cluster creation interface.<\/span><\/p>\n<figure id=\"attachment_12854\" aria-describedby=\"caption-attachment-12854\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-12854\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/1_Autopilot.max-1000x1000-1.png\" alt=\"Why do we recommend Autopilot?\" width=\"600\" height=\"181\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/1_Autopilot.max-1000x1000-1.png 1000w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/1_Autopilot.max-1000x1000-1-768x232.png 768w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/1_Autopilot.max-1000x1000-1-18x5.png 18w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><figcaption id=\"caption-attachment-12854\" class=\"wp-caption-text\"><em>Why do we recommend Autopilot?<\/em><\/figcaption><\/figure>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Simply put, we believe Autopilot is the best cluster mode for most Kubernetes use cases.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This blog post is the first in a series where we\u2019ll explore why GKE Autopilot is the recommended mode of operation. Throughout the series, we\u2019ll explore use cases and implementation patterns to help you get the most from Autopilot. In this blog post, we cover why Autopilot is the recommended mode from the standpoint of value to our customers.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">In a nutshell, Autopilot provides improvements in the following areas:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Faster time to market<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Always on reliability<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Improved security posture<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Lowest total cost of ownership (TCO) for Kubernetes<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Let\u2019s take a deeper look at each of these benefits.<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/#Thoi_gian_dua_ung_dung_ra_thi_truong_nhanh_hon\" >Faster time to market<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/#Luan_tin_cay\" >Always on reliability<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/#Cai_thien_bao_mat\" >Improved security posture<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/#Chi_phi_so_huu_thap_nhat_cho_Kubernetes\" >Lowest TCO for Kubernetes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/autopilot-is-now-gkes-default-mode-of-operation-heres-what-that-means-for-you\/#Toi_co_the_lam_gi_voi_Autopilot\" >What can I do with Autopilot?<\/a><\/li><\/ul><\/nav><\/div>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Thoi_gian_dua_ung_dung_ra_thi_truong_nhanh_hon\"><\/span><b>Faster time to market<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">GKE Autopilot streamlines Kubernetes operations and developer impacts, resulting in faster build and deployment. But don\u2019t take our word for it, Forrester Research recently <\/span><span style=\"font-weight: 400;\">analyzed companies using Autopilot and concluded they had a 45% improvement in developer productivity. Teams using Autopilot were able to focus on business-value-generating activities while leaving undifferentiated Kubernetes operations toil to Google.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">How exactly? Autopilot simplifies the consumption model with <\/span><span style=\"font-weight: 400;\">compute classes<\/span><span style=\"font-weight: 400;\">, allowing developers to provision a wide range of resources and target CPU platforms directly in the workload definition (podSpec). Platform teams can confidently leave this to developers, as Autopilot automatically spins up the needed infrastructure and configures the needed taints and tolerations.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12853\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/2_Autopilot.max-900x900-1.png\" alt=\"Google Kubernetes Engine (GKE) sets Autopilot as default operating mode 2\" width=\"600\" height=\"249\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/2_Autopilot.max-900x900-1.png 900w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/2_Autopilot.max-900x900-1-768x318.png 768w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/2_Autopilot.max-900x900-1-18x7.png 18w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/>No need for deep Kubernetes cluster administration expertise: We also made Autopilot easy for less experienced teams to operate. Autopilot clusters are provisioned with sensible default configurations appropriate for most production use cases. This greatly reduces the Kubernetes learning curve and allows customers that are new to Kubernetes to adopt it with confidence. Autopilot customers are able to deploy containerized applications 2.6x faster than competitive platforms1.