Installing Openshift on GCP

Illustration of a person in a grey and orange outfit working on or inspecting complex piping or ductwork machinery. Illustration of a person in a grey and orange outfit working on or inspecting complex piping or ductwork machinery.

Today we will show how to mix two of the most popular platforms we currently have in the market. We are going to install OpenShift 4.10 in Google Cloud. Ok, we are going to install the open software version of OpenShift, OKD, but in the end, everything that we learn today can be applied in our commercial version.

Google Cloud Platform: Overview, Cloud Run, Security and Networking Check out workshop

There are several requirements that we need to accomplish before we start:

We need to enable some API in our Google Cloud project before, those are the ones that you can see on the screen like compute engine API, Google DNS API, etc. To do that we can do that in the UI by searching in the console for the correct

API like or using the CLI like gcloud services enable

Screenshot of the External Secrets Operator documentation page featuring an Introduction section with a flowchart diagram illustrating the connection between cloud providers (AWS/GCP/Vault) and Kubernetes namespaces.

After all the API are activated we need to have a dedicated DNS hosted zone in the same project as the cluster is going to be installed. To do that we need to go to Cloud DNS in GCP and click on create a DNS zone, we choose public, the name of the zone, DNS name and we create.

After that the last requirement that it is related to permissions. What we need to do is create a service account that will have the next roles connected

  • Compute Admin
  • Security Admin

  • Service Account Admin

  • Service Account User

  • Storage Admin

  • DNS Administrator

  • Service Account Key Admin

To do that we go to the service account area, click on create and choose as name okd-install. After our service account is created we need to go to IAM, click on ADD, choose our service account and start to add all the roles that we currently need to do the installation.

Last thing is to change 1 quotas N2_CPUS. To do that we are going to wait until pour installer fail to show you where to do that.

So now our system is ready to be installed. There are 2 ways to do the installation

  • IPI or installer-provisioned infrastructure mode that it is an automated mode based on a file called install-config.yaml
  • UPI or user-provisioned infrastructure mode that it is a manual mode that we will need to install one by one all the components.

We love automation, so we go for IPI. The next step before we click on install is to create a public and private ssh key for our control plane and workers. This will be done with ssh-keygen -t ed25519 -N ''

Now we need to go to the service account area, click in our service account, now we go to KEYS, add a KEY, and create a new key as JSON. When we have this JSON file we only need to use it as a credential


and we can confirm with

gcloud auth activate-service-account --key-file=key.json

Now we only need to download the latest version of OKD client and installer in OKD

tar zxvf /Users/pabloinigo/Downloads/openshift-client-mac-4.10.0-0.okd-2022-05-28-062148.tar.gz
tar zxvf /Users/pabloinigo/Downloads/openshift-install-mac-4.10.0-0.okd-2022-05-28-062148.tar.gz
  name: master
      type: n2-standard-4
      - us-central1-a
      - us-central1-c
        diskType: pd-ssd
        diskSizeGB: 1024
  replicas: 3
- name: worker
      type: n2-standard-4
      - us-central1-a
      - us-central1-c
        diskType: pd-standard
        diskSizeGB: 128
  replicas: 3
  name: test-cluster
  - cidr:
    hostPrefix: 23
  - cidr:
  networkType: OVNKubernetes
    projectID: mkdev-old
    region: us-central1
pullSecret: '{"auths": ...}'
sshKey: ssh-ed25519 AAAA...

only we need to add our pull secret from RedHat, our sshkey, and the type of machines and IP ranges.

After that, we execute in the same folder where our config file is located

./openshift-install create cluster --dir install-dir --log-level=info

and after a few minutes, our installation is done and we only need to go to our console, add the password for kubeadmin that we received and start to enjoy our openshift.