osdocs-769 BYO GCP VPC

_topic_map.yml

@@ -96,7 +96,7 @@ Topics:
     File: installing-aws-customizations
   - Name: Installing a cluster on AWS with network customizations
     File: installing-aws-network-customizations
-  - Name: Installing a cluster on AWS to an existing VPC
+  - Name: Installing a cluster on AWS into an existing VPC
     File: installing-aws-vpc
   - Name: Uninstalling a cluster on AWS
     File: uninstalling-cluster-aws
@@ -111,7 +111,7 @@ Topics:
     File: installing-azure-customizations
   - Name: Installing a cluster on Azure with network customizations
     File: installing-azure-network-customizations
-  - Name: Installing a cluster on Azure to an existing VNet
+  - Name: Installing a cluster on Azure into an existing VNet
     File: installing-azure-vnet
   - Name: Uninstalling a cluster on Azure
     File: uninstalling-cluster-azure
@@ -126,6 +126,8 @@ Topics:
     File: installing-gcp-customizations
   - Name: Installing a cluster on GCP with network customizations
     File: installing-gcp-network-customizations
+  - Name: Installing a cluster on GCP into an existing VPC
+    File: installing-gcp-vpc
   - Name: Uninstalling a cluster on GCP
     File: uninstalling-cluster-gcp
 - Name: Installing on user-provisioned AWS

installing/installing_aws/installing-aws-vpc.adoc

@@ -1,5 +1,5 @@
 [id="installing-aws-vpc"]
-= Installing a cluster on AWS to an existing VPC
+= Installing a cluster on AWS into an existing VPC
 include::modules/common-attributes.adoc[]
 :context: installing-aws-vpc
 

installing/installing_azure/installing-azure-vnet.adoc

@@ -1,5 +1,5 @@
 [id="installing-azure-vnet"]
-= Installing a cluster on Azure to an existing VNet
+= Installing a cluster on Azure into an existing VNet
 include::modules/common-attributes.adoc[]
 :context: installing-azure-vnet
 

installing/installing_gcp/installing-gcp-vpc.adoc

@@ -0,0 +1,46 @@
+[id="installing-gcp-vpc"]
+= Installing a cluster on GCP into an existing VPC
+include::modules/common-attributes.adoc[]
+:context: installing-gcp-vpc
+
+toc::[]
+
+In {product-title} version {product-version}, you can install a cluster into an existing Virtual Private Cloud (VPC) on Google Cloud Platform (GCP). The installation program provisions the rest of the required infrastructure, which you can further customize. To customize the installation, you modify
+parameters in the `install-config.yaml` file before you install the cluster.
+
+.Prerequisites
+
+* Review details about the
+xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update]
+processes.
+* xref:../../installing/installing_gcp/installing-gcp-account.adoc#installing-gcp-account[Configure a GCP account]
+to host the cluster.
+* If you use a firewall, you must
+xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configure it to allow the sites] that your cluster requires access to.
+
+include::modules/cluster-entitlements.adoc[leveloffset=+1]
+
+include::modules/ssh-agent-using.adoc[leveloffset=+1]
+
+include::modules/installation-obtaining-installer.adoc[leveloffset=+1]
+
+include::modules/installation-initializing.adoc[leveloffset=+1]
+
+include::modules/installation-configuration-parameters.adoc[leveloffset=+2]
+
+include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2]
+
+// Removing; Proxy not supported for GCP IPI for 4.2
+// include::modules/installation-configure-proxy.adoc[leveloffset=+2]
+
+include::modules/installation-launching-installer.adoc[leveloffset=+1]
+
+include::modules/cli-installing-cli.adoc[leveloffset=+1]
+
+include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]
+
+.Next steps
+
+* xref:../../installing/install_config/customizations.adoc#customizations[Customize your cluster].
+* If necessary, you can
+xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting].

