Google on Tuesday announced GKE Advanced, a new service tier for Google Kubernetes Engine (GKE), its managed Kubernetes service. It includes advanced security features, enhanced usage reporting and support for serverless workloads via Cloud Run on GKE.
Google introduced Cloud Run last week at the Google Next conference as a way to run more enterprise workloads via serverless functions. Google's strength in containerized platforms, and notably Kubernetes, is a competitive advantage for the cloud provider as it competes for business against Amazon Web Services and Microsoft Azure.
GKE Advanced will be released with a free trial later in Q2. The existing version of GKE will be known as GKE Standard and will include all the features and capabilities currently generally available
With Cloud Run on GKE, customers get automatic scaling, networking and routing, logging, and monitoring.
GKE Advanced also makes it easier to scale Kubernetes clusters with two new features. Vertical Pod Autoscaler (VPA) watches resource utilization and adjusts requested CPU and RAM to stabilize workloads. Node Auto Provisioning optimizes cluster resources with an enhanced version of Cluster Autoscaling.
To improve the security of container images, the advanced tier includes Binary Authorization, which requires container images to be signed by trusted authorities during the build and test process. To create an additional layer of defense between Kubernetes clusters and third-party software, GKE Advanced includes GKE Sandbox, a lightweight container runtime based on gVisor.
GKE Advanced also includes usage metering that shows your cluster's resource usage broken down by Kubernetes namespaces and labels. Finally, the new tier is backed by an SLA that guarantees availability of 99.95 percent for regional clusters.