The gcp:gkeonprem/bareMetalCluster:BareMetalCluster resource, part of the Pulumi GCP provider, provisions a GKE on bare metal user cluster: control plane nodes, networking, load balancing, and storage. This guide focuses on three capabilities: load balancing modes (MetalLB, manual, BGP), network configuration for bare metal environments, and storage provisioning with local volume provisioner.
Bare metal clusters require a registered admin cluster membership and physical nodes at specified IP addresses. The examples are intentionally small. Combine them with your own admin cluster, physical infrastructure, and operational tooling.
Deploy a cluster with MetalLB load balancing
Most bare metal Kubernetes deployments start with a basic cluster that defines control plane nodes, networking, and load balancing. MetalLB provides Layer 2 or BGP-based load balancing without requiring external hardware.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const cluster_basic = new gcp.gkeonprem.BareMetalCluster("cluster-basic", {
name: "my-cluster",
location: "us-west1",
adminClusterMembership: "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bareMetalVersion: "1.12.3",
networkConfig: {
islandModeCidr: {
serviceAddressCidrBlocks: ["172.26.0.0/16"],
podAddressCidrBlocks: ["10.240.0.0/13"],
},
},
controlPlane: {
controlPlaneNodePoolConfig: {
nodePoolConfig: {
labels: {},
operatingSystem: "LINUX",
nodeConfigs: [{
labels: {},
nodeIp: "10.200.0.9",
}],
},
},
},
loadBalancer: {
portConfig: {
controlPlaneLoadBalancerPort: 443,
},
vipConfig: {
controlPlaneVip: "10.200.0.13",
ingressVip: "10.200.0.14",
},
metalLbConfig: {
addressPools: [{
pool: "pool1",
addresses: [
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
],
avoidBuggyIps: true,
manualAssign: true,
}],
},
},
storage: {
lvpShareConfig: {
lvpConfig: {
path: "/mnt/localpv-share",
storageClass: "local-shared",
},
sharedPathPvCount: 5,
},
lvpNodeMountsConfig: {
path: "/mnt/localpv-disk",
storageClass: "local-disks",
},
},
securityConfig: {
authorization: {
adminUsers: [{
username: "admin@hashicorptest.com",
}],
},
},
});
import pulumi
import pulumi_gcp as gcp
cluster_basic = gcp.gkeonprem.BareMetalCluster("cluster-basic",
name="my-cluster",
location="us-west1",
admin_cluster_membership="projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bare_metal_version="1.12.3",
network_config={
"island_mode_cidr": {
"service_address_cidr_blocks": ["172.26.0.0/16"],
"pod_address_cidr_blocks": ["10.240.0.0/13"],
},
},
control_plane={
"control_plane_node_pool_config": {
"node_pool_config": {
"labels": {},
"operating_system": "LINUX",
"node_configs": [{
"labels": {},
"node_ip": "10.200.0.9",
}],
},
},
},
load_balancer={
"port_config": {
"control_plane_load_balancer_port": 443,
},
"vip_config": {
"control_plane_vip": "10.200.0.13",
"ingress_vip": "10.200.0.14",
},
"metal_lb_config": {
"address_pools": [{
"pool": "pool1",
"addresses": [
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
],
"avoid_buggy_ips": True,
"manual_assign": True,
}],
},
},
storage={
"lvp_share_config": {
"lvp_config": {
"path": "/mnt/localpv-share",
"storage_class": "local-shared",
},
"shared_path_pv_count": 5,
},
"lvp_node_mounts_config": {
"path": "/mnt/localpv-disk",
"storage_class": "local-disks",
},
},
security_config={
"authorization": {
"admin_users": [{
"username": "admin@hashicorptest.com",
}],
},
})
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/gkeonprem"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := gkeonprem.NewBareMetalCluster(ctx, "cluster-basic", &gkeonprem.BareMetalClusterArgs{
Name: pulumi.String("my-cluster"),
Location: pulumi.String("us-west1"),
AdminClusterMembership: pulumi.String("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"),
BareMetalVersion: pulumi.String("1.12.3"),
NetworkConfig: &gkeonprem.BareMetalClusterNetworkConfigArgs{
IslandModeCidr: &gkeonprem.BareMetalClusterNetworkConfigIslandModeCidrArgs{
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("172.26.0.0/16"),
},
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.240.0.0/13"),
},
},
},
ControlPlane: &gkeonprem.BareMetalClusterControlPlaneArgs{
ControlPlaneNodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs{
NodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs{
Labels: pulumi.StringMap{},
OperatingSystem: pulumi.String("LINUX"),
NodeConfigs: gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArray{
&gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs{
Labels: pulumi.StringMap{},
NodeIp: pulumi.String("10.200.0.9"),
},
},
},
},
},
LoadBalancer: &gkeonprem.BareMetalClusterLoadBalancerArgs{
PortConfig: &gkeonprem.BareMetalClusterLoadBalancerPortConfigArgs{
ControlPlaneLoadBalancerPort: pulumi.Int(443),
},
VipConfig: &gkeonprem.BareMetalClusterLoadBalancerVipConfigArgs{
ControlPlaneVip: pulumi.String("10.200.0.13"),
IngressVip: pulumi.String("10.200.0.14"),
},
MetalLbConfig: &gkeonprem.BareMetalClusterLoadBalancerMetalLbConfigArgs{
AddressPools: gkeonprem.BareMetalClusterLoadBalancerMetalLbConfigAddressPoolArray{
&gkeonprem.BareMetalClusterLoadBalancerMetalLbConfigAddressPoolArgs{
Pool: pulumi.String("pool1"),
Addresses: pulumi.StringArray{
pulumi.String("10.200.0.14/32"),
pulumi.String("10.200.0.15/32"),
pulumi.String("10.200.0.16/32"),
pulumi.String("10.200.0.17/32"),
pulumi.String("10.200.0.18/32"),
pulumi.String("fd00:1::f/128"),
pulumi.String("fd00:1::10/128"),
pulumi.String("fd00:1::11/128"),
pulumi.String("fd00:1::12/128"),
},
AvoidBuggyIps: pulumi.Bool(true),
ManualAssign: pulumi.Bool(true),
},
},
},
},
Storage: &gkeonprem.BareMetalClusterStorageArgs{
LvpShareConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigArgs{
LvpConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigLvpConfigArgs{
Path: pulumi.String("/mnt/localpv-share"),
StorageClass: pulumi.String("local-shared"),
},
SharedPathPvCount: pulumi.Int(5),
},
LvpNodeMountsConfig: &gkeonprem.BareMetalClusterStorageLvpNodeMountsConfigArgs{
Path: pulumi.String("/mnt/localpv-disk"),
StorageClass: pulumi.String("local-disks"),
},
},
SecurityConfig: &gkeonprem.BareMetalClusterSecurityConfigArgs{
Authorization: &gkeonprem.BareMetalClusterSecurityConfigAuthorizationArgs{
AdminUsers: gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArray{
&gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs{
Username: pulumi.String("admin@hashicorptest.com"),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var cluster_basic = new Gcp.GkeOnPrem.BareMetalCluster("cluster-basic", new()