modules/cli-installing-cli.adoc

@@ -12,6 +12,7 @@
 // * installing/installing_bare_metal/installing-bare-metal.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_gcp_user_infra/installing-gcp-user-infra.adoc
 // * installing/installing_restricted_networks/installing-restricted-networks-preparations.adoc
 // * installing/installing_vsphere/installing-vsphere.adoc

modules/cli-logging-in-kubeadmin.adoc

@@ -11,6 +11,7 @@
 // * installing/installing_bare_metal/installing-bare-metal.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_gcp_user_infra/installing-gcp-user-infra.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc

modules/cluster-entitlements.adoc

@@ -12,6 +12,7 @@
 // * installing/installing_bare_metal/installing-bare-metal.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
 // * installing/installing_openstack/installing-openstack-installer.adoc

modules/installation-about-custom-azure-vnet.adoc

@@ -83,9 +83,9 @@ The network security group rules must be in place before you install the cluster
 [id="installation-about-custom-azure-permissions_{context}"]
 == Division of permissions
 
-Starting with {product-title} 4.3, you do not need all of the permissions that are required for an installation program-provisioned infrastructure cluster to deploy a cluster. This change mimics the division of permissions that you might have at your company: some individuals can create different resource in your clouds than others. For example, you might be able to create application-specific items, like instances, storage, and load balancers, but not networking-related components such as VNets, subnet, or ingress rules.
+Starting with {product-title} 4.3, you do not need all of the permissions that are required for an installation program-provisioned infrastructure cluster to deploy a cluster. This change mimics the division of permissions that you might have at your company: some individuals can create different resources in your clouds than others. For example, you might be able to create application-specific items, like instances, storage, and load balancers, but not networking-related components such as VNets, subnet, or ingress rules.
 
-The Azure credentials that you use when you create your cluster do not need the networking permissions that are required to make VNets and networking core components within the VNet, such as subnets, routing tables, internet gateways, NAT, and VPN. You still need permission to make the application resources that the machines within the cluster require, such as ELBs, security groups, S3 buckets, and nodes.
+The Azure credentials that you use when you create your cluster do not need the networking permissions that are required to make VNets and core networking components within the VNet, such as subnets, routing tables, internet gateways, NAT, and VPN. You still need permission to make the application resources that the machines within the cluster require, such as ELBs, security groups, S3 buckets, and nodes.
 
 [id="installation-about-custom-azure-vnet-isolation_{context}"]
 == Isolation between clusters

modules/installation-about-custom-gcp-vpc.adoc

@@ -0,0 +1,52 @@
+// Module included in the following assemblies:
+//
+// * installing/
+
+[id="installation-about-custom-gcp-vpc_{context}"]
+= About using a custom VPC
+
+In {product-title} {product-version}, you can deploy a cluster into an existing VPC in Google Cloud Platform (GCP). If you do, you must also use existing subnets within the VPC and routing rules.
+
+By deploying {product-title} into an existing GCP VPC, you might be able to avoid limit constraints in new accounts or more easily abide by the operational constraints that your company's guidelines set. This is a good option to use if you cannot obtain the infrastructure creation permissions that are required to create the VPC yourself.
+
+[id="installation-about-custom-gcp-vpcs-requirements_{context}"]
+== Requirements for using your VPC
+
+The installation program will no longer create the following components:
+* VPC
+* Subnets
+* Cloud Router
+* Cloud NAT
+* NAT IP addresses
+
+If you use a custom VPC, you must correctly configure it and its subnets for the installation program and the cluster to use. The installation program cannot subdivide network ranges for the cluster to use, set route tables for the subnets, or set VPC options like DHCP, so you must do so before you install the cluster.
+
+Your VPC and subnets must meet the following characteristics:
+
+* The VPC must be in the same GCP project that you deploy the {product-title} cluster to.
+* To allow access to the internet from the control plane and compute machines, you must configure Cloud NAT on the subnets to allow egress to it. These machines do not have a public address. Even if you do not require access to the internet, you must allow egress to the VPC network to obtain the installation program and images. Because multiple Cloud NATs cannot be configured on the shared subnets, the installation program cannot configure it.
+
+To ensure that the subnets that you provide are suitable, the installation program confirms the following data:
+
+* All the subnets that you specify exist and belong to the VPC that you specified.
+* The subnet CIDRs belong to the machine CIDR.
+* You must provide a subnet to deploy the cluster control plane and compute machines to. You can use the same subnet for both machine types.
+
+If you destroy a cluster that uses an existing VPC, the VPC is not deleted.
+
+[id="installation-about-custom-gcp-permissions_{context}"]
+== Division of permissions
+
+Starting with {product-title} 4.3, you do not need all of the permissions that are required for an installation program-provisioned infrastructure cluster to deploy a cluster. This change mimics the division of permissions that you might have at your company: some individuals can create different resources in your clouds than others. For example, you might be able to create application-specific items, like instances, buckets, and load balancers, but not networking-related components such as VPCs, subnets, or ingress rules.
+
+The GCP credentials that you use when you create your cluster do not need the networking permissions that are required to make VPCs and core networking components within the VPC, such as subnets, routing tables, internet gateways, NAT, and VPN. You still need permission to make the application resources that the machines within the cluster require, such as load balancers, security groups, storage, and nodes.
+
+[id="installation-about-custom-gcp-vpcs-isolation_{context}"]
+== Isolation between clusters
+
+If you deploy {product-title} to an existing network, the isolation of cluster services is preserved by firewall rules that reference the machines in your cluster by the cluster's infrastructure ID. Only traffic within the cluster is allowed.
+
+If you deploy multiple clusters to the same VPC, the following components might share access between clusters:
+
+* The API, which is globally available with an external publishing strategy or available throughout the network in an internal publishing strategy
+* Debugging tools, such as ports on VM instances that are open to the machineCidr for SSH and ICMP access

modules/installation-azure-config-yaml.adoc

@@ -77,12 +77,14 @@ ifdef::vnet[]
 endif::vnet[]
 pullSecret: '{"auths": ...}' <1>
 ifdef::vnet[]
-sshKey: ssh-ed25519 AAAA... <12>
+fips: false <12>
+sshKey: ssh-ed25519 AAAA... <13>
 endif::vnet[]
 ifndef::vnet[]
-sshKey: ssh-ed25519 AAAA... <8>
+fips: false <8>
+sshKey: ssh-ed25519 AAAA... <9>
 endif::vnet[]
-fips: false <9>
+
 ----
 <1> Required. The installation program prompts you for this value.
 <2> If you do not provide these parameters and values, the installation program provides the default value.
@@ -103,17 +105,18 @@ ifdef::vnet[]
 <9> If you use an existing VNet, specify its name.
 <10> If you use an existing VNet, specify the name of the subnet to host the control plane machines.
 <11> If you use an existing VNet, specify the name of the subnet to host the compute machines.
-<12> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
+<12> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the FIPS validated cryptography modules that are provided with {op-system} instead.
+<13> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
 endif::vnet[]
 ifndef::vnet[]
-<8> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
+<8> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the FIPS validated cryptography modules that are provided with {op-system} instead.
+<9> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
 endif::vnet[]
 +
 [NOTE]
 ====
 For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses.
 ====
-<9> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the FIPS validated cryptography modules that are provided with {op-system} instead.
 
 
 ifeval::["{context}" == "installing-azure-network-customizations"]

modules/installation-configuration-parameters.adoc

@@ -8,6 +8,7 @@
 // * installing/installing_azure/installing-azure-vnet.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-network-customizations.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
 
@@ -35,6 +36,9 @@ endif::[]
 ifeval::["{context}" == "installing-gcp-network-customizations"]
 :gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:gcp:
+endif::[]
 ifeval::["{context}" == "installing-aws-customizations"]
 :aws:
 endif::[]
@@ -352,6 +356,28 @@ with an Azure cluster.
 ====
 endif::azure[]
 
