Budget GKE
A brief summary how to set up a Kubernetes cluster at Google without having to use the quite pricey Google Cloud Load Balancer. This follows a blog post from David Griffiths how to set up a Kubernetes cluster at Google while minimizing the cost. The relevant Terraform and Helm files can be found at GitHub.
Is this useful for you?
This might be helpful for development or toy cluster setups.This means in practice, if and only if this is your only Kubernetes cluster and you do not expect huge loads or have the requirement of 99% uptime.Google charges already a relevant amount for any Google Kubernetes engine instance besides the initial one which makes all this rather irrelevant.
Differences to the blog post
While in the aforementioned blog post the Kubernetes cluster is set up manually here we have automated everything using Terraform and Helm charts.Furthermore, in the blog post a handcrafted configured nginx reverse proxy has been deployed to act as ingress. Here we use the free nginx-inc ingress and deploy it on the ingress node pool.This allows the app deployments to specify the reverse proxy routings in their own ingress deployments. This heavily reduces the coupling between the ingress deployment and the application deployments.Having a complete working ingress setup allows us to also fully automate the certificate management. To do so we use LetsEncrypt with cert-manager for automatic SSL certificate management.
A budget-oriented development Kubernetes cluster.
The cluster nodes are marked as being preemptible by default. This reduces costs, but may lead to some downtime.The main work and cost-saving aspect besides the nodes being preemptible is the avoidance of requiring a cloud load balancer. The cluster uses two node pools, one is used by the ingress controller via node selectors and the other one is for additional general usage. Kubeip (deployed via Helm) is used to attach the static IP address to the single node in the ingress node pool. The nginx-inc ingress deployment (the controller pods) is deployed in this node pool. cert-manager is used to obtain a LetsEncrypt certificate and store it as Kubernetes secret.