About This Architecture

Private GKE cluster ep3-quantax-dev in GCP runs a multi-node topology with segregated node pools for API gateways and Redpanda brokers, secured by Cloud NAT egress-only networking and a private control plane. Traffic flows through NGINX Gateway Fabric ingress to Kilkenny API and Admin gateways, with ClusterIP services routing to Redpanda Broker 1 and external MongoDB Atlas via Private Service Connect. This architecture demonstrates GCP best practices for zero-public-IP Kubernetes deployments with hard taints enforcing workload isolation and cost-optimized single-zone HA in development environments. Fork and customize this topology on Diagrams.so to adapt node machine types, CIDR ranges, or add multi-zone resilience for production. The 50 GB pd-standard boot disks and n2-standard-4 instances reflect typical dev-tier resource allocation at ~$603/month.

People also ask

How do you design a private GKE cluster with no public node IPs and segregated workloads using node pool taints?

This diagram shows ep3-quantax-dev: a private GKE cluster using Cloud NAT for egress-only connectivity, Cloud Router for DNS, and two tainted node pools—np-default with PREFER_NO_SCHEDULE and np-redpanda with hard NO_SCHEDULE—to isolate API gateways from Redpanda brokers. External data access flows through MongoDB Atlas via Private Service Connect, while NGINX Gateway Fabric handles ingress routin