I have been looking for any answer to this question for a couple of days now. The image shows what I am trying to do. Basically I want to build a container engine cluster in a service project but use a network from a shared vpc in a host project. This works with compute engine just fine and since container engine leverages compute engine I can't see what it wouldn't work but the options are not there to configure it.
The ultimate goal is to use this in a hybrid cloud scenario and for each container project we would rather leverage a single vpn tunnel instead of building new ones for every project. That simply doesn't scale.
You can do that natively now! https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-shared-vpc
UPDATE This is now officially supported. See Adam MacDonald's answer.
I have been looking to implement the same set-up, But it looks like GKE in service projects using a shared VPC is currently not supported:
Shared VPC limitations
- Quota of 100 shared VPC host projects per Cloud Organization.
- Quota of 100 service projects attached to any given shared VPC host project.
- External load balancing is not supported across projects. This means that the frontend of a load balancer must exist in the same project as the backends, but the backend instances in service projects can be created in the shared VPC network of the host project.
- GKE clusters in a service project associated with an shared VPC network are not supported.
- GAE Flexible in a service project associated with an shared VPC network is not supported.
- Deployment manager is limited to manage resources within a single project.
https://cloud.google.com/compute/docs/shared-vpc/provisioning-shared-vpc#shared_vpc_limitations
Shared VPC is now supported for Google Kubernetes engine. See https://cloudplatform.googleblog.com/2018/05/Introducing-Shared-VPC-for-Google-Kubernetes-Engine.html
