GCP
This section provides guides for deploying HyperShift hosted clusters on Google Cloud Platform. GCP uses a GKE Autopilot cluster as the management platform and Workload Identity Federation (WIF) for tokenless authentication.
TechPreview in OCP 4.22
GCP HostedClusters are available as a TechPreview feature in OpenShift Container Platform 4.22.
Deployment Model
GCP hosted clusters use a two-project model that mirrors the production architecture:
| Component | GCP Project | Purpose |
|---|---|---|
| Management Cluster | Control Plane project | GKE Autopilot cluster running the HyperShift operator and hosted control planes |
| Hosted Cluster | Hosted Cluster project | Worker nodes, WIF pool/provider, service accounts, VPC/subnet |
Key technologies:
- GKE Autopilot — Managed Kubernetes for the management cluster
- Workload Identity Federation (WIF) — Tokenless authentication between Kubernetes service accounts and GCP service accounts
- Private Service Connect (PSC) — Private connectivity between worker nodes and the hosted control plane API server
Guides
- Setup Management Cluster — Install HyperShift operator on GKE with GCP support
- Create GCP Infrastructure — Create network infrastructure (VPC, subnet)
- Create GCP IAM Resources — Create WIF pool, OIDC provider, and service accounts
- Create a GCP Hosted Cluster — Deploy your first hosted cluster
- E2E GKE CI Job — CI job for validating GCP platform changes
Prerequisites
Before getting started, you need:
- A GCP project for the management cluster (control plane)
- A GCP project for the hosted cluster (worker nodes and WIF)
- The
gcloudCLI installed and authenticated - The
hypershiftCLI built from the repository - A GCP service account with project-level permissions or appropriate roles
- A DNS zone for hosted cluster endpoints (for ExternalDNS)