In your initial installation of GKE on-prem, you create these virtual
machines (VMs):
One VM for an admin workstation
Four VMs for an admin cluster
Three VMs for a user cluster
In your vSphere environment, you must have a network that can support the
creation of those eight VMs. Your network must also be able to support a
vCenter Server and an F5 BIG-IP load balancer.
Your network needs to support outbound traffic to the internet so that your
admin workstation and your cluster nodes can fetch GKE on-prem
components and call certain Google services.
If you want external clients to call services in your GKE on-prem
clusters, your network must support inbound traffic from the internet.
The following diagram shows one possible network topology:
Network topology (click to enlarge)
The preceding diagram has the following features:
The admin workstation is on a private network.
vCenter Server is on a public network.
The cluster nodes are on a private network.
The F5 BIG-IP load balancer is on three private networks.
The F5 BIG-IP load balancer is configured with Virtual IPs (VIPs) that
have private addresses. External clients must use public IP addresses
configured in the network address translation (NAT) device. The NAT device
uses static NAT to convert the public addresses to the internal VIPs
configured on the load balancer.
Network Time Protocol
All the VMs that are part of your GKE on-prem infrastructure must
use the same
Network Time Protocol (NTP)
server.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-05 UTC."],[[["Initial GKE on-prem installation requires a network supporting one admin workstation VM, four admin cluster VMs, three user cluster VMs, a vCenter Server, and an F5 BIG-IP load balancer."],["The network must allow outbound internet traffic for the admin workstation and cluster nodes to access GKE on-prem components and certain Google services."],["Inbound internet traffic is needed if external clients need to access services within the GKE on-prem clusters."],["The network setup can include the admin workstation and cluster nodes on private networks, with vCenter Server on a public network, and the F5 BIG-IP load balancer on three private networks."],["All VMs within the GKE on-prem infrastructure must utilize the same Network Time Protocol (NTP) server."]]],[]]
