Jump to Content
Security & Identity

A deeper dive into Confidential GKE Nodes—now available in preview

October 1, 2020
Ibrahim Damlaj

Product Manager, Google Kubernetes Engine Security team

Anoosh Saboori

Group Product Management Lead

As of June 16, 2022, Confidential GKE Nodes are generally available. Learn more here.

The benefits of containers and Kubernetes over traditional on-premises architectures are well-documented and understood. But when considering moving to the cloud, organizations want controls to limit risk and potential exposure of their data.

In July, we announced the availability of the Confidential Computing product family, whose  breakthrough technology encrypts data in-use—while it is being processed—without any code changes to the application. We also introduced Confidential VMs as the first member of that product family, which perform at levels comparable to VMs

A few weeks back we announced the upcoming launch of Confidential Google Kubernetes Engine (GKE) Nodes in preview. Today, as we kick off cybersecurity month, we are rolling out the preview for Confidential GKE Nodes. With Confidential GKE Nodes you can achieve encryption in-use for data processed inside your GKE cluster, without significant performance degradation. 

Built on Confidential VMs, which utilize the AMD Secure Encrypted Virtualization (SEV) feature, Confidential GKE Nodes encrypt the memory of your nodes and the workloads that run on top of them with a dedicated per-Node instance key that is generated and managed by the AMD Secure Processors, which is embedded in the AMD EPYC™ processor. These keys are generated by the AMD Secure Processor during node creation and reside solely within it, making them unavailable to Google or any VMs running on the host. This, combined with other existing solutions for encryption at rest and in-transit, and workload isolation models such as GKE Sandbox, provides an even deeper and multi-layer defense-in-depth protection against data exfiltration attacks. Confidential GKE Nodes also leverage Shielded GKE nodes to offer protection against rootkit and bootkits, helping to ensure the integrity of the operating system you run on your Confidential GKE Nodes.

Video Thumbnail

Enabling Confidential GKE Nodes

When creating a new cluster, you can enable Confidential GKE Nodes by specifying the --enable-confidential-nodes option:


After you create a Confidential GKE cluster, all the nodes and node pools you create will be confidential.

You can verify that your cluster is using Confidential GKE Nodes by using the describe command:

gcloud beta container clusters describe [CLUSTER_NAME]

If Confidential GKE Nodes are enabled, the output of the command will include these lines:

enabled: true

Enabling applications to run with Confidential GKE Nodes

You may be wondering what you need to change in your application to leverage Confidential GKE Nodes? The answer is nothing! Google's approach to confidential computing is to enable an effortless lift and shift for existing applications so that all GKE workloads you run today can run on Confidential GKE Nodes without any code changes. 

Optionally, if you use a GitOps model for storing your application configurations, you can use the cloud.google.com/gke-confidential-nodes nodeSelector to declaratively  ensure that your sensitive workloads can only be scheduled on Confidential GKE Nodes. This can be useful later on if you want to demonstrate to auditors that your workloads ran exclusively on Confidential GKE nodes:


Tune in to our latest Google Cloud Security Talks to learn more about confidential computing, and other areas of cloud security.

Posted in