Share of VPC networks with Google Container Engine
I've been looking for an answer to this question for a couple of days now. The image shows what I am trying to do. Basically I want to create a cluster of containers in a service project, but use networking from a shared vpc in the host project. This works with the compute engine just fine, and since the container engine uses the compute engine I can't see it won't work, but the parameters are not configured there.
The end goal is to use this in a hybrid cloud scenario and for each container project we prefer to use a single vpn tunnel instead of creating new ones for each project. It just doesn't scale.
source to share
UPDATE This is now officially supported. See Adam McDonald's answer .
I wanted to implement the same setup, but it looks like GKE in service projects using a generic VPC is currently not supported:
General VPC limitations
- A quota of 100 shared VPC host projects per cloud organization.
- A quota of 100 service projects tied to any shared VPC host project.
- External load balancing is not supported across projects. This means that the front end of the load balancer must exist in the same project as the backends, but backend instances in service projects can be created on the shared VPC of the host project.
- GKE clusters in a service project linked to a shared VPC are not supported.
- GAE Flexible is not supported in a service project associated with a general VPC network.
- The deployment manager is limited to managing resources within a single project.
https://cloud.google.com/compute/docs/shared-vpc/provisioning-shared-vpc#shared_vpc_limitations
source to share
Shared VPC is now supported in Google Kubernetes. See https://cloudplatform.googleblog.com/2018/05/Introducing-Shared-VPC-for-Google-Kubernetes-Engine.html
source to share
You can now do it natively! https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-shared-vpc
source to share