I've been trying to deploy a small API using FastAPI(and uvicorn to serve) framework on GKE. I made a deployment and an associated service that are working well but I have trouble understanding how https should be implemented.
Is it internal to FastAPI? Or is it on GKE's side?
it's more depends on the requirement you are looking for.
Option 1 : HTTPS termination at LB level
If you are using the LB with the GKE and don't want End to end HTTPS connection you can add the SSL/TLS cert at Load balancer level GKE and terminate SSL and backend it will be HTTP.
Option 2 : End to end encryption with HTTPS
If you want the End to end encryption with HTTPS you have to add the certificate with Code and the application will use that cert.
In both cases, you create the self-signed(not good option) certificate and use it.
If you don't want to use self-signed certificate, you can use the GCP cert-manager to create/use the certificates.
here is the tutorial with steps to use the managed certificates with GKE : https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs