Planning Google Cloud Platform (GCP) Compute Resources
Categorizing GCP compute resources to understand them.
GCP offers a range of compute resources and thus it is challenging to determine which to use. To help differentiate them, here we categorize them based on the following factors:
- Container: Capable of running containerized workloads
- Access: SSH access to underlying virtual instance
- VPC: Direct Virtual Private Cloud (VPC) connectivity
- vCPU Pricing: Pricing based to vCPU allocation
Those resources that do not have direct VPC connectivity still can use Serverless VPC Access to connect to VPC Networks.
vCPU Pricing is in contrast to pricing based on compute time; compute time is measured from the time your workload receives a request to the time it completes.
Google Compute Engine (GCE)
While one does not typically think of GCE Instances running containerized workloads, one certainly could install a container engine, e.g., Docker, on a GCE Instance and use it to run a containerized workload. GCE also more directly supports running containerized workloads.
You can configure a virtual machine (VM) instance or an instance template to deploy and launch a Docker container. Compute Engine supplies an up-to-date Container-Optimized OS (COS) image with Docker installed and launches your container when your VM starts.
Here we do not have an underlying virtual instance per-se; we rather have the GCE Instance itself. We have SSH access to it.
Compute Engine uses key-based SSH authentication to establish connections to Linux virtual machine (VM) instances
GCE Instances are associated with a Subnet of a VPC.
Each network interface of a Compute Engine instance is associated with a subnet of a unique VPC network.
As one might expect GCE pricing is, principally, driven by the allocation of vCPU.
Google Kubernetes Engine (GKE) Standard
Kubernetes is designed to run containerized workloads and GKE is Google’s managed Kubernetes offering.
Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
GKE Standard Nodes run on GCE Instances; thus the Access and VPC factors are the same as for GCE.
Google Kubernetes Engine (GKE) provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure. The GKE environment consists of multiple machines (specifically, Compute Engine instances) grouped together to form a cluster.
Other than the relatively low cluster management fee, GKE Standard’s pricing is based on the GCE Instances underlying the Nodes; thus the vCPU Pricing is the same as for GCE.
In Standard mode, GKE uses Compute Engine instances worker nodes in the cluster. You are billed for each of those instances according to Compute Engine’s pricing, until the nodes are deleted. Compute Engine resources are billed on a per-second basis with a one-minute minimum usage cost.
Google Kubernetes Engine (GKE) Autopilot
GKE Autopilot is much like GKE Standard except that its Nodes run on virtual instances that one does not have access to; i.e., one does not have SSH access.
Autopilot is a new mode of operation in Google Kubernetes Engine (GKE) that is designed to reduce the operational cost of managing clusters, optimize your clusters for production, and yield higher workload availability. The mode of operation refers to the level of flexibility, responsibility, and control that you have over your cluster. In addition to the benefits of a fully managed control plane and node automations, GKE offers two modes of operation:
Autopilot: GKE provisions and manages the cluster’s underlying infrastructure, including nodes and node pools, giving you an optimized cluster with a hands-off experience.
Standard: You manage the cluster’s underlying infrastructure, giving you node configuration flexibility.
The virtual instances underlying the Nodes are associated with a Subnet of a VPC Network.
Networking Pre-configured: VPC-native (alias IP)
Instead of GKE Standard’s pricing based on Nodes, GKE Autopilot’s pricing is based on Pods provisioned resources; thus still vCPU Pricing.
Autopilot clusters accrue a flat fee of $0.10/h per cluster for each cluster after the free tier, plus the CPU, memory and ephemeral storage compute resources that are provisioned for your Pods. The amount of pod resources provisioned is based on the resource requests of the Kubernetes PodSpec. You are not charged for system Pods, the operating system overhead, or unallocated space. All Autopilot resources are charged in 1 second increments, there is no minimum charge.
App Engine Flexible Environment
In addition to the language-specific runtimes, App Engine Flexible Environment supports running Docker containers. Also, as it runs on GCE Instances; thus the Access and VPC factors are the same as for GCE.
App Engine flexible environment instances are Compute Engine virtual machines, which means that you can take advantage of custom libraries, use SSH for debugging, and deploy your own Docker containers.
App Engine Flexible Environment pricing is based on GCE Instances; thus it is vCPU Pricing.
Apps running in the flexible environment are deployed to virtual machine types that you specify. These virtual machine resources are billed on a per-second basis with a 1 minute minimum usage cost.
App Engine Standard Environment
App Engine Standard Environment is limited to one of several runtimes; thus does not support running arbitrary containerized workloads. It also runs on virtual instances that one does not have access to; i.e., one does not have SSH access.
The App Engine standard environment is based on container instances running on Google’s infrastructure. Containers are preconfigured with one of several available runtimes.
The App Engine Standard Environment workloads do not have direct VPC connectivity.
Connecting to a Shared VPC network for App Engine Standard environment
App Engine Flexible Environment pricing is based on the instance class; thus it is vCPU Pricing.
The billing rate depends on the instance class you specify for your app.
Cloud Run runs containerized workloads.
Develop and deploy highly scalable containerized applications on a fully managed serverless platform.
The Cloud Run workloads run on Google managed infrastructure; thus one does not have SSH access.
Cloud Run abstracts away all infrastructure management by automatically scaling up and down from zero almost instantaneously — depending on traffic. Cloud Run only charges you for the exact resources you use.
The Cloud Run workloads do not have direct VPC connectivity.
Connecting to a Shared VPC network for Cloud Run
Cloud Run pricing is based on compute time.
Cloud Run charges you only for the resources you use, rounded up to the nearest 100 millisecond. Note that each of these resources have a free tier. Your total Cloud Run bill will be the sum of the resources in the pricing table.
Cloud Functions do not run containerized workloads. They also run on Google managed infrastructure; thus one does not have SSH access.
Google Cloud Functions is a serverless execution environment for building and connecting cloud services. With Cloud Functions you write simple, single-purpose functions that are attached to events emitted from your cloud infrastructure and services. Your function is triggered when an event being watched is fired. Your code executes in a fully managed environment. There is no need to provision any infrastructure or worry about managing any servers.
The Cloud Function workloads do not have direct VPC connectivity.
Connecting to a Shared VPC network for Cloud Functions
Cloud Functions pricing is based on compute time.
Cloud Functions are priced according to how long your function runs, how many times it’s invoked and how many resources you provision for the function.