Overview of installation

You have several options for installing and configuring GKE On-Prem in your on-prem environment, some of which are outlined in GKE On-Prem overview and Setting up your load balancer.

Installation is driven by the GKE On-Prem configuration file and gkectl, the command line interface to GKE On-Prem. You generate a configuration file, modify the file to suit your needs, and then pass it to gkectl to create your GKE On-Prem clusters.

The following sections summarize your installation options. See also How installing GKE On-Prem works.

Container image registry

GKE On-Prem needs to use a container image registry for installation. A container image registry is a place where container images are stored. By default, GKE On-Prem uses a Google-owned container image registry hosted by Container Registry. Using it requires no configuration on your part (unless you are using a proxy), in which case you need to allowlist traffic to gcr.io. Optionally, you can use a private Docker registry, which you create separately. You specify your Docker registry in GKE On-Prem's configuration file.

IP address management and load balancing

GKE On-Prem's cluster nodes need IP addresses so that they can communicate with each other, with your load balancer, and with other clients. You can choose to use an existing Dynamic Host Configuration Protocol (DHCP) server to allocate IP addresses, or allocate static IP addresses.

Overview of load balancing discusses your load balancing options in depth. In sum, you choose between two load balancing modes: integrated load balancing mode or manual load balancing mode. Keep in mind that integrated load balancing mode is only compatible with the F5 BIG-IP load balancer, and that you cannot use a DHCP server with manual load balancing mode.


If you run a proxy server in your environment, be sure to provide the GKE On-Prem configuration file with your proxy's address and with addresses you don't want to pass through your proxy.


If you have clients or employees that need to authenticate to your user clusters (where you'll deploy your containerized workloads), you can use OpenID Connect (OIDC) with a provider of your choice or with Active Directory Federated Services (ADFS). You provide the GKE On-Prem configuration file with information about your provider.

Plan ahead

Be sure to plan your installation ahead of time. Your clusters' configurations, as declared in the GKE On-Prem configuration file, become immutable after you create the clusters. You can't change most aspects of clusters after you have created them, except for adding or removing nodes. This includes networking and authentication, which must be configured before creating clusters.

What's next

To install GKE On-Prem, choose from one of the following options: