Geode on Google Cloud Platform (GCP)
Google Cloud Platform offers powerful infrastructure for deploying Geode graph database with excellent performance, managed services, global network capabilities, and deep integration with Google’s ecosystem. This comprehensive guide covers production-ready deployment patterns, best practices, and GCP-specific optimizations.
GCP Deployment Options
Compute Engine
Deploy Geode on Google Compute Engine VMs for maximum control and performance.
Recommended Machine Types:
General Purpose (Development/Testing):
- E2 Series: Cost-effective for small workloads
- e2-standard-4: 4 vCPUs, 16 GB RAM
- e2-standard-8: 8 vCPUs, 32 GB RAM
- e2-standard-16: 16 vCPUs, 64 GB RAM
Balanced (Production):
- N2 Series: Balanced price/performance
- n2-standard-8: 8 vCPUs, 32 GB RAM
- n2-standard-16: 16 vCPUs, 64 GB RAM
- n2-standard-32: 32 vCPUs, 128 GB RAM
Memory Optimized:
- N2-highmem Series: High memory-to-CPU ratio for graph workloads
- n2-highmem-8: 8 vCPUs, 64 GB RAM
- n2-highmem-16: 16 vCPUs, 128 GB RAM
- n2-highmem-32: 32 vCPUs, 256 GB RAM
M2-ultramem Series: Ultra-high memory (4TB+) for massive graphs
- m2-ultramem-208: 208 vCPUs, 5.7 TB RAM
- m2-ultramem-416: 416 vCPUs, 11.8 TB RAM
Compute Optimized:
- C2 Series: High CPU performance for query-intensive workloads
- c2-standard-8: 8 vCPUs, 32 GB RAM (3.8 GHz)
- c2-standard-16: 16 vCPUs, 64 GB RAM
- c2-standard-30: 30 vCPUs, 120 GB RAM
Local SSD:
- N2-highmem with Local SSD: Ultra-low latency storage
- Each instance supports up to 24 x 375 GB Local SSDs
- Up to 9 TB of Local SSD per instance
- Sub-millisecond latency
Google Kubernetes Engine (GKE)
Deploy Geode on GKE for automatic scaling, rolling updates, and orchestration.
Benefits:
- Managed Kubernetes control plane (free)
- Auto-scaling (HPA, VPA, and Cluster Autoscaler)
- Multi-zone and regional clusters for HA
- Workload Identity for secure service access
- Built-in monitoring with Cloud Operations
- Automatic node repairs and upgrades
GKE Cluster Configuration:
# Create GKE cluster with Autopilot (recommended)
gcloud container clusters create-auto geode-cluster \
--region=us-central1 \
--release-channel=regular \
--enable-autoscaling \
--min-nodes=3 \
--max-nodes=12 \
--enable-stackdriver-kubernetes
# OR create standard cluster for more control
gcloud container clusters create geode-cluster \
--region=us-central1 \
--num-nodes=3 \
--machine-type=n2-highmem-8 \
--disk-type=pd-ssd \
--disk-size=100 \
--enable-autoscaling \
--min-nodes=3 \
--max-nodes=12 \
--enable-autorepair \
--enable-autoupgrade \
--enable-ip-alias \
--enable-stackdriver-kubernetes \
--release-channel=regular \
--workload-pool=PROJECT_ID.svc.id.goog
Add Node Pool for Geode:
gcloud container node-pools create geode-pool \
--cluster=geode-cluster \
--region=us-central1 \
--machine-type=n2-highmem-16 \
--num-nodes=3 \
--disk-type=pd-ssd \
--disk-size=200 \
--enable-autoscaling \
--min-nodes=3 \
--max-nodes=12 \
--node-taints=workload=geode:NoSchedule \
--node-labels=workload=geode \
--enable-autorepair \
--enable-autoupgrade
Cloud Run (Managed Containers)
Quick deployment for development and lightweight workloads:
# Deploy Geode to Cloud Run (stateless mode only)
gcloud run deploy geode \
--image=geodedb/geode:latest \
--platform=managed \
--region=us-central1 \
--port=8443 \
--memory=4Gi \
--cpu=2 \
--min-instances=1 \
--max-instances=10 \
--allow-unauthenticated
Note: Cloud Run is best for stateless workloads. Use Compute Engine or GKE for production databases.