+
+ifdef::gcp[]
+.Additional Google Cloud Platform (GCP) parameters
+[cols=".^2,.^3a,.^3a",options="header"]
+|====
+|Parameter|Description|Values
+
+|`platform.gcp.network`
+|The name of the existing VPC that you want to deploy your cluster to.
+|String.
+
+|`platform.gcp.controlPlaneSubnet`
+|The name of the existing subnet in your VPC that you want to deploy your control plane machines to.
+|The subnet name.
+
+|`platform.gcp.computeSubnet`
+|The name of the existing subnet in your VPC that you want to deploy your compute machines to.
+|The subnet name.
+|====
+
+endif::gcp[]
+
 ifeval::["{context}" == "installing-aws-customizations"]
 :!aws:
 endif::[]
@@ -376,6 +402,9 @@ endif::[]
 ifeval::["{context}" == "installing-gcp-network-customizations"]
 :!gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:!gcp:
+endif::[]
 ifeval::["{context}" == "installing-aws-customizations"]
 :!aws:
 endif::[]

modules/installation-custom-aws-vpc.adoc

@@ -105,7 +105,7 @@ for them.
 [id="installation-custom-aws-vpc-validation_{context}"]
 == VPC validation
 
-To ensure that the subnets that you provide to the installation program are suitable, it confirms the following data:
+To ensure that the subnets that you provide are suitable, the installation program confirms the following data:
 
 * All the subnets that you specify exist.
 * You provide private subnets.
@@ -118,9 +118,9 @@ If you destroy a cluster that uses an existing VPC, the VPC is not deleted. When
 [id="installation-about-custom-aws-permissions_{context}"]
 == Division of permissions
 
-Starting with {product-title} 4.3, you do not need all of the permissions that are required for an installation program-provisioned infrastructure cluster to deploy a cluster. This change mimics the division of permissions that you might have at your company: some individuals can create different resource in your clouds than others. For example, you might be able to create application-specific items, like instances, buckets, and load balancers, but not networking-related components such as VPCs, subnet, or ingress rules.
+Starting with {product-title} 4.3, you do not need all of the permissions that are required for an installation program-provisioned infrastructure cluster to deploy a cluster. This change mimics the division of permissions that you might have at your company: some individuals can create different resource in your clouds than others. For example, you might be able to create application-specific items, like instances, buckets, and load balancers, but not networking-related components such as VPCs, subnets, or ingress rules.
 
-The AWS credentials that you use when you create your cluster do not need the networking permissions that are required to make VPCs and networking core components within the VPC, such as subnets, routing tables, internet gateways, NAT, and VPN. You still need permission to make the application resources that the machines within the cluster require, such as ELBs, security groups, S3 buckets, and nodes.
+The AWS credentials that you use when you create your cluster do not need the networking permissions that are required to make VPCs and core networking components within the VPC, such as subnets, routing tables, internet gateways, NAT, and VPN. You still need permission to make the application resources that the machines within the cluster require, such as ELBs, security groups, S3 buckets, and nodes.
 
 [id="installation-custom-aws-vpc-isolation_{context}"]
 == Isolation between clusters

modules/installation-gcp-config-yaml.adoc

@@ -1,6 +1,7 @@
 // Module included in the following assemblies:
 //
 // * installing/installing_gcp/installing-gcp-customizations.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 
 ifeval::["{context}" == "installing-gcp-network-customizations"]
 :with-networking:
@@ -8,6 +9,9 @@ endif::[]
 ifeval::["{context}" != "installing-gcp-network-customizations"]
 :without-networking:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:vpc:
+endif::[]
 
 [id="installation-gcp-config-yaml_{context}"]
 = Sample customized `install-config.yaml` file for GCP
@@ -64,9 +68,20 @@ platform:
   gcp:
     ProjectID: openshift-production <1>
     region: us-central-1 <1>
-fips: false <6>
+ifdef::vpc[]
+    network: existing_vpc <6>
+    controlPlaneSubnet: control_plane_subnet <7>
+    computeSubnet: compute_subnet <8>
+endif::vpc[]
 pullSecret: '{"auths": ...}' <1>
+ifndef::vpc[]
+fips: false <6>
 sshKey: ssh-ed25519 AAAA... <7>
+endif::vpc[]
+ifdef::vpc[]
+fips: false <9>
+sshKey: ssh-ed25519 AAAA... <10>
+endif::vpc[]
 ----
 <1> Required. The installation program prompts you for this value.
 <2> If you do not provide these parameters and values, the installation program provides the default value.
@@ -78,8 +93,17 @@ sshKey: ssh-ed25519 AAAA... <7>
 If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. Use larger machine types, such as `n1-standard-8`, for your machines if you disable simultaneous multithreading.
 ====
 <5> To configure faster storage for etcd, especially for larger clusters, set the storage type as `io1` and set `iops` to `2000`.
+ifdef::vpc[]
+<6> If you use an existing VPC, specify its name.
+<7> If you use an existing VPC, specify the name of the existing subnet to deploy the control plane machines to. The subnet must belong to the VPC that you specified.
+<8> If you use an existing VPC, specify the name of the existing subnet to deploy the compute machines to. The subnet must belong to the VPC that you specified.
+<9> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the FIPS validated cryptography modules that are provided with {op-system} instead.
+<10> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
+endif::vpc[]
+ifndef::vpc[]
 <6> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the FIPS validated cryptography modules that are provided with {op-system} instead.
 <7> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
+endif::vpc[]
 +
 [NOTE]
 ====
@@ -92,3 +116,6 @@ endif::[]
 ifeval::["{context}" != "installing-gcp-network-customizations"]
 :!without-networking:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:!vpc:
+endif::[]

modules/installation-gcp-permissions.adoc

@@ -9,16 +9,18 @@
 When you attach the `Owner` role to the service account that you create, you
 grant that service account all permissions, including those that are required to
 install {product-title}. To deploy an {product-title} cluster, the service
-account requires the following permissions:
+account requires the following permissions. If you deploy your cluster into an existing VPC, the service account does not require certain networking permissions, which are noted in the following lists:
 
 .Required roles for the installation program
 * Compute Admin
-* DNS Administrator
 * Security Admin
 * Service Account Admin
 * Service Account User
 * Storage Admin
 
+.Required roles for creating network resources during installation
+* DNS Administrator
+
 ifeval::["{context}" == "installing-gcp-user-infra"]
 .Required roles for user-provisioned GCP infrastructure
 * Deployment Manager Editor

modules/installation-initializing.adoc

@@ -8,6 +8,7 @@
 // * installing/installing_azure/installing-azure-vnet.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-network-customizations.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_gcp_user_infra/installing-gcp-user-infra.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
@@ -35,6 +36,9 @@ endif::[]
 ifeval::["{context}" == "installing-gcp-customizations"]
 :gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:gcp:
+endif::[]
 ifeval::["{context}" == "installing-gcp-network-customizations"]
 :gcp:
 endif::[]
@@ -217,6 +221,9 @@ endif::[]
 ifeval::["{context}" == "installing-gcp-network-customizations"]
 :!gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:!gcp:
+endif::[]
 ifeval::["{context}" == "installing-gcp-user-infra"]
 :!gcp:
 endif::[]

modules/installation-launching-installer.adoc

@@ -9,6 +9,7 @@
 // * installing/installing_azure/installing-azure-vnet.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
 // * installing/installing_openstack/installing-openstack-installer.adoc
@@ -39,6 +40,10 @@ ifeval::["{context}" == "installing-gcp-customizations"]
 :custom-config:
 :gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:custom-config:
+:gcp:
+endif::[]
 ifeval::["{context}" == "installing-gcp-default"]
 :no-config:
 :gcp:
@@ -262,6 +267,10 @@ ifeval::["{context}" == "installing-gcp-customizations"]
 :!custom-config:
 :!gcp:
 endif::[]
+ifeval::["{context}" == "installing-gcp-vpc"]
+:!custom-config:
+:!gcp:
+endif::[]
 ifeval::["{context}" == "installing-gcp-default"]
 :!no-config:
 :!gcp:

modules/installation-obtaining-installer.adoc

@@ -11,6 +11,7 @@
 // * installing/installing_bare_metal/installing-bare-metal.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
 // * installing/installing_openstack/installing-openstack-installer.adoc

modules/ssh-agent-using.adoc

@@ -11,6 +11,7 @@
 // * installing/installing_bare_metal/installing-bare-metal.adoc
 // * installing/installing_gcp/installing-gcp-customizations.adoc
 // * installing/installing_gcp/installing-gcp-default.adoc
+// * installing/installing_gcp/installing-gcp-vpc.adoc
 // * installing/installing_openstack/installing-openstack-installer-custom.adoc
 // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
 // * installing/installing_openstack/installing-openstack-installer.adoc