{
Name = "my-cluster",
Location = "us-west1",
AdminClusterMembership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
BareMetalVersion = "1.12.3",
NetworkConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigArgs
{
IslandModeCidr = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs
{
ServiceAddressCidrBlocks = new[]
{
"172.26.0.0/16",
},
PodAddressCidrBlocks = new[]
{
"10.240.0.0/13",
},
},
},
ControlPlane = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneArgs
{
ControlPlaneNodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs
{
NodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs
{
Labels = null,
OperatingSystem = "LINUX",
NodeConfigs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs
{
Labels = null,
NodeIp = "10.200.0.9",
},
},
},
},
},
LoadBalancer = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerArgs
{
PortConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerPortConfigArgs
{
ControlPlaneLoadBalancerPort = 443,
},
VipConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerVipConfigArgs
{
ControlPlaneVip = "10.200.0.13",
IngressVip = "10.200.0.14",
},
MetalLbConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerMetalLbConfigArgs
{
AddressPools = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerMetalLbConfigAddressPoolArgs
{
Pool = "pool1",
Addresses = new[]
{
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
},
AvoidBuggyIps = true,
ManualAssign = true,
},
},
},
},
Storage = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageArgs
{
LvpShareConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigArgs
{
LvpConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs
{
Path = "/mnt/localpv-share",
StorageClass = "local-shared",
},
SharedPathPvCount = 5,
},
LvpNodeMountsConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs
{
Path = "/mnt/localpv-disk",
StorageClass = "local-disks",
},
},
SecurityConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigArgs
{
Authorization = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs
{
Username = "admin@hashicorptest.com",
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.gkeonprem.BareMetalCluster;
import com.pulumi.gcp.gkeonprem.BareMetalClusterArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerPortConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerVipConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerMetalLbConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigAuthorizationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cluster_basic = new BareMetalCluster("cluster-basic", BareMetalClusterArgs.builder()
.name("my-cluster")
.location("us-west1")
.adminClusterMembership("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test")
.bareMetalVersion("1.12.3")
.networkConfig(BareMetalClusterNetworkConfigArgs.builder()
.islandModeCidr(BareMetalClusterNetworkConfigIslandModeCidrArgs.builder()
.serviceAddressCidrBlocks("172.26.0.0/16")
.podAddressCidrBlocks("10.240.0.0/13")
.build())
.build())
.controlPlane(BareMetalClusterControlPlaneArgs.builder()
.controlPlaneNodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs.builder()
.nodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs.builder()
.labels(Map.ofEntries(
))
.operatingSystem("LINUX")
.nodeConfigs(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs.builder()
.labels(Map.ofEntries(
))
.nodeIp("10.200.0.9")
.build())
.build())
.build())
.build())
.loadBalancer(BareMetalClusterLoadBalancerArgs.builder()
.portConfig(BareMetalClusterLoadBalancerPortConfigArgs.builder()
.controlPlaneLoadBalancerPort(443)
.build())
.vipConfig(BareMetalClusterLoadBalancerVipConfigArgs.builder()
.controlPlaneVip("10.200.0.13")
.ingressVip("10.200.0.14")
.build())
.metalLbConfig(BareMetalClusterLoadBalancerMetalLbConfigArgs.builder()
.addressPools(BareMetalClusterLoadBalancerMetalLbConfigAddressPoolArgs.builder()
.pool("pool1")
.addresses(
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128")
.avoidBuggyIps(true)
.manualAssign(true)
.build())
.build())
.build())
.storage(BareMetalClusterStorageArgs.builder()
.lvpShareConfig(BareMetalClusterStorageLvpShareConfigArgs.builder()
.lvpConfig(BareMetalClusterStorageLvpShareConfigLvpConfigArgs.builder()
.path("/mnt/localpv-share")
.storageClass("local-shared")
.build())
.sharedPathPvCount(5)
.build())
.lvpNodeMountsConfig(BareMetalClusterStorageLvpNodeMountsConfigArgs.builder()
.path("/mnt/localpv-disk")
.storageClass("local-disks")
.build())
.build())
.securityConfig(BareMetalClusterSecurityConfigArgs.builder()
.authorization(BareMetalClusterSecurityConfigAuthorizationArgs.builder()
.adminUsers(BareMetalClusterSecurityConfigAuthorizationAdminUserArgs.builder()
.username("admin@hashicorptest.com")
.build())
.build())
.build())
.build());
}
}
resources:
cluster-basic:
type: gcp:gkeonprem:BareMetalCluster
properties:
name: my-cluster
location: us-west1
adminClusterMembership: projects/870316890899/locations/global/memberships/gkeonprem-terraform-test
bareMetalVersion: 1.12.3
networkConfig:
islandModeCidr:
serviceAddressCidrBlocks:
- 172.26.0.0/16
podAddressCidrBlocks:
- 10.240.0.0/13
controlPlane:
controlPlaneNodePoolConfig:
nodePoolConfig:
labels: {}
operatingSystem: LINUX
nodeConfigs:
- labels: {}
nodeIp: 10.200.0.9
loadBalancer:
portConfig:
controlPlaneLoadBalancerPort: 443
vipConfig:
controlPlaneVip: 10.200.0.13
ingressVip: 10.200.0.14
metalLbConfig:
addressPools:
- pool: pool1
addresses:
- 10.200.0.14/32
- 10.200.0.15/32
- 10.200.0.16/32
- 10.200.0.17/32
- 10.200.0.18/32
- fd00:1::f/128
- fd00:1::10/128
- fd00:1::11/128
- fd00:1::12/128
avoidBuggyIps: true
manualAssign: true
storage:
lvpShareConfig:
lvpConfig:
path: /mnt/localpv-share
storageClass: local-shared
sharedPathPvCount: 5
lvpNodeMountsConfig:
path: /mnt/localpv-disk
storageClass: local-disks
securityConfig:
authorization:
adminUsers:
- username: admin@hashicorptest.com
The adminClusterMembership connects this user cluster to its admin cluster. The networkConfig.islandModeCidr defines CIDR blocks for pods and services, isolating cluster networking from the physical network. The controlPlane.controlPlaneNodePoolConfig specifies which physical nodes run the control plane, referenced by IP address in nodeConfigs. The loadBalancer.metalLbConfig defines an address pool that MetalLB uses to assign IPs to LoadBalancer services. The storage configuration provisions local volumes using lvpShareConfig for shared storage and lvpNodeMountsConfig for node-local disks.