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Reduced overhead of Day 2 operations: We manage your Kubernetes node pools and nodes for you. Let that sink in for a minute: node provisioning, scaling, maintenance, and security are all handled for you by Google SRE. The nodes are still very much there, in your project purview, you just don\u2019t need to worry about managing them.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Luan_tin_cay\"><\/span><b>Always on reliability<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Workload SLA backed by Google SRE: On top of the awesome SLA that GKE Standard mode provides, Autopilot mode gives you a <\/span><span style=\"font-weight: 400;\">pod-level SLA- (workload-)<\/span><span style=\"font-weight: 400;\"> backed by Google SRE. Google monitors the entire Autopilot cluster control plane, worker nodes and core Kubernetes system components \u2014 and ensures your pods are always scheduled.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Automatic provisioning and scaling: By optimizing for your workload, Autopilot automatically provisions the right resources your workloads need, so you don\u2019t have to figure out node size and shape. Autopilot then scales workloads to meet demand using the Kubernetes tools you already know and love, like HPA and VPA.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Flexible maintenance options: You retain the flexibility to use maintenance windows and exclusions. When coupled with pod disruption budgets, you can effectively control when and how node maintenance happens to avoid inopportune disruptions.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This all results in higher uptime and better results for your workloads. And critically, fleet-wide, we see better cluster and node health on Autopilot.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Cai_thien_bao_mat\"><\/span><b>Improved security posture<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Let\u2019s face it, Kubernetes security is hard. Platform teams often spend a lot of time creating safe environments for developers to use. Autopilot provides a security-focused version of Kubernetes out of the box, with sensible security settings <\/span><span style=\"font-weight: 400;\">enabled by default. This reduces possible attack surfaces, minimizing the impact of CVEs and configuration errors.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Hardened default cluster configuration: Autopilot comes out of the box with strong security best practices. This includes many of Google\u2019s recommended practices from Hardening your cluster\u2019s security.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">While nodes are visible, no privileged access is permitted by workloads or users. There are very few legitimate use cases for root access to nodes and privileged containers on Kubernetes. Autopilot enforces this from the start, while providing exceptions for allowlisted partner workloads.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Shielded Nodes: On by default with GKE Autopilot, <\/span><span style=\"font-weight: 400;\">Shielded Nodes<\/span><span style=\"font-weight: 400;\"> provide strong, verifiable node identity and integrity to increase the security of GKE nodes.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Workload Identity: Autopilot provides <\/span><span style=\"font-weight: 400;\">Workload Identity<\/span><span style=\"font-weight: 400;\"> out of the box, this is the recommended way to have your workloads running on GKE allowed to access services <a href=\"https:\/\/gcloudvn.com\/en\/google-cloud-platform\/\">Google Cloud Platform<\/a> in a secure and manageable way.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Single tenant: To meet governance requirements, the nodes provisioned by Autopilot remain in your project purview, ensuring compliance with governance restrictions while providing more flexibility than multi-tenant architectures.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Chi_phi_so_huu_thap_nhat_cho_Kubernetes\"><\/span><b>Lowest TCO for Kubernetes<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">With traditional managed Kubernetes, you pay for all provisioned infrastructure, regardless of utilization. Most customers overprovision clusters for scaling and do not \u201cbin pack\u201d nodes efficiently. This all results in paying for infrastructure you aren\u2019t using.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12852\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/3_Autopilot.max-1200x1200-1.png\" alt=\"Google Kubernetes Engine (GKE) sets Autopilot as default operating mode 3\" width=\"600\" height=\"436\" srcset=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/3_Autopilot.max-1200x1200-1.png 1200w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/3_Autopilot.max-1200x1200-1-768x557.png 768w, https:\/\/gcloudvn.com\/wp-content\/uploads\/2023\/04\/3_Autopilot.max-1200x1200-1-18x12.png 18w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/>With Autopilot you only pay for what you use (Pod pricing). Billing is based on the resource requests made in the podSpec and no other infrastructure costs are incurred. This completely eliminates the risk of inefficient bin packing!