Google Kubernetes Engine (GKE) Module

The GKE module provisions a managed Kubernetes cluster within GCP, providing a scalable container orchestration platform for LogScale deployment. GCP uses Strimzi operator for Kafka deployment directly within the Kubernetes cluster.

Key Components:

Google Managed Certificates: Manages SSL/TLS certificates automatically through Google's certificate management service, eliminating the need for manual certificate provisioning and renewal. The certificates are automatically provisioned and renewed by Google Cloud.
IAM Roles and Workload Identity: Configures and manages the following IAM roles and workload identity bindings for GKE and associated services:
Workload Identity Service Account:
- Assumed by LogScale service accounts for secure access to GCP services
- Configured with roles/storage.admin and roles/storage.objectUser for Cloud Storage access
- Enables secure authentication without storing service account keys in containers
Terraform Service Account:
- Used for Terraform operations with appropriate permissions
- Includes roles/storage.objectAdmin, roles/editor, and roles/container.admin

Versions of this Page

Deployment Overview

Planning Your Deployment

Instance Sizing

Authentication and identity providers

Other authentication methods

Storage Architecture

Installing Using Containers

Installing On Bare Metal or Cloud Instance

Reference Architectures

Installing Load Balancers

Deploying Auxiliary Services

Configuration Settings

Managing Your Deployment

Testing Your Deployment

Google Kubernetes Engine (GKE) Module

Enter search term