Configure manual load balancer integration
Some environments use existing hardware load balancers or software-defined networking that requires manual configuration rather than automated IP management.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const cluster_manuallb = new gcp.gkeonprem.BareMetalCluster("cluster-manuallb", {
name: "cluster-manuallb",
location: "us-west1",
adminClusterMembership: "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bareMetalVersion: "1.12.3",
networkConfig: {
islandModeCidr: {
serviceAddressCidrBlocks: ["172.26.0.0/16"],
podAddressCidrBlocks: ["10.240.0.0/13"],
},
},
controlPlane: {
controlPlaneNodePoolConfig: {
nodePoolConfig: {
labels: {},
operatingSystem: "LINUX",
nodeConfigs: [{
labels: {},
nodeIp: "10.200.0.9",
}],
},
},
},
loadBalancer: {
portConfig: {
controlPlaneLoadBalancerPort: 443,
},
vipConfig: {
controlPlaneVip: "10.200.0.13",
ingressVip: "10.200.0.14",
},
manualLbConfig: {
enabled: true,
},
},
storage: {
lvpShareConfig: {
lvpConfig: {
path: "/mnt/localpv-share",
storageClass: "local-shared",
},
sharedPathPvCount: 5,
},
lvpNodeMountsConfig: {
path: "/mnt/localpv-disk",
storageClass: "local-disks",
},
},
securityConfig: {
authorization: {
adminUsers: [{
username: "admin@hashicorptest.com",
}],
},
},
binaryAuthorization: {
evaluationMode: "DISABLED",
},
upgradePolicy: {
policy: "SERIAL",
},
});
import pulumi
import pulumi_gcp as gcp
cluster_manuallb = gcp.gkeonprem.BareMetalCluster("cluster-manuallb",
name="cluster-manuallb",
location="us-west1",
admin_cluster_membership="projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bare_metal_version="1.12.3",
network_config={
"island_mode_cidr": {
"service_address_cidr_blocks": ["172.26.0.0/16"],
"pod_address_cidr_blocks": ["10.240.0.0/13"],
},
},
control_plane={
"control_plane_node_pool_config": {
"node_pool_config": {
"labels": {},
"operating_system": "LINUX",
"node_configs": [{
"labels": {},
"node_ip": "10.200.0.9",
}],
},
},
},
load_balancer={
"port_config": {
"control_plane_load_balancer_port": 443,
},
"vip_config": {
"control_plane_vip": "10.200.0.13",
"ingress_vip": "10.200.0.14",
},
"manual_lb_config": {
"enabled": True,
},
},
storage={
"lvp_share_config": {
"lvp_config": {
"path": "/mnt/localpv-share",
"storage_class": "local-shared",
},
"shared_path_pv_count": 5,
},
"lvp_node_mounts_config": {
"path": "/mnt/localpv-disk",
"storage_class": "local-disks",
},
},
security_config={
"authorization": {
"admin_users": [{
"username": "admin@hashicorptest.com",
}],
},
},
binary_authorization={
"evaluation_mode": "DISABLED",
},
upgrade_policy={
"policy": "SERIAL",
})
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/gkeonprem"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := gkeonprem.NewBareMetalCluster(ctx, "cluster-manuallb", &gkeonprem.BareMetalClusterArgs{
Name: pulumi.String("cluster-manuallb"),
Location: pulumi.String("us-west1"),
AdminClusterMembership: pulumi.String("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"),
BareMetalVersion: pulumi.String("1.12.3"),
NetworkConfig: &gkeonprem.BareMetalClusterNetworkConfigArgs{
IslandModeCidr: &gkeonprem.BareMetalClusterNetworkConfigIslandModeCidrArgs{
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("172.26.0.0/16"),
},
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.240.0.0/13"),
},
},
},
ControlPlane: &gkeonprem.BareMetalClusterControlPlaneArgs{
ControlPlaneNodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs{
NodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs{
Labels: pulumi.StringMap{},
OperatingSystem: pulumi.String("LINUX"),
NodeConfigs: gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArray{
&gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs{
Labels: pulumi.StringMap{},
NodeIp: pulumi.String("10.200.0.9"),
},
},
},
},
},
LoadBalancer: &gkeonprem.BareMetalClusterLoadBalancerArgs{
PortConfig: &gkeonprem.BareMetalClusterLoadBalancerPortConfigArgs{
ControlPlaneLoadBalancerPort: pulumi.Int(443),
},
VipConfig: &gkeonprem.BareMetalClusterLoadBalancerVipConfigArgs{
ControlPlaneVip: pulumi.String("10.200.0.13"),
IngressVip: pulumi.String("10.200.0.14"),
},
ManualLbConfig: &gkeonprem.BareMetalClusterLoadBalancerManualLbConfigArgs{
Enabled: pulumi.Bool(true),
},
},
Storage: &gkeonprem.BareMetalClusterStorageArgs{
LvpShareConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigArgs{
LvpConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigLvpConfigArgs{
Path: pulumi.String("/mnt/localpv-share"),
StorageClass: pulumi.String("local-shared"),
},
SharedPathPvCount: pulumi.Int(5),
},
LvpNodeMountsConfig: &gkeonprem.BareMetalClusterStorageLvpNodeMountsConfigArgs{
Path: pulumi.String("/mnt/localpv-disk"),
StorageClass: pulumi.String("local-disks"),
},
},
SecurityConfig: &gkeonprem.BareMetalClusterSecurityConfigArgs{
Authorization: &gkeonprem.BareMetalClusterSecurityConfigAuthorizationArgs{
AdminUsers: gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArray{
&gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs{
Username: pulumi.String("admin@hashicorptest.com"),
},
},
},
},
BinaryAuthorization: &gkeonprem.BareMetalClusterBinaryAuthorizationArgs{
EvaluationMode: pulumi.String("DISABLED"),
},
UpgradePolicy: &gkeonprem.BareMetalClusterUpgradePolicyArgs{
Policy: pulumi.String("SERIAL"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var cluster_manuallb = new Gcp.GkeOnPrem.BareMetalCluster("cluster-manuallb", new()
{
Name = "cluster-manuallb",
Location = "us-west1",
AdminClusterMembership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
BareMetalVersion = "1.12.3",
NetworkConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigArgs
{
IslandModeCidr = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs
{
ServiceAddressCidrBlocks = new[]
{
"172.26.0.0/16",
},
PodAddressCidrBlocks = new[]
{
