Submit Feedback
CNE GCP Ready: Getting Started

CNE GCP Ready: Bootstrapping Your Initial Environment

After completing the prerequisites, run the Cloud Native Experience (CNE) bootstrap process to provision a complete GKE environment from a clean Google Cloud Platform (GCP) project.

Important

Initial Cloud Native Experience (CNE) provisioning takes approximately 45 minutes to complete.

The bootstrap process provisions multiple GCP-managed services and platform components through Terraform and Crossplane. Provisioning occurs in parallel across phases, and the environment becomes usable only after all dependencies reach a healthy state.

The longest blocking steps are typically:

  • Google Kubernetes Engine (GKE) cluster provisioning (~15 minutes)
  • Cloud SQL database provisioning (~10 minutes)
  • GitOps platform installation (Argo CD, Crossplane, External Secrets) (~5 minutes)
  • GitOps resource reconciliation (~3 minutes)
  • Liferay infrastructure provisioning and application startup (~15–20 minutes)

The LiferayInfrastructure resource must report Healthy before Liferay can start with valid service connections.

Do not interrupt the bootstrap process during provisioning.

Tip

Run the bootstrap process with the default configuration for the first deployment.

This initial deployment establishes the full platform baseline, including Terraform-managed infrastructure, Crossplane resources, and GitOps reconciliation through Argo CD.

After validating the environment, you can adjust configuration values for production workloads and re-run the bootstrap process if required.

Authenticate Your Local Environment

Before running the script, authenticate your terminal with Google Cloud.

  1. Authenticate with gcloud:

    gcloud auth login

  2. Configure Application Default Credentials:

    gcloud auth application-default login

    Terraform uses Application Default Credentials during provisioning.

Tip

If Terraform fails with an oauth2 invalid_grant or invalid_rapt error during provisioning, refresh the Application Default Credentials:

gcloud auth application-default login

Prepare the Bootstrap Directory

Create a working directory for the bootstrap process. This directory stores the bootstrap configuration and downloaded Terraform resources used during provisioning.

mkdir cne-bootstrap
cd cne-bootstrap
touch config.json

Configure the Bootstrap

The config.json file defines the full provisioning behavior for the environment:

{
   "options": {
      "auto_approve": false,
      "parallelism": 10,
      "provider": "gcp",
      "version": "1.0.1"
   },
   "variables": {
      "deployment_name": "liferay-gcp-test",
      "liferay_git_repo_url": "https://github.com/clarity/acme-gitops",
      "project_id": "your-gcp-project-id",
      "region": "us-central1",
      "liferay_git_repo_config": {
         "auth": {
            "credentials_secret_name": "liferay-credentials-gitops"
         },
         "source_paths": {},
         "target": {}
      }
   }
}
Important

The GitOps repository must be accessible by Argo CD.

The liferay_git_repo_config.auth.credentials_secret_name value must match the Secret Manager secret created during prerequisites. You can use any secret naming convention, as long as the configured values match.

Options

OptionDescription
providerSpecifies the infrastructure provider. Valid values: aws, gcp.
versionBootstrap version provided by Liferay.
auto_approveSkips confirmation prompts when set to true.
parallelismSets the maximum number of concurrent Terraform operations. Default is 10. Lower this value if you experience API rate-limiting or kubeapi overload.

For a complete list of all available GKE infrastructure and GitOps configuration variables, see Bootstrap Configuration Reference.

Variables

VariableDescription
deployment_nameIdentifier used for all provisioned resources.
project_idGCP project where infrastructure is created.
regionGCP region for all resources.
liferay_git_repo_urlGitOps repository URL.
liferay_git_repo_configGitOps authentication and deployment configuration.
liferay_git_repo_config.source_pathsGitOps repository source mapping (leave default unless customizing structure).
liferay_git_repo_config.targetArgo CD application target configuration (leave default unless customizing structure).

Run the Bootstrap Script

  1. Run the bootstrap process:

    bash <(curl -sL https://raw.githubusercontent.com/liferay/liferay-portal/master/cloud/scripts/bootstrap.sh)

    The script initializes Terraform, provisions infrastructure, and deploys the GitOps platform and Liferay resources.

  2. If auto_approve is disabled, confirm the provisioning steps when prompted.

    The process includes

    • GKE cluster provisioning
    • GitOps platform deployment (Argo CD, Crossplane, External Secrets)
    • Cloud SQL provisioning
    • Elasticsearch (ECK) deployment
    • Liferay environment initialization
Note

The bootstrap process is idempotent. Re-running the script with the same config.json reuses existing resources when possible and resumes provisioning from the last successful step.

Re-run the Bootstrap Process

If provisioning fails, update config.json and rerun the script from the same directory.

  • Existing resources may be reused depending on failure stage.

  • Partial infrastructure may already exist and cause conflicts on retry.

If failures persist, clean up the environment before retrying.

Tip

Use troubleshooting guides if repeated failures occur during provisioning or GitOps reconciliation.

Access Argo CD

When bootstrap completes, the script outputs the Argo CD credentials and initiates a port-forward.

Open Argo CD in your browser at http://localhost:8080. Log in with username admin and the password shown in the terminal output.

If you need to restart the port-forward later, run:

kubectl port-forward service/argocd-server 8080:443 \
   --namespace argocd-system

Retrieve password again:

kubectl -n argocd-system get secret argocd-initial-admin-secret \
   -o jsonpath="{.data.password}" | base64 --decode

Once all applications reach Healthy and Synced in Argo CD, the Cloud Native Experience environment is fully provisioned. The GCP infrastructure, Kubernetes cluster, GitOps platform, and Liferay runtime are operational.

Verify the Deployment

Verify the infrastructure and Liferay workloads:

kubectl get liferayinfrastructure --all-namespaces
kubectl get pods --all-namespaces -l app=liferay

The LiferayInfrastructure resource should report Healthy. The Liferay pods should be in Running state and report Ready.

To identify the provisioned Liferay namespace:

kubectl get ns | grep liferay

Continue with Configuring the Cloud Native Experience.

Capability:
Cloud
DXP Self-Hosted Installation, Maintenance, and Administration
Resource Type:
Official Documentation
Deployment Approach:
Liferay PaaS
Liferay Self-Hosted