Use GCP's New NEG feature for traffic management in GKE?

[Ivan Penchev]

Hi,

We have a GKE cluster, and I was not able to convince our management, multiple times, to invest some time into introducing Istio in our cluster.

As a result, each one of the user accessible endpoints has it's own LoadBalancer with it's own subdomain assign to it - A NIGHTMARE! 

I watched, this video: https://www.youtube.com/watch?v=D2BbLu--TEk

Then read : https://cloud.google.com/load-balancing/docs/negs

Where it is mentioned that: You can use NEGs as backends for some load balancers.

One of my favorite feature of backends, is the URL Map, being able to forward a request based on the value of a path i.e. "www.host/admin" goes VM1, where our admin web app is hosted, where "www.host/client" goes to VM2.

So my questions are:

1. Can I create a NEG for each of my containers in GKE, that are public facing?
2. Can I use a single LoadBalancer with a URL Map to link to the different NEGs (Containers)?
3. Are there any resources/tutorials on how to do this?
4. Do you see some big con/minus/security flaw of the above mentioned strategy?

Thank you,

Ivan

[Adebisi Ibirogba]

We do have a detailed documentation that answered all your inquiry.