"10.240.0.0/13",
},
},
},
ControlPlane = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneArgs
{
ControlPlaneNodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs
{
NodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs
{
Labels = null,
OperatingSystem = "LINUX",
NodeConfigs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs
{
Labels = null,
NodeIp = "10.200.0.9",
},
},
},
},
},
LoadBalancer = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerArgs
{
PortConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerPortConfigArgs
{
ControlPlaneLoadBalancerPort = 443,
},
VipConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerVipConfigArgs
{
ControlPlaneVip = "10.200.0.13",
IngressVip = "10.200.0.14",
},
ManualLbConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerManualLbConfigArgs
{
Enabled = true,
},
},
Storage = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageArgs
{
LvpShareConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigArgs
{
LvpConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs
{
Path = "/mnt/localpv-share",
StorageClass = "local-shared",
},
SharedPathPvCount = 5,
},
LvpNodeMountsConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs
{
Path = "/mnt/localpv-disk",
StorageClass = "local-disks",
},
},
SecurityConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigArgs
{
Authorization = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs
{
Username = "admin@hashicorptest.com",
},
},
},
},
BinaryAuthorization = new Gcp.GkeOnPrem.Inputs.BareMetalClusterBinaryAuthorizationArgs
{
EvaluationMode = "DISABLED",
},
UpgradePolicy = new Gcp.GkeOnPrem.Inputs.BareMetalClusterUpgradePolicyArgs
{
Policy = "SERIAL",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.gkeonprem.BareMetalCluster;
import com.pulumi.gcp.gkeonprem.BareMetalClusterArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerPortConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerVipConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerManualLbConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigAuthorizationArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterBinaryAuthorizationArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterUpgradePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cluster_manuallb = new BareMetalCluster("cluster-manuallb", BareMetalClusterArgs.builder()
.name("cluster-manuallb")
.location("us-west1")
.adminClusterMembership("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test")
.bareMetalVersion("1.12.3")
.networkConfig(BareMetalClusterNetworkConfigArgs.builder()
.islandModeCidr(BareMetalClusterNetworkConfigIslandModeCidrArgs.builder()
.serviceAddressCidrBlocks("172.26.0.0/16")
.podAddressCidrBlocks("10.240.0.0/13")
.build())
.build())
.controlPlane(BareMetalClusterControlPlaneArgs.builder()
.controlPlaneNodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs.builder()
.nodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs.builder()
.labels(Map.ofEntries(
))
.operatingSystem("LINUX")
.nodeConfigs(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs.builder()
.labels(Map.ofEntries(
))
.nodeIp("10.200.0.9")
.build())
.build())
.build())
.build())
.loadBalancer(BareMetalClusterLoadBalancerArgs.builder()
.portConfig(BareMetalClusterLoadBalancerPortConfigArgs.builder()
.controlPlaneLoadBalancerPort(443)
.build())
.vipConfig(BareMetalClusterLoadBalancerVipConfigArgs.builder()
.controlPlaneVip("10.200.0.13")
.ingressVip("10.200.0.14")
.build())
.manualLbConfig(BareMetalClusterLoadBalancerManualLbConfigArgs.builder()
.enabled(true)
.build())
.build())
.storage(BareMetalClusterStorageArgs.builder()
.lvpShareConfig(BareMetalClusterStorageLvpShareConfigArgs.builder()
.lvpConfig(BareMetalClusterStorageLvpShareConfigLvpConfigArgs.builder()
.path("/mnt/localpv-share")
.storageClass("local-shared")
.build())
.sharedPathPvCount(5)
.build())
.lvpNodeMountsConfig(BareMetalClusterStorageLvpNodeMountsConfigArgs.builder()
.path("/mnt/localpv-disk")
.storageClass("local-disks")
.build())
.build())
.securityConfig(BareMetalClusterSecurityConfigArgs.builder()
.authorization(BareMetalClusterSecurityConfigAuthorizationArgs.builder()
.adminUsers(BareMetalClusterSecurityConfigAuthorizationAdminUserArgs.builder()
.username("admin@hashicorptest.com")
.build())
.build())
.build())
.binaryAuthorization(BareMetalClusterBinaryAuthorizationArgs.builder()
.evaluationMode("DISABLED")
.build())
.upgradePolicy(BareMetalClusterUpgradePolicyArgs.builder()
.policy("SERIAL")
.build())
.build());
}
}
resources:
cluster-manuallb:
type: gcp:gkeonprem:BareMetalCluster
properties:
name: cluster-manuallb
location: us-west1
adminClusterMembership: projects/870316890899/locations/global/memberships/gkeonprem-terraform-test
bareMetalVersion: 1.12.3
networkConfig:
islandModeCidr:
serviceAddressCidrBlocks:
- 172.26.0.0/16
podAddressCidrBlocks:
- 10.240.0.0/13
controlPlane:
controlPlaneNodePoolConfig:
nodePoolConfig:
labels: {}
operatingSystem: LINUX
nodeConfigs:
- labels: {}
nodeIp: 10.200.0.9
loadBalancer:
portConfig:
controlPlaneLoadBalancerPort: 443
vipConfig:
controlPlaneVip: 10.200.0.13
ingressVip: 10.200.0.14
manualLbConfig:
enabled: true
storage:
lvpShareConfig:
lvpConfig:
path: /mnt/localpv-share
storageClass: local-shared
sharedPathPvCount: 5
lvpNodeMountsConfig:
path: /mnt/localpv-disk
storageClass: local-disks
securityConfig:
authorization:
adminUsers:
- username: admin@hashicorptest.com
binaryAuthorization:
evaluationMode: DISABLED
upgradePolicy:
policy: SERIAL
The manualLbConfig.enabled property disables automated load balancer provisioning. You must configure your external load balancer to route traffic to the controlPlaneVip and ingressVip addresses. This example also shows binaryAuthorization for image validation and upgradePolicy for controlling cluster upgrades.
Enable BGP load balancing with advanced networking
Production clusters often require BGP integration for dynamic routing and advanced networking features like SR-IOV for high-performance workloads.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const cluster_bgplb = new gcp.gkeonprem.BareMetalCluster("cluster-bgplb", {
name: "cluster-bgplb",
location: "us-west1",
adminClusterMembership: "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bareMetalVersion: "1.12.3",
networkConfig: {
islandModeCidr: {
serviceAddressCidrBlocks: ["172.26.0.0/16"],
podAddressCidrBlocks: ["10.240.0.0/13"],
},
advancedNetworking: true,
multipleNetworkInterfacesConfig: {
enabled: true,
},
srIovConfig: {
enabled: true,
},
},
controlPlane: {
controlPlaneNodePoolConfig: {
nodePoolConfig: {
labels: {},
operatingSystem: "LINUX",
nodeConfigs: [{
labels: {},
nodeIp: "10.200.0.9",
}],
taints: [{
key: "test-key",
value: "test-value",
effect: "NO_EXECUTE",
}],
},
},
apiServerArgs: [{
argument: "test-argument",
value: "test-value",
}],
},
loadBalancer: {
portConfig: {
controlPlaneLoadBalancerPort: 443,
},
vipConfig: {
controlPlaneVip: "10.200.0.13",
ingressVip: "10.200.0.14",
},
bgpLbConfig: {
asn: 123456,
bgpPeerConfigs: [{
asn: 123457,
ipAddress: "10.0.0.1",
controlPlaneNodes: ["test-node"],
}],
addressPools: [{
pool: "pool1",
addresses: [
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
],
}],
loadBalancerNodePoolConfig: {
nodePoolConfig: {
labels: {},
operatingSystem: "LINUX",
nodeConfigs: [{
labels: {},
nodeIp: "10.200.0.9",
}],
taints: [{
key: "test-key",
value: "test-value",
effect: "NO_EXECUTE",
}],
kubeletConfig: {
registryPullQps: 10,
registryBurst: 12,
serializeImagePullsDisabled: true,
},
},
},
},
},
storage: {
lvpShareConfig: {
lvpConfig: {
path: "/mnt/localpv-share",
storageClass: "local-shared",
},
sharedPathPvCount: 5,
},
lvpNodeMountsConfig: {
path: "/mnt/localpv-disk",
storageClass: "local-disks",
},
},
securityConfig: {
authorization: {
adminUsers: [{
username: "admin@hashicorptest.com",
}],
},
},
proxy: {
uri: "http://test-domain/test",
noProxies: ["127.0.0.1"],
},
clusterOperations: {
enableApplicationLogs: true,
},
maintenanceConfig: {
maintenanceAddressCidrBlocks: ["192.168.0.1/20"],
},
nodeConfig: {
maxPodsPerNode: 10,
containerRuntime: "CONTAINERD",
},
nodeAccessConfig: {
loginUser: "test@example.com",
},
osEnvironmentConfig: {
packageRepoExcluded: true,
},
});
import pulumi
import pulumi_gcp as gcp
cluster_bgplb = gcp.gkeonprem.BareMetalCluster("cluster-bgplb",
name="cluster-bgplb",
location="us-west1",
admin_cluster_membership="projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
bare_metal_version="1.12.3",
network_config={
"island_mode_cidr": {
"service_address_cidr_blocks": ["172.26.0.0/16"],
"pod_address_cidr_blocks": ["10.240.0.0/13"],
},
"advanced_networking": True,
"multiple_network_interfaces_config": {
"enabled": True,
},
"sr_iov_config": {
"enabled": True,
},
},
control_plane={
"control_plane_node_pool_config": {
"node_pool_config": {
"labels": {},
"operating_system": "LINUX",
"node_configs": [{
"labels": {},
"node_ip": "10.200.0.9",
}],
"taints": [{
"key": "test-key",
"value": "test-value",
"effect": "NO_EXECUTE",
}],
},
},
"api_server_args": [{
"argument": "test-argument",
"value": "test-value",
}],
},
load_balancer={
"port_config": {
"control_plane_load_balancer_port": 443,
},
"vip_config": {
"control_plane_vip": "10.200.0.13",
"ingress_vip": "10.200.0.14",
},
"bgp_lb_config": {
"asn": 123456,
"bgp_peer_configs": [{
"asn": 123457,
"ip_address": "10.0.0.1",
"control_plane_nodes": ["test-node"],
}],
"address_pools": [{
"pool": "pool1",
"addresses": [
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
],
}],
"load_balancer_node_pool_config": {
"node_pool_config": {
"labels": {},
"operating_system": "LINUX",
"node_configs": [{
"labels": {},
"node_ip": "10.200.0.9",
}],
"taints": [{
"key": "test-key",
"value": "test-value",
"effect": "NO_EXECUTE",
}],
"kubelet_config": {
"registry_pull_qps": 10,
"registry_burst": 12,
"serialize_image_pulls_disabled": True,
},
},
},
},
},
storage={
"lvp_share_config": {
"lvp_config": {
"path": "/mnt/localpv-share",
"storage_class": "local-shared",
},
"shared_path_pv_count": 5,
},
"lvp_node_mounts_config": {
"path": "/mnt/localpv-disk",
"storage_class": "local-disks",
},
},
security_config={
"authorization": {
"admin_users": [{
"username": "admin@hashicorptest.com",
}],
},
},
proxy={
"uri": "http://test-domain/test",
"no_proxies": ["127.0.0.1"],
},
cluster_operations={
"enable_application_logs": True,
},
maintenance_config={
"maintenance_address_cidr_blocks": ["192.168.0.1/20"],
},
node_config={
"max_pods_per_node": 10,
"container_runtime": "CONTAINERD",
},
node_access_config={
"login_user": "test@example.com",
},
os_environment_config={
"package_repo_excluded": True,
})
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/gkeonprem"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := gkeonprem.NewBareMetalCluster(ctx, "cluster-bgplb", &gkeonprem.BareMetalClusterArgs{
Name: pulumi.String("cluster-bgplb"),
Location: pulumi.String("us-west1"),
AdminClusterMembership: pulumi.String("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test"),
BareMetalVersion: pulumi.String("1.12.3"),
NetworkConfig: &gkeonprem.BareMetalClusterNetworkConfigArgs{
IslandModeCidr: &gkeonprem.BareMetalClusterNetworkConfigIslandModeCidrArgs{
ServiceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("172.26.0.0/16"),
},
PodAddressCidrBlocks: pulumi.StringArray{
pulumi.String("10.240.0.0/13"),
},
},
AdvancedNetworking: pulumi.Bool(true),
MultipleNetworkInterfacesConfig: &gkeonprem.BareMetalClusterNetworkConfigMultipleNetworkInterfacesConfigArgs{
Enabled: pulumi.Bool(true),
},
SrIovConfig: &gkeonprem.BareMetalClusterNetworkConfigSrIovConfigArgs{
Enabled: pulumi.Bool(true),
},
},
ControlPlane: &gkeonprem.BareMetalClusterControlPlaneArgs{
ControlPlaneNodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs{
NodePoolConfig: &gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs{
Labels: pulumi.StringMap{},
OperatingSystem: pulumi.String("LINUX"),
NodeConfigs: gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArray{
&gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs{
Labels: pulumi.StringMap{},
NodeIp: pulumi.String("10.200.0.9"),
},
},
Taints: gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigTaintArray{
&gkeonprem.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigTaintArgs{
Key: pulumi.String("test-key"),
Value: pulumi.String("test-value"),
Effect: pulumi.String("NO_EXECUTE"),
},
},
},
},
ApiServerArgs: gkeonprem.BareMetalClusterControlPlaneApiServerArgArray{
&gkeonprem.BareMetalClusterControlPlaneApiServerArgArgs{
Argument: pulumi.String("test-argument"),
Value: pulumi.String("test-value"),
},
},
},
