There is no doubt that Google is one of the best managed Kubernetes service provider.
Google has introduced autopilot mode for GKE in General Availability (GA), with this new addition google is taking their game to another level.
Let's explore different modes of operation in GKE.
Modes of Operation
GKE offers 2 modes of operation.
- Standard: You manage the nodes and the infrastructure, security, etc.
- Autopilot: You only manage your applications and deployments.
Standard Mode
In the Standard mode, we manage the nodes, infrastructure, and configurations.
There are 8 components while managing and running the application in Kubernetes.
Out of these, components that are managed by Google in this mode are:
- Control plane provisioning and management
- Control plane updates
- Worker node creation
- Node Upgrades
- OS Patching
This means that you will have to take care for:
- Node Pool specification and configuration
- Worker node management
- Application Management
This means that in standard mode, we have to deal with configuring node pools (number of nodes, machine types, etc.) apart from running the applications.
Autopilot Mode
In Autopilot mode we only manage the deployed application, this means that you only provide the required configuration for
Out of these, components that are managed by Google in this mode are:
- Control plane provisioning and management
- Control plane updates
- Worker node creation
- Node Upgrades
- OS Patching
- Node Pool specification and configuration
- Worker node management
This means that you will have to take care for:
- Application Management
This means that in autopilot mode, we are only concerned about running the applications.
GKE will provision the cluster and computer resources according to the application configurations provided by you.
Security
One of the most important aspects of running a Kubernetes cluster is security, you have to take a number of things into considerations and this is where most organizations struggle (we at Cluephant can help you in this).
In Standard Mode, you have to configure the Kubernetes cluster for security.
while in Autopilot Mode, you get the few security options pre-configured:
But still, there are many security features missing like:
- Application-layer secrets encryption
- Binary authorization
- Customer-managed encryption keys (CMEK)
- Google Group RBAC
- Kubernetes Alpha APIs
- Legacy authentication options
These features can be enabled in Standard Mode but not supported in Autopilot Mode.
SLA and Billing
Standard Mode
- GKE provides different SLAs on hosts and the control plane.
- We are billed for the control plane and the nodes.
Autopilot Mode
- In Addition to SLAs on hosts and the control plane, Autopilot Mode includes an SLA on Pods (99.9%).
- We are billed for per second vCPU, memory and disk used.
Conclusion
While Autopilot provides you an easy-to-use and out-of-the-box ready solution, it still misses a lot of production-critical features.
You can use Autopilot Mode while you are doing testing and don't want the headache of managing the Kubernetes cluster and keep the cost low as you only get billed for the resources you use.
I will still prefer Standand mode over Autopilot Mode for the production environment, as it provides better security, features, integration, and more control.
Thinking of moving to the Cloud?
Let us help you on your cloud journey. Reach out to us at Cluephant.
Achieve FASTER, BETTER results with Cluephant (Cloud Natives).
