K8s has this feature to encrypt secret data, which requires modification of kube-apiserver config, how can i do this in GKE?
It appears you can, now. From the latest gcloud release notes:
### Kubernetes Engine
* Promoted the `--database-encryption-key` flag of `gcloud container clusters
create` to beta. The flag enables support for encryption of Kubernetes Secrets.
Short answer is, you can't.
The Kubernetes Engine master is managed by Google, so you can't change its runtime parameters. Nonetheless, while the data may not be encrypted inside the etcd running on the master node, the contents of the master node itself are encrypted as the link Will pointed to explains.