Installing DevOps Loop on Google Kubernetes Engine (GKE)

You can install HCL DevOps Loop on a newly created GKE cluster by using the Helm chart.

Before you begin

You must have completed the following tasks:
  • Read and understood System Requirements for DevOps Loop 2025.12 (2.0.0).
  • Gained access to the cluster and installed the following tools:
    • Kubectl
    • Google Cloud SDK and Google Cloud CLI
  • Installed Helm on the system from which you access the Kubernetes cluster. For more information, refer to Installing Helm.
  • Set up a Kubernetes (GKE) cluster under the platform - Google Kubernetes Engine (GKE) and Image type - Container-Optimized OS with containerd (cos_containerd). For more information, refer to Create a cluster and deploy a workload in the Google Cloud console.
    Note: Ensured that you have enabled the Filestore CSI driver and Cloud Storage Fuse CSI driver while creating the cluster to use the GCP CSI driver storage class.
  • Prepared the required infrastructure in Google Cloud Platform (GCP). See Preparing GCP infrastructure for installing DevOps Loop on GKE.
  • Ensured that you have the following details:

    • DOMAIN (FQDN) – the hostname you created in Cloud DNS for the Loop installation.

    • STATIC_IP_ADDRESS – the global static IP mapped to the DNS A record.

    • NAMESPACE – the target Kubernetes namespace (for example: devops-loop).

Procedure

  1. Run the following command to download the GKE-Infra-Setup.sh script from the Helm chart to provision and configure the load balancer with a Google managed certificate. 
    (TMP_DIR=$(mktemp -d) && \
helm pull ibm-helm/ibm-devops-loop --untar --untardir "$TMP_DIR" --version 2.0.000 > /dev/null 2>&1 && \
sh "$TMP_DIR/ibm-devops-loop/scripts/GKE/GKE-Infra-Setup.sh" && \
rm -rf "$TMP_DIR")

    This command downloads and copies, and runs the GKE-Infra-Setup.sh script in your temporary directory.

    After you run the script, wait for certificate provisioning to complete. This process can take 10–60 minutes, depending on your cluster and DNS configuration.
  2. Perform the following steps to access the IBM Entitled Registry:
    1. Log in to the My IBM Container Software Library using the ID and password associated with your entitled software.
    2. Navigate to the Entitlement keys section and select Copy key to copy your IBM Entitled Registry entitlement key to you clipboard.
    3. Create a secret in the target namespace named hcl-entitlement-key to pull images from the HCL Harbor container registry:
      kubectl create secret docker-registry hcl-entitlement-key \
    --namespace [namespace_name] \
    --docker-username=<Harbor User ID> \
    --docker-password=<CLI secret> \
    --docker-server=hclcr.io
  3. Run the following command to add the repository: 
    helm repo add hclsoftware 
https://us-artifactory1.nonprod.hclpnp.com/artifactory/hclsoftware-helm-dev --force-update
  4. Run the following command to view the README.md file: 
    helm show readme hclsoftware-helm/hclsoftware-devops-loop
  5. Update the following parameters in the Helm installation script with the correct values:
      • DOMAIN - the FQDN created in Cloud DNS
      • TLS_CERT_SECRET_NAME – Leave it blank to use the GCP-managed certificate.
      • RWO_STORAGE_CLASS=standard-rwo OR premium-rwo as required.
      • RWX_STORAGE_CLASS=custom storage class name you have created previously for RWX under the filestore csi driver. (e.g.: custom-rwx)
  6. Run the script in the Helm README for installing DevOps Loop on GKE.

    If the installation fails due to a timeout, run the installation script again.

Results

You have installed DevOps Loop on Google Kubernetes Engine (GKE).

What to do next

You can add users and manage user access by logging in to the Keycloak instance that is installed with DevOps Loop. See User access and administration using Keycloak.