Below is an example of the GKE On-Prem configuration file. You
use gkectl create-config
to generate a configuration file.
You modify the file to suit your needs, and use it to install an admin cluster
and user clusters for the first time.
# Absolute path to a GKE bundle on disk # Absolute path to a GKE bundle on disk bundlepath: "" # Specify which vCenter resources to use for deployment vcenter: # The credentials and address GKE should use to connect to vCenter credentials: address: "" username: "" password: "" datacenter: "" datastore: "" cluster: "" network: "" resourcepool: "" # Provide the name for the persistent disk to be used by the deployment (ending # in .vmdk). Any directory in the supplied path must be created before deployment. # Not required when adding additional user clusters datadisk: "" # Provide the path to vCenter CA certificate pub key for SSL verification cacertpath: "" # Specify the proxy configuration. proxy: # The URL of the proxy url: "" # The domains and IP addresses excluded from proxying noproxy: "" # Specify admin cluster settings for a fresh GKE On-Prem deployment. Omit this section # and use the --kubeconfig flag when adding a new user cluster to an existing deployment admincluster: # In-Cluster vCenter configuration vcenter: # If specified it overwrites the network field in global vcenter configuration network: "" # # The absolute or relative path to the yaml file to use for static IP allocation. # # Do not include if using DHCP # ipblockfilepath: "" # # Specify pre-defined nodeports if using "manual" load balancer mode # manuallbspec: # ingresshttpnodeport: 0 # ingresshttpsnodeport: 0 # controlplanenodeport: 30968 # addonsnodeport: 31405 # Specify the already-existing partition and credentials to use with F5 bigip: # To re-use credentials across clusters we recommend using YAML node anchors. # See https://yaml.org/spec/1.2/spec.html#id2785586 credentials: address: "" username: "" password: "" partition: "" # # Optionally specify a pool name if using SNAT # snatpoolname: "" # The VIPs to use for load balancing vips: # Used to connect to the Kubernetes API controlplanevip: "" # # Used for admin cluster addons (needed for multi cluster features). Must be the same # # across clusters # addonsvip: "" # The Kubernetes service CIDR range for the cluster. Must not overlap with the pod # CIDR range serviceiprange: 10.96.232.0/24 # The Kubernetes pod CIDR range for the cluster. Must not overlap with the service # CIDR range podiprange: 192.168.0.0/16 # Spread nodes across at least three physical hosts (requires at least three hosts) antiaffinitygroups: # Set to false to disable DRS rule creation enabled: true # Specify settings when deploying a new user cluster. Used both with a fresh deployment # or when adding a new cluster to an existing deployment. usercluster: # In-Cluster vCenter configuration vcenter: # If specified it overwrites the network field in global vcenter configuration network: "" # # The absolute or relative path to the yaml file to use for static IP allocation. # # Do not include if using DHCP # ipblockfilepath: "" # # Specify pre-defined nodeports if using "manual" load balancer mode # manuallbspec: # ingresshttpnodeport: 30243 # ingresshttpsnodeport: 30879 # controlplanenodeport: 30562 # addonsnodeport: 0 # Specify the already-existing partition and credentials to use with F5 bigip: # To re-use credentials across clusters we recommend using YAML node anchors. # See https://yaml.org/spec/1.2/spec.html#id2785586 credentials: address: "" username: "" password: "" partition: "" # # Optionally specify a pool name if using SNAT # snatpoolname: "" # The VIPs to use for load balancing vips: # Used to connect to the Kubernetes API controlplanevip: "" # Shared by all services for ingress traffic ingressvip: "" # # Used for admin cluster addons (needed for multi cluster features). Must be the same # # across clusters # addonsvip: "" # A unique name for this cluster clustername: "" # User cluster master nodes must have either 1 or 3 replicas masternode: cpus: 4 memorymb: 8192 # How many machines of this type to deploy replicas: 1 # The number of worker nodes to deploy and their size. Min. 3 replicas workernode: cpus: 4 memorymb: 8192 # How many machines of this type to deploy replicas: 3 # Spread nodes across at least three physical hosts (requires at least three hosts) antiaffinitygroups: # Set to false to disable DRS rule creation enabled: true # The Kubernetes service CIDR range for the cluster serviceiprange: 10.96.0.0/12 # The Kubernetes pod CIDR range for the cluster podiprange: 192.168.0.0/16 # # Uncomment this section to use OIDC authentication # oidc: # issuerurl: "" # kubectlredirecturl: "" # clientid: "" # clientsecret: "" # username: "" # usernameprefix: "" # group: "" # groupprefix: "" # scopes: "" # extraparams: "" # # Set value to string "true" or "false" # usehttpproxy: "" # # # The absolute or relative path to the CA file (optional) # # capath: "" # # Optionally provide an additional serving certificate for the API server # sni: # certpath: "" # keypath: "" # # Specify whether or not to enable the GKE usage metering feature # usagemetering: # bigqueryprojectid: "" # # The ID of the BigQuery Dataset in which the usage metering data will be stored # bigquerydatasetid: "" # # The absolute or relative path to the key file for a GCP service account used by # # gke-usage-metering to report to BigQuery # bigqueryserviceaccountkeypath: "" # # Whether or not to enable the consumption-based metering feature # enableconsumptionmetering: false # Which load balancer mode to use "Manual" or "Integrated" lbmode: Integrated # Specify which GCP project to connect your GKE clusters to gkeconnect: projectid: "" # The absolute or relative path to the key file for a GCP service account used to # register the cluster registerserviceaccountkeypath: "" # The absolute or relative path to the key file for a GCP service account used by # the GKE connect agent agentserviceaccountkeypath: "" # Specify which GCP project to connect your logs and metrics to stackdriver: projectid: "" # A GCP region where you would like to store logs and metrics for this cluster. clusterlocation: "" enablevpc: false # The absolute or relative path to the key file for a GCP service account used to # send logs and metrics from the cluster serviceaccountkeypath: "" # Specify Cloud Run configuration cloudrun: enabled: false # # Optionally use a private Docker registry to host GKE images # privateregistryconfig: # # Do not include the scheme with your registry address # credentials: # address: "" # username: "" # password: "" # # The absolute or relative path to the CA certificate for this registry # cacertpath: "" # The absolute or relative path to the GCP service account key that will be used to # pull GKE images gcrkeypath: "" # # Configure kubernetes apiserver audit logging # cloudauditlogging: # projectid: "" # # A GCP region where you would like to store audit logs for this cluster. # clusterlocation: "" # # The absolute or relative path to the key file for a GCP service account used to # # send audit logs from the cluster # serviceaccountkeypath: ""