Installing PCF on GCP

Page last updated:

This guide describes how to install Pivotal Cloud Foundry (PCF) on Google Cloud Platform (GCP).

To view production-level deployment options for PCF on GCP, see the Reference Architecture for Pivotal Cloud Foundry on GCP.


The following sections describe general requirements for running PCF and specific requirements for running PCF on GCP.

General Requirements

The following are general requirements for deploying and managing a PCF deployment with Ops Manager and Elastic Runtime:

  • (Recommended) Ability to create a wildcard DNS record to point to your router or load balancer. Alternatively, you can use a service such as For example,

    Elastic Runtime gives each application its own hostname in your app domain. With a wildcard DNS record, every hostname in your domain resolves to the IP address of your router or load balancer, and you do not need to configure an A record for each app hostname. For example, if you create a DNS record * pointing to your router, every application deployed to the domain resolves to the IP address of your router.

  • (Recommended) A network without DHCP available for deploying the Elastic Runtime VMs

    Note: If you have DHCP, refer to the Troubleshooting Guide to avoid issues with your installation.

  • Sufficient IP allocation:

    • One IP address for each VM instance
    • An additional IP address for each instance that requires static IPs
    • An additional IP address for each errand
    • An additional IP address for each compilation worker: IPs needed = VM instances + static IPs + errands + compilation workers

      Note: BOSH requires that you allocate a sufficient number of additional dynamic IP addresses when configuring a reserved IP range during installation. BOSH uses these IPs during installation to compile and deploy VMs, install Elastic Runtime, and connect to services. We recommend that you allocate at least 36 dynamic IP addresses when deploying Ops Manager and Elastic Runtime.

  • The most recent version of the Cloud Foundry Command Line Interface (cf CLI)

  • One or more NTP servers if not already provided by your IaaS

GCP Requirements

You must have the following to install PCF on GCP:

  • A GCP project with sufficient quota to deploy all the VMs needed for a PCF installation. For a list of suggested quotas, see Recommended GCP Quotas.

    You can request a quota increase on the GCP Quotas page.

  • A GCP account with adequate permissions to create resources within the selected GCP project. Per the Least Privileged User principle, the permissions required to set up a GCP environment for PCF include:

    • Permissions to create firewalls, networks, load balancers, and other resources:
      • Compute Engine > Compute Instances Admin (beta)
      • Compute Engine > Compute Network Admin
      • Compute Engine > Compute Security Admin
    • If using Google Cloud Storage (GCS) for Cloud Controller file storage, permissions to create buckets:
      • Storage > Storage Admin
    • If you are using Cloud DNS, permissions to add and modify DNS entries:
      • Project > Editor

Note: When you deploy PCF, the deployment processes run under a separate service account with the minimum permissions required to install Ops Manager and ERT.

  • The Google Cloud SDK installed on your machine and authenticated to your GCP account.
  • Sufficiently high instance limits, or no instance limits, on your GCP account. The exact number of instances depends on the number of tiles and availability zones you plan to deploy. At a minimum, a new GCP deployment requires the following custom VMs:

    VM CountMachine typeMemory (in GB)
    By default, Elastic Runtime deploys the number of VM instances required to run a highly available configuration of PCF. If you are deploying a test or sandbox PCF that does not require HA, then you can scale down the number of instances in your deployment. For information about the number of instances required to run a minimal, non-HA PCF deployment, see Scaling Elastic Runtime.

  • Administrative rights to a domain for your PCF installation. You need to be able to add wildcard records to this domain. You specify this registered domain when configuring the SSL certificate and Cloud Controller for your deployment. For more information see the Providing a Certificate for your SSL Termination Point topic.

  • An SSL certificate for your PCF domain. This can be a self-signed certificate, which Ops Manager can generate for you, but Pivotal recommends using a self-signed certificate for development and testing purposes only. If you plan to deploy PCF into a production environment, you must obtain a certificate from your Certificate Authority.

Install PCF on GCP

Complete the following procedures to install PCF on GCP:

  1. Preparing to Deploy PCF on GCP

  2. Launching an Ops Manager Director Instance on GCP

  3. Configuring Ops Manager Director on GCP

  4. (Optional) Configuring a Shared VPC on GCP

  5. (Optional) Installing the PCF IPsec Add-On

  6. Deploying Elastic Runtime on GCP

Delete PCF on GCP

You can use the GCP console to remove an installation of all components, but retain the objects in your bucket for a future deployment:

Troubleshoot PCF on GCP

The troubleshooting document for PCF on GCP infrastructure.

Create a pull request or raise an issue on the source for this page in GitHub