A continuation of a walk-through of using Flux to deliver applications in a multi-cluster multi-tenant Kubernetes environment.

This article is a continuation of the article Flux Multi-Cluster Multi-Tenant by Example.

Bootstrap Multi-Cluster Single-Tenant

Here we refactor the Terraform configuration to support bootstrapping multiple clusters but sticking with the single-tenant case. In order to follow along, one will need two Kubernetes Clusters and another empty GitHub Repository.

We download the larkintuckerllc /hello-flux-multi-single-bootstrap Repository.

We create a terraform.tfvar file in the root of the downloaded Repository with the following key / value pairs; we update to match our environment.

Please note: Because Terraform providers…


A walk-through of using Flux to deliver applications in a multi-cluster multi-tenant Kubernetes environment.

Flux — the GitOps family of projects
Flux is a set of continuous and progressive delivery solutions for Kubernetes, and they are open and extensible.

— Flux — Flux

What is GitOps?

Before we dig into Flux, it is important to understand what GitOps is from the perspective of the Flux team.

Principles of GitOps
To start managing your cluster with GitOps workflows, the following must be in place:

#1. The entire system described declaratively.
#2. The canonical desired system state versioned in Git.
#3. Approved changes that can be automatically…


A representative example of an event-driven application on Google Cloud Platform.

The example is an application that automates the creation / deletions of A records in a Google Cloud DNS internal Zone based on Google Compute Engine Instance insert, start, stop, and delete events.

The following diagram illustrates the Google Cloud Platform resources used.


An example of using Kubernetes snapshots.

The examples for this article are available for download. Also, while these examples are specific to Google Kubernetes Engine (GKE), the same concepts apply to other cloud providers, e.g., AWS and Elastic Kubernetes Engine (EKS).

Say we have a Kubernetes workload that requires a large (tens of GB) download (of files) to disk before becoming ready. The natural solution would be to have the workload perform the download. The downside of this approach is the download takes time; delaying the workload’s readiness. In particular, the impact of this delay is multiplied when the workload…


While it is well documented how CPU resource request impact the scheduling of Pods to Nodes, it is less clear of the impact once Pods (and their Containers) are running on a Node.

When thinking about resource requests, one focuses on its impact on scheduling Pods to Nodes.

When you create a Pod, the Kubernetes scheduler selects a node for the Pod to run on. Each node has a maximum capacity for each of the resource types: the amount of CPU and memory it can provide for Pods. The scheduler ensures that, for each resource type, the sum of the…


When using multiple Projects, which Project an API call is attributed to is more complicated than one might think.

When using Google Cloud Platform (GCP), one often thinks about resources, e.g, storage buckets, instances, etc.; less apparent are the API calls made to access them. Even less apparent is that the frequency of these API calls is limited using Rate Quotas.

Rate quotas are typically used for limiting the number of requests you can make to an API or service. …


This is an unusual article as it is principally only exists to deliver and explain a Terraform configuration that can be used as part of a broader investigation of running workloads in a multi-cloud infrastructure; specifically Google Cloud Platform (GCP) and Amazon Web Services (AWS).

The specific requirements of this configuration are:

  • Demonstrate workloads running on virtual machines (VM); i.e., Google Compute Engine (GCE) and Amazon Elastic Compute Cloud (EC2)
  • Demonstrate workloads running on managed Kubernetes, i.e., Google Kubernetes Engine (GKE) and Amazon Elastic Kubernetes Service (EKS)
  • Workloads run on virtual machines (including the Kubernetes nodes) with no public IP…


Operating GKE at scale is a bit harder than you may think.

First let us consider what Google Kubernetes Engine (GKE) is:

Secured and fully managed Kubernetes service with revolutionary autopilot mode of operation.

Google Kubernetes Engine

With this in mind, it sounds like an oxymoron for us to have to manage system workloads on GKE (a fully-managed Kubernetes service).

Shared Responsibility Model

We dive a bit deeper into what Google means by fully managed Kubernetes.

This article is focused on GKE Standard, i.e., not the newer more managed GKE Autopilot. At the same time, it is not clear that Autopilot absolves…


We wrap up this series by exploring one of Traffic Director’s advanced traffic management features.

This article is part of the series that starts with Traffic Director by Example: Part 1.

So far we have used Traffic Director simply for service discovery; here we examine one of the advanced traffic management features documented in Configuring advanced traffic management.

Traffic Splitting

To illustrate Traffic Director’s traffic splitting feature, we will use it to deploy a canary release.

Canary release is a technique to reduce the risk of introducing a new software version in production by slowly rolling out the change to a small…


Using Traffic Director with Google Kubernetes Engine (GKE).

This article is part of the series that starts with Traffic Director by Example: Part 1.

Sidebar into Automatic Envoy Deployments

In the last article, we manually installed the Envoy service proxy for the client on a GCE VM instance. Below, we will manually install it on a GKE pod. At the same time, Traffic Director supports installing the Envoy service proxy automatically for both GCE VM instances and GKE pods.

At the same time, there are clear advantages to the automated installs.

When you use automated Envoy deployment with Compute Engine VMs, the Envoy version installed…

John Tucker

Broad infrastructure, development, and soft-skill background

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store