LoadBalancer: &gkeonprem.BareMetalClusterLoadBalancerArgs{
PortConfig: &gkeonprem.BareMetalClusterLoadBalancerPortConfigArgs{
ControlPlaneLoadBalancerPort: pulumi.Int(443),
},
VipConfig: &gkeonprem.BareMetalClusterLoadBalancerVipConfigArgs{
ControlPlaneVip: pulumi.String("10.200.0.13"),
IngressVip: pulumi.String("10.200.0.14"),
},
BgpLbConfig: &gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigArgs{
Asn: pulumi.Int(123456),
BgpPeerConfigs: gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigBgpPeerConfigArray{
&gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigBgpPeerConfigArgs{
Asn: pulumi.Int(123457),
IpAddress: pulumi.String("10.0.0.1"),
ControlPlaneNodes: pulumi.StringArray{
pulumi.String("test-node"),
},
},
},
AddressPools: gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigAddressPoolArray{
&gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigAddressPoolArgs{
Pool: pulumi.String("pool1"),
Addresses: pulumi.StringArray{
pulumi.String("10.200.0.14/32"),
pulumi.String("10.200.0.15/32"),
pulumi.String("10.200.0.16/32"),
pulumi.String("10.200.0.17/32"),
pulumi.String("10.200.0.18/32"),
pulumi.String("fd00:1::f/128"),
pulumi.String("fd00:1::10/128"),
pulumi.String("fd00:1::11/128"),
pulumi.String("fd00:1::12/128"),
},
},
},
LoadBalancerNodePoolConfig: &gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigArgs{
NodePoolConfig: &gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigArgs{
Labels: pulumi.StringMap{},
OperatingSystem: pulumi.String("LINUX"),
NodeConfigs: gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigNodeConfigArray{
&gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigNodeConfigArgs{
Labels: pulumi.StringMap{},
NodeIp: pulumi.String("10.200.0.9"),
},
},
Taints: gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigTaintArray{
&gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigTaintArgs{
Key: pulumi.String("test-key"),
Value: pulumi.String("test-value"),
Effect: pulumi.String("NO_EXECUTE"),
},
},
KubeletConfig: &gkeonprem.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigKubeletConfigArgs{
RegistryPullQps: pulumi.Int(10),
RegistryBurst: pulumi.Int(12),
SerializeImagePullsDisabled: pulumi.Bool(true),
},
},
},
},
},
Storage: &gkeonprem.BareMetalClusterStorageArgs{
LvpShareConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigArgs{
LvpConfig: &gkeonprem.BareMetalClusterStorageLvpShareConfigLvpConfigArgs{
Path: pulumi.String("/mnt/localpv-share"),
StorageClass: pulumi.String("local-shared"),
},
SharedPathPvCount: pulumi.Int(5),
},
LvpNodeMountsConfig: &gkeonprem.BareMetalClusterStorageLvpNodeMountsConfigArgs{
Path: pulumi.String("/mnt/localpv-disk"),
StorageClass: pulumi.String("local-disks"),
},
},
SecurityConfig: &gkeonprem.BareMetalClusterSecurityConfigArgs{
Authorization: &gkeonprem.BareMetalClusterSecurityConfigAuthorizationArgs{
AdminUsers: gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArray{
&gkeonprem.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs{
Username: pulumi.String("admin@hashicorptest.com"),
},
},
},
},
Proxy: &gkeonprem.BareMetalClusterProxyArgs{
Uri: pulumi.String("http://test-domain/test"),
NoProxies: pulumi.StringArray{
pulumi.String("127.0.0.1"),
},
},
ClusterOperations: &gkeonprem.BareMetalClusterClusterOperationsArgs{
EnableApplicationLogs: pulumi.Bool(true),
},
MaintenanceConfig: &gkeonprem.BareMetalClusterMaintenanceConfigArgs{
MaintenanceAddressCidrBlocks: pulumi.StringArray{
pulumi.String("192.168.0.1/20"),
},
},
NodeConfig: &gkeonprem.BareMetalClusterNodeConfigArgs{
MaxPodsPerNode: pulumi.Int(10),
ContainerRuntime: pulumi.String("CONTAINERD"),
},
NodeAccessConfig: &gkeonprem.BareMetalClusterNodeAccessConfigArgs{
LoginUser: pulumi.String("test@example.com"),
},
OsEnvironmentConfig: &gkeonprem.BareMetalClusterOsEnvironmentConfigArgs{
PackageRepoExcluded: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var cluster_bgplb = new Gcp.GkeOnPrem.BareMetalCluster("cluster-bgplb", new()
{
Name = "cluster-bgplb",
Location = "us-west1",
AdminClusterMembership = "projects/870316890899/locations/global/memberships/gkeonprem-terraform-test",
BareMetalVersion = "1.12.3",
NetworkConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigArgs
{
IslandModeCidr = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs
{
ServiceAddressCidrBlocks = new[]
{
"172.26.0.0/16",
},
PodAddressCidrBlocks = new[]
{
"10.240.0.0/13",
},
},
AdvancedNetworking = true,
MultipleNetworkInterfacesConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigMultipleNetworkInterfacesConfigArgs
{
Enabled = true,
},
SrIovConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNetworkConfigSrIovConfigArgs
{
Enabled = true,
},
},
ControlPlane = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneArgs
{
ControlPlaneNodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs
{
NodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs
{
Labels = null,
OperatingSystem = "LINUX",
NodeConfigs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs
{
Labels = null,
NodeIp = "10.200.0.9",
},
},
Taints = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigTaintArgs
{
Key = "test-key",
Value = "test-value",
Effect = "NO_EXECUTE",
},
},
},
},
ApiServerArgs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterControlPlaneApiServerArgArgs
{
Argument = "test-argument",
Value = "test-value",
},
},
},
LoadBalancer = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerArgs
{
PortConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerPortConfigArgs
{
ControlPlaneLoadBalancerPort = 443,
},
VipConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerVipConfigArgs
{
ControlPlaneVip = "10.200.0.13",
IngressVip = "10.200.0.14",
},
BgpLbConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigArgs
{
Asn = 123456,
BgpPeerConfigs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigBgpPeerConfigArgs
{
Asn = 123457,
IpAddress = "10.0.0.1",
ControlPlaneNodes = new[]
{
"test-node",
},
},
},
AddressPools = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigAddressPoolArgs
{
Pool = "pool1",
Addresses = new[]
{
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128",
},
},
},
LoadBalancerNodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigArgs
{
NodePoolConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigArgs
{
Labels = null,
OperatingSystem = "LINUX",
NodeConfigs = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigNodeConfigArgs
{
Labels = null,
NodeIp = "10.200.0.9",
},
},
Taints = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigTaintArgs
{
Key = "test-key",
Value = "test-value",
Effect = "NO_EXECUTE",
},
},
KubeletConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigKubeletConfigArgs
{
RegistryPullQps = 10,
RegistryBurst = 12,
SerializeImagePullsDisabled = true,
},
},
},
},
},
Storage = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageArgs
{
LvpShareConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigArgs
{
LvpConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs
{
Path = "/mnt/localpv-share",
StorageClass = "local-shared",
},
SharedPathPvCount = 5,
},
LvpNodeMountsConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs
{
Path = "/mnt/localpv-disk",
StorageClass = "local-disks",
},
},
SecurityConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigArgs
{
Authorization = new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationArgs
{
AdminUsers = new[]
{
new Gcp.GkeOnPrem.Inputs.BareMetalClusterSecurityConfigAuthorizationAdminUserArgs
{
Username = "admin@hashicorptest.com",
},
},
},
},
Proxy = new Gcp.GkeOnPrem.Inputs.BareMetalClusterProxyArgs
{
Uri = "http://test-domain/test",
NoProxies = new[]
{
"127.0.0.1",
},
},
ClusterOperations = new Gcp.GkeOnPrem.Inputs.BareMetalClusterClusterOperationsArgs
{
EnableApplicationLogs = true,
},
MaintenanceConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterMaintenanceConfigArgs
{
MaintenanceAddressCidrBlocks = new[]
{
"192.168.0.1/20",
},
},
NodeConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNodeConfigArgs
{
MaxPodsPerNode = 10,
ContainerRuntime = "CONTAINERD",
},
NodeAccessConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterNodeAccessConfigArgs
{
LoginUser = "test@example.com",
},
OsEnvironmentConfig = new Gcp.GkeOnPrem.Inputs.BareMetalClusterOsEnvironmentConfigArgs
{
PackageRepoExcluded = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.gkeonprem.BareMetalCluster;
import com.pulumi.gcp.gkeonprem.BareMetalClusterArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigIslandModeCidrArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigMultipleNetworkInterfacesConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNetworkConfigSrIovConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerPortConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerVipConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerBgpLbConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigKubeletConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpShareConfigLvpConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterStorageLvpNodeMountsConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterSecurityConfigAuthorizationArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterProxyArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterClusterOperationsArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterMaintenanceConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNodeConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterNodeAccessConfigArgs;
import com.pulumi.gcp.gkeonprem.inputs.BareMetalClusterOsEnvironmentConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cluster_bgplb = new BareMetalCluster("cluster-bgplb", BareMetalClusterArgs.builder()
.name("cluster-bgplb")
.location("us-west1")
.adminClusterMembership("projects/870316890899/locations/global/memberships/gkeonprem-terraform-test")
.bareMetalVersion("1.12.3")
.networkConfig(BareMetalClusterNetworkConfigArgs.builder()
.islandModeCidr(BareMetalClusterNetworkConfigIslandModeCidrArgs.builder()
.serviceAddressCidrBlocks("172.26.0.0/16")
.podAddressCidrBlocks("10.240.0.0/13")
.build())
.advancedNetworking(true)
.multipleNetworkInterfacesConfig(BareMetalClusterNetworkConfigMultipleNetworkInterfacesConfigArgs.builder()
.enabled(true)
.build())
.srIovConfig(BareMetalClusterNetworkConfigSrIovConfigArgs.builder()
.enabled(true)
.build())
.build())
.controlPlane(BareMetalClusterControlPlaneArgs.builder()
.controlPlaneNodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigArgs.builder()
.nodePoolConfig(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigArgs.builder()
.labels(Map.ofEntries(
))
.operatingSystem("LINUX")
.nodeConfigs(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigNodeConfigArgs.builder()
.labels(Map.ofEntries(
))
.nodeIp("10.200.0.9")
.build())
.taints(BareMetalClusterControlPlaneControlPlaneNodePoolConfigNodePoolConfigTaintArgs.builder()
.key("test-key")
.value("test-value")
.effect("NO_EXECUTE")
.build())
.build())
.build())
.apiServerArgs(BareMetalClusterControlPlaneApiServerArgArgs.builder()
.argument("test-argument")
.value("test-value")
.build())
.build())
.loadBalancer(BareMetalClusterLoadBalancerArgs.builder()
.portConfig(BareMetalClusterLoadBalancerPortConfigArgs.builder()
.controlPlaneLoadBalancerPort(443)
.build())
.vipConfig(BareMetalClusterLoadBalancerVipConfigArgs.builder()
.controlPlaneVip("10.200.0.13")
.ingressVip("10.200.0.14")
.build())
.bgpLbConfig(BareMetalClusterLoadBalancerBgpLbConfigArgs.builder()
.asn(123456)
.bgpPeerConfigs(BareMetalClusterLoadBalancerBgpLbConfigBgpPeerConfigArgs.builder()
.asn(123457)
.ipAddress("10.0.0.1")
.controlPlaneNodes("test-node")
.build())
.addressPools(BareMetalClusterLoadBalancerBgpLbConfigAddressPoolArgs.builder()
.pool("pool1")
.addresses(
"10.200.0.14/32",
"10.200.0.15/32",
"10.200.0.16/32",
"10.200.0.17/32",
"10.200.0.18/32",
"fd00:1::f/128",
"fd00:1::10/128",
"fd00:1::11/128",
"fd00:1::12/128")
.build())
.loadBalancerNodePoolConfig(BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigArgs.builder()
.nodePoolConfig(BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigArgs.builder()
.labels(Map.ofEntries(
))
.operatingSystem("LINUX")
.nodeConfigs(BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigNodeConfigArgs.builder()
.labels(Map.ofEntries(
))
.nodeIp("10.200.0.9")
.build())
.taints(BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigTaintArgs.builder()
.key("test-key")
.value("test-value")
.effect("NO_EXECUTE")
.build())
.kubeletConfig(BareMetalClusterLoadBalancerBgpLbConfigLoadBalancerNodePoolConfigNodePoolConfigKubeletConfigArgs.builder()
.registryPullQps(10)
.registryBurst(12)
.serializeImagePullsDisabled(true)
.build())
.build())
.build())
.build())
.build())
.storage(BareMetalClusterStorageArgs.builder()
.lvpShareConfig(BareMetalClusterStorageLvpShareConfigArgs.builder()
.lvpConfig(BareMetalClusterStorageLvpShareConfigLvpConfigArgs.builder()
.path("/mnt/localpv-share")
.storageClass("local-shared")
.build())
.sharedPathPvCount(5)
.build())
.lvpNodeMountsConfig(BareMetalClusterStorageLvpNodeMountsConfigArgs.builder()
.path("/mnt/localpv-disk")
.storageClass("local-disks")
.build())
.build())
.securityConfig(BareMetalClusterSecurityConfigArgs.builder()
.authorization(BareMetalClusterSecurityConfigAuthorizationArgs.builder()
.adminUsers(BareMetalClusterSecurityConfigAuthorizationAdminUserArgs.builder()
.username("admin@hashicorptest.com")
.build())
.build())
.build())
.proxy(BareMetalClusterProxyArgs.builder()
.uri("http://test-domain/test")
.noProxies("127.0.0.1")
.build())
.clusterOperations(BareMetalClusterClusterOperationsArgs.builder()