Compute Engine Deployment
Single-Instance Setup
1. Create VPC Network:
# Create VPC
gcloud compute networks create geode-network \
--subnet-mode=custom
# Create subnet
gcloud compute networks subnets create geode-subnet \
--network=geode-network \
--region=us-central1 \
--range=10.0.0.0/24
2. Create Firewall Rules:
# Allow QUIC (3141/udp)
gcloud compute firewall-rules create allow-geode-quic \
--network=geode-network \
--allow=udp:3141 \
--source-ranges=0.0.0.0/0 \
--description="Allow QUIC connections to Geode"
# Allow HTTPS (8443/tcp)
gcloud compute firewall-rules create allow-geode-https \
--network=geode-network \
--allow=tcp:8443 \
--source-ranges=0.0.0.0/0 \
--description="Allow HTTPS connections to Geode"
# Allow SSH
gcloud compute firewall-rules create allow-ssh \
--network=geode-network \
--allow=tcp:22 \
--source-ranges=YOUR_IP/32 \
--description="Allow SSH from specific IP"
# Allow internal communication
gcloud compute firewall-rules create allow-internal \
--network=geode-network \
--allow=tcp:0-65535,udp:0-65535,icmp \
--source-ranges=10.0.0.0/24
3. Create Persistent Disk:
# Create SSD Persistent Disk
gcloud compute disks create geode-data-disk \
--size=500GB \
--type=pd-ssd \
--zone=us-central1-a
# OR create Extreme Persistent Disk for highest performance
gcloud compute disks create geode-data-disk \
--size=500GB \
--type=pd-extreme \
--provisioned-iops=100000 \
--zone=us-central1-a
4. Create Compute Engine Instance:
gcloud compute instances create geode-vm-01 \
--zone=us-central1-a \
--machine-type=n2-highmem-16 \
--network-interface=subnet=geode-subnet \
--maintenance-policy=MIGRATE \
--boot-disk-size=100GB \
--boot-disk-type=pd-ssd \
--disk=name=geode-data-disk,mode=rw \
--metadata=startup-script='#!/bin/bash
apt-get update
apt-get install -y docker.io
mkfs.ext4 -F /dev/sdb
mkdir -p /data
mount /dev/sdb /data
echo "/dev/sdb /data ext4 defaults 0 0" >> /etc/fstab
docker run -d \
--name geode \
--restart always \
-p 3141:3141/udp \
-p 8443:8443/tcp \
-v /data:/var/lib/geode \
-e GEODE_DATA_DIR=/var/lib/geode \
geodedb/geode:latest serve --listen 0.0.0.0:3141' \
--tags=geode-server \
--labels=app=geode,env=production
5. Reserve Static IP:
# Create static external IP
gcloud compute addresses create geode-ip \
--region=us-central1
# Assign to instance
gcloud compute instances add-access-config geode-vm-01 \
--zone=us-central1-a \
--address=$(gcloud compute addresses describe geode-ip \
--region=us-central1 --format='get(address)')
High-Availability Deployment
1. Create Instance Template:
gcloud compute instance-templates create geode-template \
--machine-type=n2-highmem-16 \
--network-interface=subnet=geode-subnet \
--boot-disk-size=100GB \
--boot-disk-type=pd-ssd \
--create-disk=size=500GB,type=pd-ssd \
--metadata-from-file=startup-script=startup.sh \
--tags=geode-server \
--labels=app=geode
2. Create Managed Instance Group:
gcloud compute instance-groups managed create geode-mig \
--base-instance-name=geode \
--template=geode-template \
--size=3 \
--zones=us-central1-a,us-central1-b,us-central1-c \
--health-check=geode-health-check \
--initial-delay=300
3. Create Health Check:
gcloud compute health-checks create https geode-health-check \
--port=8443 \
--request-path=/health \
--check-interval=30s \
--timeout=10s \
--healthy-threshold=2 \
--unhealthy-threshold=3
