Google Cloud Platform (GCP) Reference Architecture

Note

The CrowdStrike GCP Reference Architecture automations can be found in the GitHub repository.

Important

If you are using an older version of the Reference Architecture, then you can still read the now deprecated material in the following Knowledgebase Articles:

Use Cases

The logscale-gcp Terraform modules provide the following architecture choices.

Basic use cases:

  • Development, Testing

  • Smaller Search Teams

  • Minimal ingest processing

Dedicated UI use cases:

  • Separated ingress tier

  • Separated UI tier

  • Ingest/Digest on same hosts

Advanced use cases:

  • Dedicated processing tier (ingestion) scaling separate from digest/storage

  • Dedicated UI tier for dashboards and search

  • Segmentation of system responsibilities and independent scaling

Components

All architecture choices rely on the same underlying technologies:

  • Google Kubernetes Engine (GKE) - Managed Kubernetes clusters for container orchestration

  • Google Cloud Load Balancer - Native load balancing for data ingest and UI access

  • Cloud NAT Gateway - Allows egress traffic to pull container images for Kubernetes pods

  • Cloud Storage - Object storage for LogScale data durability and access logs

  • Google Managed Certificates - Automated SSL certificate provisioning and management

  • VPC Network - Provides private, public, and proxy subnets across multiple zones

  • Workload Identity - Secure authentication between GKE workloads and GCP services

  • IAM - Manages roles and policies for GKE and associated services

  • TopoLVM - High-performance local SSD storage provisioner for digest nodes

Kubernetes Apps:

  • cert-manager - For automated certificate provisioning in the environment

  • humio-operator - For provisioning of LogScale clusters in the environment

  • strimzi-operator - For provisioning Kafka broker nodes in Kraft mode

  • External ingress controllers - Native GCP load balancer integration

  • ExternalDNS: For synchronizing exposed Kubernetes Services and Ingresses with Route53

The following guidance box provides links to the main section of this documentation:

Architecture Types

This section describes the supported architecture types.

Requirements

This section describes prerequisites for deploying a Google Cloud Platform (GCP) reference architecture for LogScale.

Terraform Modules

This section describes Terraform modules for deploying the GCP reference architecture.

Build Process

This section describes the build process.