.enableApplicationLogs(true)
.build())
.maintenanceConfig(BareMetalClusterMaintenanceConfigArgs.builder()
.maintenanceAddressCidrBlocks("192.168.0.1/20")
.build())
.nodeConfig(BareMetalClusterNodeConfigArgs.builder()
.maxPodsPerNode(10)
.containerRuntime("CONTAINERD")
.build())
.nodeAccessConfig(BareMetalClusterNodeAccessConfigArgs.builder()
.loginUser("test@example.com")
.build())
.osEnvironmentConfig(BareMetalClusterOsEnvironmentConfigArgs.builder()
.packageRepoExcluded(true)
.build())
.build());
}
}
resources:
cluster-bgplb:
type: gcp:gkeonprem:BareMetalCluster
properties:
name: cluster-bgplb
location: us-west1
adminClusterMembership: projects/870316890899/locations/global/memberships/gkeonprem-terraform-test
bareMetalVersion: 1.12.3
networkConfig:
islandModeCidr:
serviceAddressCidrBlocks:
- 172.26.0.0/16
podAddressCidrBlocks:
- 10.240.0.0/13
advancedNetworking: true
multipleNetworkInterfacesConfig:
enabled: true
srIovConfig:
enabled: true
controlPlane:
controlPlaneNodePoolConfig:
nodePoolConfig:
labels: {}
operatingSystem: LINUX
nodeConfigs:
- labels: {}
nodeIp: 10.200.0.9
taints:
- key: test-key
value: test-value
effect: NO_EXECUTE
apiServerArgs:
- argument: test-argument
value: test-value
loadBalancer:
portConfig:
controlPlaneLoadBalancerPort: 443
vipConfig:
controlPlaneVip: 10.200.0.13
ingressVip: 10.200.0.14
bgpLbConfig:
asn: 123456
bgpPeerConfigs:
- asn: 123457
ipAddress: 10.0.0.1
controlPlaneNodes:
- test-node
addressPools:
- pool: pool1
addresses:
- 10.200.0.14/32
- 10.200.0.15/32
- 10.200.0.16/32
- 10.200.0.17/32
- 10.200.0.18/32
- fd00:1::f/128
- fd00:1::10/128
- fd00:1::11/128
- fd00:1::12/128
loadBalancerNodePoolConfig:
nodePoolConfig:
labels: {}
operatingSystem: LINUX
nodeConfigs:
- labels: {}
nodeIp: 10.200.0.9
taints:
- key: test-key
value: test-value
effect: NO_EXECUTE
kubeletConfig:
registryPullQps: 10
registryBurst: 12
serializeImagePullsDisabled: true
storage:
lvpShareConfig:
lvpConfig:
path: /mnt/localpv-share
storageClass: local-shared
sharedPathPvCount: 5
lvpNodeMountsConfig:
path: /mnt/localpv-disk
storageClass: local-disks
securityConfig:
authorization:
adminUsers:
- username: admin@hashicorptest.com
proxy:
uri: http://test-domain/test
noProxies:
- 127.0.0.1
clusterOperations:
enableApplicationLogs: true
maintenanceConfig:
maintenanceAddressCidrBlocks:
- 192.168.0.1/20
nodeConfig:
maxPodsPerNode: 10
containerRuntime: CONTAINERD
nodeAccessConfig:
loginUser: test@example.com
osEnvironmentConfig:
packageRepoExcluded: true
The bgpLbConfig replaces MetalLB with BGP-based load balancing. The asn property sets the cluster’s BGP autonomous system number, while bgpPeerConfigs defines BGP neighbors to peer with. The networkConfig enables advancedNetworking, multipleNetworkInterfacesConfig, and srIovConfig for hardware-accelerated networking. The controlPlane.apiServerArgs passes custom flags to the API server. Node-level configuration includes taints for workload scheduling and kubeletConfig for container runtime tuning. The proxy configuration routes cluster traffic through an HTTP proxy, while clusterOperations enables application log collection. The maintenanceConfig defines CIDR blocks for maintenance operations, and nodeConfig sets cluster-wide node defaults like maxPodsPerNode and containerRuntime.
Beyond these examples
These snippets focus on specific bare metal cluster features: load balancing modes (MetalLB, manual, BGP), networking configuration (island mode CIDR, advanced networking, SR-IOV), and storage provisioning (LVP shared and node mounts). They’re intentionally minimal rather than full cluster deployments.
The examples require pre-existing infrastructure such as admin cluster membership (GKE on-prem admin cluster), bare metal nodes at specified IP addresses, physical network infrastructure supporting specified CIDR blocks, and BGP routers (for BGP load balancing example). They focus on configuring the cluster rather than provisioning the underlying hardware.
To keep things focused, common bare metal patterns are omitted, including:
- Node pool scaling and autoscaling configuration
- Workload identity and service account bindings
- Monitoring and logging integrations beyond enableApplicationLogs
- Backup and disaster recovery configuration
These omissions are intentional: the goal is to illustrate how each bare metal cluster feature is wired, not provide drop-in production modules. See the BareMetalCluster resource reference for all available configuration options.
Let's deploy GCP Bare Metal Kubernetes Clusters
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Configuration & Immutability
What fields can't I change after creating the cluster?
Four fields are immutable:
adminClusterMembership, location, name, and project. Changes to these require recreating the cluster.What's required to create a bare metal cluster?
You must configure eight required fields:
adminClusterMembership, bareMetalVersion, controlPlane, loadBalancer, location, name, networkConfig, and storage.Why don't my annotations match what's in GCP?
The
annotations field is non-authoritative and only manages annotations in your configuration. Use the effectiveAnnotations output property to view all annotations present on the resource.Load Balancing
What are the three load balancer configuration options?
You can configure MetalLB (
metalLbConfig with address pools), Manual LB (manualLbConfig), or BGP (bgpLbConfig with ASN and peer configurations). Each example demonstrates a different type.What's required in the load balancer configuration?
All load balancers require
portConfig (with controlPlaneLoadBalancerPort) and vipConfig (with controlPlaneVip and ingressVip). Then add your chosen load balancer type configuration.Networking
How do I enable advanced networking features?
Set
advancedNetworking to true in networkConfig, then configure multipleNetworkInterfacesConfig and/or srIovConfig as needed.What network configuration is required?
Configure
islandModeCidr with serviceAddressCidrBlocks and podAddressCidrBlocks. Advanced features like SR-IOV are optional.Storage
What storage configuration is required?
Configure both
lvpShareConfig (for shared local volumes) and lvpNodeMountsConfig (for node-specific mounts). Each requires a path and storage class.Cluster Management
How do I import an existing bare metal cluster?
Use one of three formats:
projects/{{project}}/locations/{{location}}/bareMetalClusters/{{name}}, {{project}}/{{location}}/{{name}}, or {{location}}/{{name}}.What's the relationship between user clusters and admin clusters?
Each bare metal user cluster belongs to an admin cluster, specified via
adminClusterMembership (the full resource name of the admin cluster’s hub membership). This field is immutable.Using a different cloud?
Explore containers guides for other cloud providers: