GKE Primer

Deploy Meridian on Google Kubernetes Engine with production-grade posture in under an hour.

Prerequisites

Google Cloud project with billing enabled
gcloud CLI authenticated and configured
kubectl installed (v1.28+)
Meridian license key provisioned in KeyAuth

Cluster Creation

Provision a regional Autopilot cluster. Autopilot removes node management overhead and enforces hardened defaults out of the box.

gcloud container clusters create-auto meridian-prod \
  --region us-central1 \
  --project meridian-gcp \
  --network default \
  --subnetwork default

Workload Identity

Bind a GCP service account to the Meridian namespace so pods authenticate without static credentials.

gcloud iam service-accounts create meridian-sa \
  --project meridian-gcp

gcloud iam service-accounts add-iam-policy-binding \
  meridian-sa@meridian-gcp.iam.gserviceaccount.com \
  --role roles/iam.workloadIdentityUser \
  --member "serviceAccount:meridian-gcp.svc.id.goog[meridian/meridian]"

Deploy Meridian

Apply the namespace, deployment, and service manifests. The Meridian image pulls from our private Artifact Registry.

kubectl create namespace meridian
kubectl annotate serviceaccount meridian \
  --namespace meridian \
  iam.gke.io/gcp-service-account=meridian-sa@meridian-gcp.iam.gserviceaccount.com

kubectl apply -f https://cdn.getnimbus.net/manifests/meridian-gke.yaml

Verify & Monitor

kubectl get pods -n meridian — all pods should reach Running within 60s
Check Cloud Logging for the Meridian startup sequence and license validation handshake
Enable GKE Dashboard in Cloud Monitoring for node/pod metrics

Next step: GKE Autoscaling & HPA →