4. Create Load Balancer:
# Create backend service
gcloud compute backend-services create geode-backend \
--protocol=UDP \
--health-checks=geode-health-check \
--global
# Add instance group to backend
gcloud compute backend-services add-backend geode-backend \
--instance-group=geode-mig \
--instance-group-zone=us-central1-a \
--global
# Create forwarding rule
gcloud compute forwarding-rules create geode-lb \
--global \
--ports=3141 \
--address=geode-ip \
--backend-service=geode-backend
GKE Deployment
Kubernetes Manifests
Namespace and ConfigMap:
# namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: geode
---
# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: geode-config
namespace: geode
data:
geode.conf: |
log_level = "info"
data_dir = "/var/lib/geode"
listen_addr = "0.0.0.0:3141"
StatefulSet with Persistent Disks:
# statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: geode
namespace: geode
spec:
serviceName: geode
replicas: 3
selector:
matchLabels:
app: geode
template:
metadata:
labels:
app: geode
spec:
nodeSelector:
workload: geode
tolerations:
- key: workload
operator: Equal
value: geode
effect: NoSchedule
containers:
- name: geode
image: geodedb/geode:latest
ports:
- containerPort: 3141
protocol: UDP
name: quic
- containerPort: 8443
protocol: TCP
name: https
env:
- name: GEODE_DATA_DIR
value: /var/lib/geode
- name: GEODE_LOG_LEVEL
value: info
- name: GOOGLE_CLOUD_PROJECT
value: YOUR_PROJECT_ID
resources:
requests:
memory: "64Gi"
cpu: "8"
limits:
memory: "128Gi"
cpu: "16"
volumeMounts:
- name: data
mountPath: /var/lib/geode
- name: config
mountPath: /etc/geode
livenessProbe:
httpGet:
path: /health
port: 8443
scheme: HTTPS
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: 8443
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 5
volumes:
- name: config
configMap:
name: geode-config
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: pd-ssd
resources:
requests:
storage: 500Gi
Service (Internal Load Balancer):
# service.yaml
apiVersion: v1
kind: Service
metadata:
name: geode
namespace: geode
annotations:
cloud.google.com/load-balancer-type: "Internal"
spec:
type: LoadBalancer
selector:
app: geode
ports:
- name: quic
port: 3141
protocol: UDP
- name: https
port: 8443
protocol: TCP
HorizontalPodAutoscaler:
# hpa.yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: geode
namespace: geode
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: StatefulSet
name: geode
minReplicas: 3
maxReplicas: 12
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Pods
value: 1
periodSeconds: 60
scaleUp:
stabilizationWindowSeconds: 0
policies:
- type: Pods
value: 2
periodSeconds: 60
Deploy to GKE:
# Get GKE credentials
gcloud container clusters get-credentials geode-cluster \
--region=us-central1
# Apply manifests
kubectl apply -f namespace.yaml
kubectl apply -f configmap.yaml
kubectl apply -f statefulset.yaml
kubectl apply -f service.yaml
kubectl apply -f hpa.yaml
# Verify deployment
kubectl get pods -n geode -w
kubectl get svc -n geode
kubectl describe statefulset geode -n geode
Storage Options
Persistent Disks
Standard Persistent Disk (pd-standard):
- Up to 64 TB per disk
- 0.75 IOPS per GB (read/write)
- 0.12 MB/s per GB throughput
- Best for: Development, archival, backups
SSD Persistent Disk (pd-ssd):
- Up to 64 TB per disk
- 30 IOPS per GB (read/write)
- 0.48 MB/s per GB throughput
