Run a vTPM in Confidential GKE Nodes workloads

This page shows you how to use the Virtual Trusted Platform Module (vTPM) in your Confidential Google Kubernetes Engine (GKE) Standard regional clusters' workloads. For more information about vTPMs, refer to Using Shielded GKE Nodes.


With vTPM in Confidential GKE Nodes workloads, you can create clusters and expose vTPMs to their workloads. vTPMs provide platform integrity along with other security features such as remote attestation, secret sealing, and random number generation.

Before you begin

Before you start, make sure you have performed the following tasks:

  • Enable the Google Kubernetes Engine API.
  • Enable Google Kubernetes Engine API
  • If you want to use the Google Cloud CLI for this task, install and then initialize the gcloud CLI. If you previously installed the gcloud CLI, get the latest version by running gcloud components update.


vTPM in Confidential GKE Nodes workloads requires GKE version 1.26 and later.


You can use Confidential GKE Nodes under the following conditions:

Create a Confidential GKE Nodes cluster

You can create a new cluster with Confidential GKE Nodes enabled by using the gcloud CLI or the Google Cloud console. If you enable Confidential GKE Nodes at cluster level, all the nodes in the cluster become Confidential VMs.


When creating a new cluster, specify the --enable-confidential-nodes option in the following command:

gcloud container clusters create CLUSTER_NAME \
    --machine-type=MACHINE_TYPE \

Replace the following:

  • CLUSTER_NAME: the name of your new cluster.
  • MACHINE_TYPE: the machine type for your cluster's default node pool, which must be either the N2D or C2D machine type.


  1. Go to the Google Kubernetes Engine page in the Google Cloud console.

    Go to Google Kubernetes Engine

  2. Click Create.

  3. In the Standard section, click Configure.

  4. In the navigation menu, under Cluster, click Security.

  5. Select the Enable Confidential GKE Nodes checkbox.

  6. For configuring other sections of the cluster, follow the instructions in Creating a regional cluster.

  7. Click Create.

After creating a cluster with Confidential GKE Nodes, any node pools created in this cluster can only use confidential nodes. You can't create regular node pools in clusters with Confidential GKE Nodes enabled. You also can't disable Confidential GKE Nodes on individual node pools when you enable Confidential GKE Nodes at cluster level.

Run a vTPM in Confidential GKE Nodes workloads

To run vTPM in Confidential GKE Nodes workloads, Google provides a DaemonSet to apply to the Confidential GKE Nodes clusters. Run the following command to deploy the DaemonSet:

kubectl create -f

Configure Pods to see the vTPM

You use a resource limit to configure Pods to see vTPM. Specify the resource limit as 1 in a Pod specification using the following key-value pair

  • Key:
  • Value: 1

An example of a Pod specification that uses vTPM:

apiVersion: v1
kind: Pod
  name: my-vtpm-pod
  - name: nginx
    image: nginx
    - containerPort: 8080
      name: http
      limits: 1

What's next