Jump to Content
Containers & Kubernetes

Use your favorite DevOps and security solutions with GKE Autopilot out of the box

December 14, 2021
Manisha Verma

Partnerships Manager

William Denniss

Group Product Manager, Google Kubernetes Engine

Organizations that are modernizing with the cloud are increasingly looking for ways to simplify and automate container orchestration with high levels of security, reliability and scalability. GKE Autopilot, which became generally available earlier this year, is a revolutionary mode of operations for managed Kubernetes that makes this possible, reducing the need for hands-on cluster management while delivering a strong security posture and improved resource utilization. (Not familiar with GKE Autopilot yet? Check out the Autopilot breakout session at Google Cloud Next ‘21, which gives a rundown of everything this new Kubernetes platform can do.)

One of the great advantages of GKE Autopilot is that despite being a fully managed Kubernetes platform that provides you with a hands-off approach to nodes, it still supports the ability to run node agents using DaemonSets. This allows you to do actions like collect node-level metrics without needing to run a sidecar in every Pod. While some administrative-level functionality like privileged pods is restricted in Autopilot for regular user pods, we have worked with our partners to bring some of the most popular solutions to Autopilot, granting additional privileges when needed. This lets you run these popular products on Autopilot without modification, and still take full advantage of our fully managed platform.

Building on partnerships with leading ISVs in observability, security, CI/CD, and configuration management, this represents a differentiated approach to running partner tooling. Compared with other clouds and competitive platforms, GKE Autopilot does not require intensive reconfiguration (such as the use of sidecar containers) for many partner solutions. As such, today we are pleased to share the following partner solutions that are compatible with GKE Autopilot, and operate in a uniform manner across GKE:

https://storage.googleapis.com/gweb-cloudblog-publish/images/aqua_2.max-700x700.jpg

Aqua supports securing and ensuring compliance for the full lifecycle of workloads on GKE Autopilot, and specifically the Kubernetes pods, which run multiple containers with shared sets of storage and networking resources. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/CircleCI.max-900x900.jpg

CircleCI allows teams to release code rapidly by automating the build test and delivery process. CircleCI’s ‘orbs’ bundle configuration elements such as jobs, commands and executors into reusable packages and support deployment to GKE Autopilot. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/codefresh.max-900x900.jpg

Codefresh’s Gitops controller is an agent installed in a cluster that monitors the cluster and any defined Git repositories for changes. It allows you to deploy any kind of application to your GKE Autopilot cluster using Gitops. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/chronosphere.max-900x900.jpg

Chronosphere’s collector and GKE Autopilot work together to make engineers more productive by giving them faster and more actionable alerts that they can triage rapidly, allowing them to spend less time on monitoring instrumentation, meanwhile knowing that their clusters are running in a secure, highly available, and optimized manner. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/datadog.max-900x900.jpg

Datadog provides comprehensive visibility into all your containerized apps running on GKE Autopilot by collecting metrics, logs and traces, which help to surface performance issues and provide context to troubleshoot them. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/dynatrace.max-900x900.jpg

Dynatrace uses its software intelligence platform to track the availability, health and utilization of applications running on GKE Autopilot and to prioritize anomalies or automatically determine their root causes. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/GitLab.max-900x900.jpg

GitLab can be installed on GKE Autopilot easily out of the box using the official Helm Charts and can be configured to match a customer use case, including access to other Google Cloud resources such as storage and databases. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Hashicorp.max-900x900.jpg

Hashicorp Terraform can be used to provision a GKE Autopilot cluster distributed across multiple zones for high availability with a unified workflow and full lifecycle management. Hashicorp Vault runs on GKE Autopilot and provides secure storage and management of secrets. Read more about Terraform and Vault.

https://storage.googleapis.com/gweb-cloudblog-publish/images/paloalto.max-900x900.jpg

Palo Alto Networks’ Prisma Cloud Daemonset Defenders enforce the policies you want for your environment, while Prisma Cloud Radar displays a comprehensive visualization of your GKE Autopilot nodes and clusters so you can identify risks and investigate incidents. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Snyk.max-900x900.jpg

Snyk’s developer security platform helps developers build software securely across the cloud-native application stack, including code, open source, containers, Kubernetes and infrastructure as code, and works seamlessly with GKE Autopilot. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/splunk.max-900x900.jpg

Splunk Observability Cloud provides developers and operators with deep visibility into the composition, state, and ongoing issues within a cluster, while GKE Autopilot automatically manages the cluster’s resources to maximum efficiency. More here.

https://storage.googleapis.com/gweb-cloudblog-publish/images/sysdig.max-900x900.jpg

Sysdig’s Secure Devops Platform allows you to follow container security best practices on your GKE Autopilot clusters, including monitoring and securing your workloads using the Sysdig Agent. More here.

If you are using any of the above partner solutions in your existing enterprise workflows, you should be able to use them seamlessly with GKE Autopilot. Over time, we will continue to expand the scope of our partnerships and supported solutions, and we hope you use GKE Autopilot to kickstart your modernization journey with containers in the cloud. Get started today with the free tier.

Posted in