- Best for: Production workloads, transaction processing
Balanced Persistent Disk (pd-balanced):
- Up to 64 TB per disk
- 6 IOPS per GB
- 0.28 MB/s per GB throughput
- Best for: Cost-effective production workloads
Extreme Persistent Disk (pd-extreme):
- Up to 64 TB per disk
- Provisioned IOPS up to 120,000 per disk
- Provisioned throughput up to 2,400 MB/s
- Best for: Highest performance requirements
Create Extreme Disk:
gcloud compute disks create geode-extreme-disk \
--size=1000GB \
--type=pd-extreme \
--provisioned-iops=100000 \
--provisioned-throughput=2000 \
--zone=us-central1-a
Local SSD
Ultra-low latency local storage:
Create Instance with Local SSD:
gcloud compute instances create geode-local-ssd \
--zone=us-central1-a \
--machine-type=n2-highmem-16 \
--local-ssd=interface=NVME \
--local-ssd=interface=NVME \
--local-ssd=interface=NVME \
--local-ssd=interface=NVME \
--metadata=startup-script='#!/bin/bash
# RAID 0 for Local SSDs
mdadm --create /dev/md0 --level=0 --raid-devices=4 \
/dev/nvme0n1 /dev/nvme0n2 /dev/nvme0n3 /dev/nvme0n4
mkfs.ext4 -F /dev/md0
mkdir -p /data
mount /dev/md0 /data'
Characteristics:
- 375 GB per Local SSD
- Up to 24 Local SSDs per instance (9 TB total)
- Sub-millisecond latency
- Ephemeral (data lost on instance stop/delete)
- Ideal for caching and temporary data
Cloud Storage
For backups and archival:
# Create bucket
gsutil mb -c STANDARD -l us-central1 gs://geode-backups/
# Enable versioning
gsutil versioning set on gs://geode-backups/
# Set lifecycle policy
cat > lifecycle.json <<EOF
{
"lifecycle": {
"rule": [
{
"action": {"type": "SetStorageClass", "storageClass": "NEARLINE"},
"condition": {"age": 30}
},
{
"action": {"type": "SetStorageClass", "storageClass": "COLDLINE"},
"condition": {"age": 90}
},
{
"action": {"type": "Delete"},
"condition": {"age": 365}
}
]
}
}
EOF
gsutil lifecycle set lifecycle.json gs://geode-backups/
Monitoring and Observability
Cloud Monitoring (Stackdriver)
Enable Cloud Operations:
# Install Ops Agent on Compute Engine
curl -sSO https://dl.google.com/cloudagents/add-google-cloud-ops-agent-repo.sh
sudo bash add-google-cloud-ops-agent-repo.sh --also-install
# Configure Ops Agent
cat > /etc/google-cloud-ops-agent/config.yaml <<EOF
logging:
receivers:
geode_logs:
type: files
include_paths:
- /var/lib/geode/logs/*.log
processors:
geode_parser:
type: parse_json
service:
pipelines:
geode_pipeline:
receivers: [geode_logs]
processors: [geode_parser]
metrics:
receivers:
hostmetrics:
type: hostmetrics
collection_interval: 60s
service:
pipelines:
default_pipeline:
receivers: [hostmetrics]
EOF
sudo systemctl restart google-cloud-ops-agent
Create Custom Dashboard:
# dashboard.json
cat > dashboard.json <<'EOF'
{
"displayName": "Geode Performance Dashboard",
"mosaicLayout": {
"columns": 12,
"tiles": [
{
"width": 6,
"height": 4,
"widget": {
"title": "Query Latency (p99)",
"xyChart": {
"dataSets": [{
"timeSeriesQuery": {
"timeSeriesFilter": {
"filter": "resource.type=\"gce_instance\" AND metric.type=\"custom.googleapis.com/geode/query_latency_p99\""
}
}
}]
}
}
}
]
}
}
EOF
gcloud monitoring dashboards create --config-from-file=dashboard.json
Custom Metrics from Geode:
# Python client with Cloud Monitoring
from google.cloud import monitoring_v3
import geode_client
client = monitoring_v3.MetricServiceClient()
project_name = f"projects/{project_id}"