<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Maximized utilization: Traditional managed Kubernetes reserves resources on each node for system workloads, something a customer still pays for. Autopilot also eliminates this waste because you only pay for the workload resource requests, not the entirety of the underlying VM infrastructure.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Reduced operational cost: Remember that Google does the heavy Day 0 and Day 2 operations around node provisioning, scaling and maintenance, in addition to the existing managed control plane and system resources provided by Standard mode. There\u2019s also a lot less your team needs in terms of specific Kubernetes expertise to get started with Autopilot.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">Kubernetes cost optimization often requires continuous effort because workload churn introduces fragmentation in \u201cbin packing\u201d. With Autopilot, you are no longer responsible for bin packing, so the labor overhead associated with bin packing is also eliminated.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Toi_co_the_lam_gi_voi_Autopilot\"><\/span><b>What can I do with Autopilot?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">In short, almost anything.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">GKE Autopilot has had one guiding principle from the start: Autopilot is GKE. This means that every design decision we made ensured that Autopilot did not diverge from the Kubernetes spec or stray from GKE itself. Autopilot is therefore Kubernetes-compliant and supports most Kubernetes workloads including StatefulSets (with block storage devices), DaemonSets (including key partner workloads from Palo Alto Networks, DataDog, Sysdig and more), and <\/span><span style=\"font-weight: 400;\">GPU<\/span><span style=\"font-weight: 400;\"> for AI\/ML workloads. It also supports all the features you need to run your workloads like <a href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/anthos-la-gi-the-manh-cua-anthos-la-gi\/\">Anthos's reach<\/a> Service Mesh, IP Masquerading, Binary Authorization, OPA\/Gatekeeper, Policy Controller, mutating webhooks, Google Managed Prometheus, network tags, etc.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">In the next blog post in this series on GKE Autopilot, we\u2019ll explore some use cases Autopilot is handling for our customers and provide clear examples on how to take advantage of the power of Kubernetes, without all the pain. In the meantime, we invite you to get started with GKE Autopilot and attend our Twitter Spaces for a live discussion on GKE Autopilot.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">Cloud has been and is an inevitable trend in the technology development and optimization system of enterprises. Gimasys - Premier Partner of Google in Vietnam is the unit providing, consulting the structure, designing the optimal Cloud solution for you. For technical support, you can contact Gimasys - Premier Partner of Google in Vietnam at the following information:<\/p>\n<ul style=\"text-align: justify;\">\n<li aria-level=\"1\"><b>Hotline:\u00a0<\/b>0974 417 099 (HCM) | 0987 682 505 (HN)<\/li>\n<li aria-level=\"1\"><b>Email:\u00a0<\/b><a href=\"mailto:gcp@gimasys.com\">gcp@gimasys.com<\/a><\/li>\n<\/ul>\n<p style=\"text-align: right;\"><b>Source: <a href=\"https:\/\/gcloudvn.com\/en\/\">Gimasys<\/a><\/b><\/p>","protected":false},"excerpt":{"rendered":"<p>Th\u1eadt tuy\u1ec7t khi s\u1eed d\u1ee5ng Google Kubernetes Engine (GKE). Tuy nhi\u00ean, ch\u00fang ta c\u1ea7n th\u1eadt nhi\u1ec1u s\u1ee9c l\u1ef1c v\u00e0 r\u1ea5t nhi\u1ec1u th\u1eddi gian \u0111\u1ec3 h\u1ecdc v\u00e0 v\u1eadn h\u00e0nh n\u00f3. Trong th\u1eddi bu\u1ed5i hi\u1ec7n nay, m\u1ecdi doanh nghi\u1ec7p \u0111\u1ec1u mu\u1ed1n m\u1ecdi&hellip;<\/p>","protected":false},"author":2,"featured_media":12860,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1,135],"tags":[],"class_list":["post-12849","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kienthuc","category-google-cloud-platform","entry","has-media"],"_links":{"self":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/12849","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/comments?post=12849"}],"version-history":[{"count":0,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/12849\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media\/12860"}],"wp:attachment":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media?parent=12849"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/categories?post=12849"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/tags?post=12849"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}