multitenat fleet readme, first pass
This commit is contained in:
parent
2ddd68ee2a
commit
1e8ec71d54
|
@ -1,6 +1,30 @@
|
||||||
# GKE Multitenant Module
|
# GKE Multitenant Example
|
||||||
|
|
||||||
TODO: add brief explanation and refer back to dev folder?
|
This example presents an opinionated architecture to handle multiple homogeneous GKE clusters. The general idea behind this example is to deploy a single project hosting multiple clusters leveraging several useful GKE features. This pattern is useful, for example, in cases where multiple clusters host/support the same workloads, such as in the case of a multi-regional deployment.
|
||||||
|
|
||||||
|
In addition to supporting multiple clusters, the architecture assumes that multiple tenants (e.g. teams, applications) will share the cluster. As such, several options are provided to isolate tenants from each other.
|
||||||
|
|
||||||
|
- Private clusters
|
||||||
|
- VPC-native only. Route-based clusters are not (and will not be) supported
|
||||||
|
- Metering enabled, and data is stored in a BQ dataset
|
||||||
|
- DB encryption
|
||||||
|
- Optional gke fleet support with support for workload identity, config sync, hierarchy controller and policy controller
|
||||||
|
- logging monitoring to cloud operations by default
|
||||||
|
- support for groups for gke to allow flexible RBAC policies
|
||||||
|
- optional etcd database encryption with KMS
|
||||||
|
- support to customize peering configuration of the control plane vpc
|
||||||
|
- features enabled by default
|
||||||
|
- workload identity
|
||||||
|
- shielded nodes
|
||||||
|
- dataplane v2
|
||||||
|
- intranode visibility
|
||||||
|
- dns cache
|
||||||
|
- http load balancing
|
||||||
|
- gce persistent disk csi driver
|
||||||
|
- node auto upgrade and auto repair for all nodepools
|
||||||
|
|
||||||
|
|
||||||
|
This example is used as part of the [FAST GKE stage](../../../fast/stages/03-gke-multitenant/) but it can also be used independently if desired.
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
<img src="diagram.png" alt="GKE multitenant">
|
<img src="diagram.png" alt="GKE multitenant">
|
||||||
|
|
Loading…
Reference in New Issue