client = geode_client.open_database()
async with client.connection() as conn:
start = time.time()
result, _ = await conn.query("MATCH (u:User) RETURN COUNT(u)")
duration = (time.time() - start) * 1000
# Send metric to Cloud Monitoring
series = monitoring_v3.TimeSeries()
series.metric.type = "custom.googleapis.com/geode/query_latency"
point = monitoring_v3.Point()
point.value.double_value = duration
point.interval.end_time.seconds = int(time.time())
series.points = [point]
client.create_time_series(name=project_name, time_series=[series])
Cloud Logging
Log-based Metrics:
# Create log-based metric for query errors
gcloud logging metrics create geode_query_errors \
--description="Count of Geode query errors" \
--log-filter='resource.type="gce_instance"
labels.app="geode"
severity>=ERROR
jsonPayload.query_error=true'
Export Logs to BigQuery:
# Create BigQuery dataset
bq mk --dataset geode_logs
# Create log sink
gcloud logging sinks create geode-to-bigquery \
bigquery.googleapis.com/projects/PROJECT_ID/datasets/geode_logs \
--log-filter='resource.type="gce_instance"
labels.app="geode"'
Cloud Trace
Distributed tracing for queries:
# Python client with Cloud Trace
from google.cloud import trace_v2
import geode_client
tracer = trace_v2.TraceServiceClient()
client = geode_client.open_database()
async with client.connection() as conn:
with tracer.span(name="geode_query"):
result, _ = await conn.query("""
MATCH (u:User)-[:FRIEND]->(f:User)
WHERE u.city = 'Seattle'
RETURN u.name, COUNT(f)
""")
Security
Workload Identity
Secure access to GCP services from GKE:
# Enable Workload Identity
gcloud container clusters update geode-cluster \
--region=us-central1 \
--workload-pool=PROJECT_ID.svc.id.goog
# Create service account
gcloud iam service-accounts create geode-sa \
--display-name="Geode Service Account"
# Grant permissions
gcloud projects add-iam-policy-binding PROJECT_ID \
--member="serviceAccount:geode-sa@PROJECT_ID.iam.gserviceaccount.com" \
--role="roles/storage.objectAdmin"
# Bind to Kubernetes service account
gcloud iam service-accounts add-iam-policy-binding \
geode-sa@PROJECT_ID.iam.gserviceaccount.com \
--role roles/iam.workloadIdentityUser \
--member "serviceAccount:PROJECT_ID.svc.id.goog[geode/geode]"
# Annotate K8s service account
kubectl annotate serviceaccount geode \
--namespace geode \
iam.gke.io/gcp-service-account=geode-sa@PROJECT_ID.iam.gserviceaccount.com
Secret Manager
Store TLS certificates and secrets:
# Create secret
echo -n "admin-password-here" | gcloud secrets create geode-admin-password \
--data-file=-
# Grant access
gcloud secrets add-iam-policy-binding geode-admin-password \
--member="serviceAccount:geode-sa@PROJECT_ID.iam.gserviceaccount.com" \
--role="roles/secretmanager.secretAccessor"
Access from Kubernetes:
# Use GKE Workload Identity
apiVersion: v1
kind: Pod
metadata:
name: geode
spec:
serviceAccountName: geode
containers:
- name: geode
image: geodedb/geode:latest
env:
- name: ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: geode-admin-password
key: password
VPC Service Controls
Protect against data exfiltration:
# Create access policy
gcloud access-context-manager policies create \
--title="Geode Security Policy"
# Create service perimeter
gcloud access-context-manager perimeters create geode-perimeter \
--title="Geode Perimeter" \
--resources=projects/PROJECT_NUMBER \
