GKE Cluster Configuration Reference¶
Detailed reference for the camaradesuk GKE cluster configuration.
Cluster Overview¶
| Setting | Value | Rationale |
|---|---|---|
| Cluster Name | camaradesuk | Organization-level naming |
| Provider | Google Kubernetes Engine (GKE) | Team familiarity, GSM integration |
| Project | camarades-net | Existing GCP project |
| Location | europe-west2-a (London) | Data residency, low latency |
| Kubernetes Version | Auto (Regular channel) | Automatic updates, stable releases |
Node Configuration¶
| Setting | Value | Rationale |
|---|---|---|
| Machine Type | e2-standard-2 | 2 vCPU, 8 GB RAM - right-sized for workload |
| Initial Nodes | 3 | Minimum for ArgoCD HA |
| Autoscaling | 3-6 nodes | Cost optimization with headroom |
| Disk Size | 100 GB pd-standard | Sufficient for container images and logs |
| Preemptible | No (currently) | Reliability during migration |
Feature Configuration¶
Workload Identity¶
Enabled: Yes
Pool: camarades-net.svc.id.goog
Purpose: Secure authentication for pods to access Google Cloud services (e.g., Secret Manager).
Usage: External Secrets Operator uses Workload Identity to fetch secrets from Google Secret Manager.
Vertical Pod Autoscaling (VPA)¶
Enabled: Yes
Purpose: Automatically right-size pod resource requests based on actual usage.
Status: Enabled at cluster level, VPA objects created per-service.
Shielded Nodes¶
Enabled: Yes Secure Boot: Enabled Integrity Monitoring: Enabled
Purpose: Enhanced node security with verified boot and runtime integrity.
Auto-Upgrade and Auto-Repair¶
Both Enabled: Yes Maintenance Window: Daily at 03:00 UTC
Purpose: Automatic security patches and node health management.
Network Configuration¶
| Setting | Value |
|---|---|
| Network | default |
| Subnetwork | default |
| IP Allocation | Automatic |
| Cluster CIDR | Auto-assigned |
| Services CIDR | Auto-assigned |
Addons¶
- ✅ Horizontal Pod Autoscaling - Automatic pod scaling based on CPU/memory
- ✅ HTTP Load Balancing - GKE Ingress controller
- ✅ GCE Persistent Disk CSI Driver - Modern persistent volume driver
Cost Analysis¶
Estimated Monthly Cost (as of 2025-11-12):
| Component | Cost |
|---|---|
| GKE Control Plane | $73/month |
| Compute (3 × e2-standard-2) | $162/month |
| Storage & Networking | ~$25/month |
| Total | ~$260/month |
Cost Optimization Opportunities: - Preemptible nodes: ~$100/month savings (40% reduction) - Right-sized workloads: Autoscaler may scale down to 3 nodes permanently - Sustained use discounts: Automatic 20-30% discount
Comparison to Legacy Cluster¶
| Aspect | Legacy (camarades) | New (camaradesuk) |
|---|---|---|
| Nodes | 10 nodes | 3-6 nodes (autoscaling) |
| Machine Types | Mixed (c2, e2) | e2-standard-2 (uniform) |
| Preemptible | 70% preemptible | 0% (future: mixed) |
| Workloads | 168 pods (Jenkins X) | ~35-50 pods (GitOps) |
| Cost | ~$435/month | ~$260/month (-40%) |
| Management | Manual (gcloud) | Terraform (IaC) |
Configuration Files¶
All configuration is defined in Terraform in the camarades-infrastructure repository:
- main.tf - Cluster and node pool resources
- variables.tf - Configurable values
- outputs.tf - Cluster information exports
Modification Guide¶
To change cluster configuration:
- Edit
terraform/main.tforterraform/variables.tf - Run
terraform planto review changes - Run
terraform applyto apply changes - Update this document to reflect the change
See Terraform Guide for detailed instructions.
Related Documentation¶
- Terraform Guide - How to use Terraform
- ADR-003: Cluster Architecture - Design decisions
- GKE Cluster Analysis - Legacy cluster analysis