GKE - Google Kubernetes Engine

Plan Deploy And Manage Workloads On GKE

Section Introduction

Welcome to your guide on optimizing workloads in Google Kubernetes Engine (GKE). In this tutorial, you’ll learn how to plan, deploy, and operate a variety of workloads—ranging from stateless services to stateful applications and batch jobs—while ensuring performance, scalability, and resilience.

The image is a diagram illustrating "Effective Workload Management" with GKE, focusing on planning, deploying, and managing for performance, scalability, and resilience.

Table of Contents


Workload Planning

Before you deploy to GKE, identify which workload type best fits your application requirements:

Workload TypeUse CaseKubernetes Resource
StatelessWeb front-ends, APIsDeployment
StatefulDatabases, message queuesStatefulSet
BatchData processing, CI/CD tasksJob / CronJob
DaemonNode log collection, monitoring agentsDaemonSet

Stateless vs. Stateful

Stateless applications can scale horizontally without preserving local state.
Stateful workloads require stable network identities and persistent storage.

# Stateless Deployment example
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels: { app: nginx }
  template:
    metadata: { labels: { app: nginx } }
    spec:
      containers:
      - name: nginx
        image: nginx:latest

Batch Jobs

Batch workloads run to completion, ideal for data processing or scheduled tasks.

apiVersion: batch/v1
kind: Job
metadata:
  name: data-processor
spec:
  template:
    spec:
      containers:
      - name: processor
        image: gcr.io/my-project/data-processor:latest
      restartPolicy: OnFailure

Note

Use CronJob for recurring batch tasks, e.g., nightly backups or ETL pipelines.

DaemonSets

DaemonSets ensure one pod per node (or per subset of nodes), perfect for logging agents and metrics collectors.

apiVersion: apps/v1
kind: DaemonSet
metadata: { name: fluentd-logger }
spec:
  selector: { matchLabels: { app: fluentd } }
  template:
    metadata: { labels: { app: fluentd } }
    spec:
      containers:
      - name: fluentd
        image: fluentd:v1.9

Node Taints and Tolerations

Taints and tolerations let you control which pods can schedule onto which nodes, improving resource utilization and workload isolation.

The image is a diagram illustrating "Effective Workload Management" in GKE using "Node Taints," highlighting their importance and benefits for workload distribution and resource optimization.

  • Taint: Applied to a node to repel pods
  • Toleration: Added to pod specs to allow scheduling onto tainted nodes
kubectl taint nodes node-1 key=value:NoSchedule
# Pod toleration example
apiVersion: v1
kind: Pod
metadata: { name: critical-app }
spec:
  tolerations:
  - key: "key"
    operator: "Equal"
    value: "value"
    effect: "NoSchedule"
  containers:
  - name: app
    image: gcr.io/my-project/critical-app:latest

Warning

A pod without a matching toleration won’t schedule on a tainted node. Double-check your keys and effects.


Rolling Updates in GKE

Rolling updates ensure zero-downtime deployments by gradually replacing old pods with new versions.

apiVersion: apps/v1
kind: Deployment
metadata: { name: web-app }
spec:
  replicas: 5
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 2
  template:
    metadata: { labels: { app: web-app } }
    spec:
      containers:
      - name: web
        image: gcr.io/my-project/web-app:v2.0

Key parameters:

  • maxUnavailable: Pods that can be down during the update
  • maxSurge: Additional pods to spin up above the desired replicas

Further Reading

For best practices on securing and optimizing your GKE workloads, visit the GKE Documentation.

Watch Video

Watch video content

Previous
Control encryption of sensitive data on GKE