GCP / Google Kubernetes Engine (GKE)
DevOpsGenie supports Google Kubernetes Engine (GKE) as a first-class deployment target. This section covers GKE cluster provisioning with Terraform, Workload Identity Federation for pod-level GCP API access, and GKE Autopilot for serverless node management.
Why GKE
GKE was the first managed Kubernetes service and remains one of the most mature. Key advantages for DevOpsGenie deployments:
- GKE Autopilot — fully managed nodes with automatic scaling, security hardening, and bin-packing
- Workload Identity — pods assume GCP Service Accounts without key files
- Binary Authorization — enforce container image signing policies at admission
- GKE Enterprise — multi-cluster fleet management with Anthos
DevOpsGenie on GKE uses:
- Terraform Google provider for GKE, VPC, IAM, and Artifact Registry
- Workload Identity for pod-level GCP service account binding
- GKE Autopilot for workload nodes (or Standard mode node pools)
- Config Connector for managing GCP resources as Kubernetes objects (optional)
GCP-Specific Architecture
GCP Project: devopsgenie-production
├── VPC Network
│ ├── GKE Subnet (10.100.0.0/20)
│ │ ├── Secondary Range: pods (10.200.0.0/14)
│ │ └── Secondary Range: services (10.204.0.0/20)
│ └── Private Service Access → Cloud SQL, Memorystore
│
├── GKE Cluster (Autopilot or Standard)
│ ├── Control Plane (Google-managed, regional HA)
│ └── Node Pools (Autopilot: Google-managed | Standard: user-managed)
│
└── Supporting Services
├── Artifact Registry (container images)
├── Secret Manager (runtime secrets)
├── Cloud Monitoring + Cloud Logging
└── Cloud Armor (WAF for GLB)
Supported GCP Regions
| Region | Location | Notes |
|---|---|---|
us-central1 | Iowa, US | Primary US multi-zone |
us-east1 | South Carolina, US | US East |
europe-west1 | Belgium | EU GDPR-friendly |
europe-west4 | Netherlands | EU data residency |
asia-southeast1 | Singapore | APAC primary |
australia-southeast1 | Sydney | ANZ workloads |
Supported GKE Versions
DevOpsGenie tracks the GKE Regular release channel:
| Kubernetes Version | GKE Channel | DevOpsGenie Support |
|---|---|---|
| 1.30 | Regular | ✅ Supported |
| 1.29 | Regular | ✅ Supported |
| 1.28 | Stable | ✅ Supported |
Prerequisites
- Google Cloud SDK (
gcloud) configured with a project - Terraform ≥ 1.6
- kubectl ≥ 1.27
- Helm ≥ 3.12
- GCP project with billing enabled and required APIs activated
# Activate required APIs
gcloud services enable \
container.googleapis.com \
artifactregistry.googleapis.com \
secretmanager.googleapis.com \
iam.googleapis.com \
cloudresourcemanager.googleapis.com
Next Steps
- GKE Cluster Setup — provision a GKE cluster with Terraform
- Workload Identity — bind pods to GCP Service Accounts
- GKE Autopilot — fully managed, serverless GKE nodes