--restricted-services=storage.googleapis.com,compute.googleapis.com \
--policy=POLICY_ID
Backup and Disaster Recovery
Persistent Disk Snapshots
# Create snapshot schedule
gcloud compute resource-policies create snapshot-schedule geode-daily-backup \
--region=us-central1 \
--max-retention-days=30 \
--on-source-disk-delete=keep-auto-snapshots \
--daily-schedule \
--start-time=02:00
# Attach to disk
gcloud compute disks add-resource-policies geode-data-disk \
--resource-policies=geode-daily-backup \
--zone=us-central1-a
Regional Backup to Cloud Storage
#!/bin/bash
# backup-to-gcs.sh
DATE=$(date +%Y%m%d-%H%M%S)
BACKUP_FILE="/tmp/geode-backup-$DATE.tar.gz"
# Create backup
docker exec geode geode backup --output $BACKUP_FILE
# Upload to Cloud Storage
gsutil cp $BACKUP_FILE gs://geode-backups/
# Clean up local backup
rm $BACKUP_FILE
# Optional: Create cross-region copy
gsutil cp gs://geode-backups/geode-backup-$DATE.tar.gz \
gs://geode-backups-eu/
Multi-Regional Replication
# Create multi-regional bucket
gsutil mb -c MULTI_REGIONAL -l US gs://geode-backups-mr/
# Enable object versioning
gsutil versioning set on gs://geode-backups-mr/
# Set up dual-region replication
gsutil mb -c DUAL_REGIONAL -l US-CENTRAL1,US-EAST1 \
gs://geode-backups-dr/
Cost Optimization
Committed Use Discounts
Save up to 57% with 1 or 3-year commitments:
# Purchase commitment
gcloud compute commitments create geode-commitment \
--region=us-central1 \
--plan=36-month \
--resources=vcpu=64,memory=512GB
Preemptible VMs for Development
Save up to 80%:
gcloud compute instances create geode-dev-preemptible \
--zone=us-central1-a \
--machine-type=n2-highmem-8 \
--preemptible \
--boot-disk-size=100GB \
--metadata=startup-script='...'
Sustained Use Discounts
Automatic discounts (up to 30%) for sustained usage. No action required.
Storage Cost Optimization
# Use pd-balanced instead of pd-ssd (33% cheaper)
gcloud compute disks create geode-balanced \
--size=500GB \
--type=pd-balanced
# Use Nearline for infrequent access backups
gsutil cp backup.tar.gz gs://geode-backups-nearline/
Related Topics
- Cloud : General cloud deployment strategies
- AWS : Amazon Web Services deployment
- Azure : Microsoft Azure deployment
- Kubernetes : Kubernetes orchestration
- Docker : Container deployment
- Monitoring : Monitoring and observability
- Security : Security best practices
- High Availability : HA architecture
Further Reading
- GCP Deployment Guide:
/docs/deployment/gcp/ - GKE Best Practices:
/docs/deployment/gke/ - Cloud Operations Integration:
/docs/monitoring/gcp-monitoring/ - Security on GCP:
/docs/security/gcp-security/
Conclusion
Google Cloud Platform provides excellent infrastructure for deploying Geode graph database at any scale. From simple Compute Engine VMs to sophisticated GKE clusters with auto-scaling, GCP’s managed services, global network (100+ points of presence), and powerful data analytics integration make it an outstanding choice for Geode deployments.
Key advantages of GCP for Geode:
- Best-in-class networking with premium tier
- Powerful managed Kubernetes (GKE Autopilot)
- Exceptional performance with Local SSD and Extreme Persistent Disks
- Deep integration with BigQuery for analytics
- Comprehensive Cloud Operations suite (formerly Stackdriver)
- Competitive pricing with automatic sustained use discounts