An example of using Kubernetes snapshots.

The examples for this article are available for download. Also, while these examples are specific to Google Kubernetes Engine (GKE), the same concepts apply to other cloud providers, e.g., AWS and Elastic Kubernetes Engine (EKS).

Say we have a Kubernetes workload that requires a large (tens of GB) download (of files) to disk before becoming ready. The natural solution would be to have the workload perform the download. The downside of this approach is the download takes time; delaying the workload’s readiness. In particular, the impact of this delay is multiplied when the workload…


While it is well documented how CPU resource request impact the scheduling of Pods to Nodes, it is less clear of the impact once Pods (and their Containers) are running on a Node.

When thinking about resource requests, one focuses on its impact on scheduling Pods to Nodes.

When you create a Pod, the Kubernetes scheduler selects a node for the Pod to run on. Each node has a maximum capacity for each of the resource types: the amount of CPU and memory it can provide for Pods. The scheduler ensures that, for each resource type, the sum of the…


When using multiple Projects, which Project an API call is attributed to is more complicated than one might think.

When using Google Cloud Platform (GCP), one often thinks about resources, e.g, storage buckets, instances, etc.; less apparent are the API calls made to access them. Even less apparent is that the frequency of these API calls is limited using Rate Quotas.

Rate quotas are typically used for limiting the number of requests you can make to an API or service. …


This is an unusual article as it is principally only exists to deliver and explain a Terraform configuration that can be used as part of a broader investigation of running workloads in a multi-cloud infrastructure; specifically Google Cloud Platform (GCP) and Amazon Web Services (AWS).

The specific requirements of this configuration are:

  • Demonstrate workloads running on virtual machines (VM); i.e., Google Compute Engine (GCE) and Amazon Elastic Compute Cloud (EC2)
  • Demonstrate workloads running on managed Kubernetes, i.e., Google Kubernetes Engine (GKE) and Amazon Elastic Kubernetes Service (EKS)
  • Workloads run on virtual machines (including the Kubernetes nodes) with no public IP…


Operating GKE at scale is a bit harder than you may think.

First let us consider what Google Kubernetes Engine (GKE) is:

Secured and fully managed Kubernetes service with revolutionary autopilot mode of operation.

Google Kubernetes Engine

With this in mind, it sounds like an oxymoron for us to have to manage system workloads on GKE (a fully-managed Kubernetes service).

Shared Responsibility Model

We dive a bit deeper into what Google means by fully managed Kubernetes.

This article is focused on GKE Standard, i.e., not the newer more managed GKE Autopilot. At the same time, it is not clear that Autopilot absolves…


We wrap up this series by exploring one of Traffic Director’s advanced traffic management features.

This article is part of the series that starts with Traffic Director by Example: Part 1.

So far we have used Traffic Director simply for service discovery; here we examine one of the advanced traffic management features documented in Configuring advanced traffic management.

Traffic Splitting

To illustrate Traffic Director’s traffic splitting feature, we will use it to deploy a canary release.

Canary release is a technique to reduce the risk of introducing a new software version in production by slowly rolling out the change to a small…


Using Traffic Director with Google Kubernetes Engine (GKE).

This article is part of the series that starts with Traffic Director by Example: Part 1.

Sidebar into Automatic Envoy Deployments

In the last article, we manually installed the Envoy service proxy for the client on a GCE VM instance. Below, we will manually install it on a GKE pod. At the same time, Traffic Director supports installing the Envoy service proxy automatically for both GCE VM instances and GKE pods.

At the same time, there are clear advantages to the automated installs.

When you use automated Envoy deployment with Compute Engine VMs, the Envoy version installed…


An introduction to Google’s managed service mesh offering.

Assuming that we have a theoretical understanding of service meshes, we then can ask and understand; What is Traffic Director?

Traffic Director is Google Cloud’s fully managed traffic control plane for service mesh. Traffic Director works out of the box for both VMs and containers. It uses the open source xDS APIs to communicate with the service proxies in the data plane, ensuring that you’re never locked into a proprietary interface.

— Google Cloud — Google Cloud networking in-depth: How Traffic Director provides global load balancing for open service mesh

In reading…


It is easy to think about a pod’s container as a black box that consumes the CPU that it provided, but sometimes we need to know a bit more about what is going on under the hood.

Through two example workloads, we will explore their container’s processes and their threads; and why sometimes we need to think about such things.

The Examples

The first example workload, written in Java, provides a gRPC service method of helloworld.Greeter.SayHello. We deploy it into it a Kubernetes cluster using a service and pod. …


Setting up Kubernetes probes for workloads providing gRPC services.

The working example described in this article is available for download.

You have a workload running on Kubernetes that provides gRPC services and are looking to add both a liveness and readiness probe to it. First, we need to remind ourselves what they are and more importantly what they are used for.

Many applications running for long periods of time eventually transition to broken states, and cannot recover except by being restarted. Kubernetes provides liveness probes to detect and remedy such situations.

— Kubernetes — Configure Liveness, Readiness and Startup Probes

John Tucker

Broad infrastructure, development, and soft-skill background

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store