# GCP Nodes ### Overview This guide explains how to install a StrongDM node (gateway or relay) on a Google Cloud Platform (GCP) Compute Engine instance. ### Prerequisites You must first create a Compute Engine instance, also known as a virtual machine (VM), in GCP. We recommend an e2-medium (two vCPU, four GB RAM) with any Linux distribution. Most gateways need a public IP address. Modify the firewall for this instance to allow your users to reach this server. Typically, this will be public access to port 5000; however, you may choose any non-privileged port or limit ingress to a private subnet, depending on your network configuration. Relays, however, are not exposed to the public, and do not require any ports to be exposed. ### Steps 1. Log in to the [Admin UI](https://app.strongdm.com/app/admin). 2. If using a gateway, go to **Networking** > **Gateways** and click **Add gateway**. If using a relay, go to **Networking** > **Relays** and click **Add relay**. ![](/files/SMLEq3R0GOPwbm7PdQ44) 3. Give the gateway or relay a name. 4. For a gateway, define the advertised host for the server (for example, `sdm-gw0.yourcompany.com` or `111.222.333.444`). It must be an IP or hostname accessible to your StrongDM clients. Enter the port you left open for the gateway to interact with StrongDM clients (by default, `5000`). 5. Click **Create gateway** or **Create relay**. This generates a token that is only shown to you one time. You need this token in the installation process. Carefully copy the token and save it somewhere for later use. 6. Log in to the instance you created to host your node. 7. Download the StrongDM binary: ```bash curl -J -O -L https://app.strongdm.com/releases/cli/linux ``` 8. Unzip it (if this is a new server, you may need to install a package to unzip archives, such as with `sudo apt-get install unzip` on Ubuntu distributions): ```bash unzip sdmcli_VERSION_NUMBER_linux_amd64.zip ``` 9. Install the node: ```sh sudo ./sdm install --node ``` *Follow instructions in the tab for the region of your organization's StrongDM control plane, not your own location. The default control plane region is US.* ```sh sudo ./sdm install --app-domain app.uk.strongdm.com --node ``` *Follow instructions in the tab for the region of your organization's StrongDM control plane, not your own location. The default control plane region is US.* ```sh sudo ./sdm install --app-domain app.eu.strongdm.com --node ``` ``` When you are prompted for the token you created earlier, paste it in and hit enter. Note that the token does not display in the terminal for security purposes, similar to the masking of a password. ``` {% hint style="info" %} The installer must be run by a user that exists in the `/etc/passwd` file. Any users remotely authenticated, such as with LDAP or an SSO service, may fail to complete the installation. {% endhint %} 9. In the Admin UI, go to **Networking** > **Gateways** or **Networking** > **Relays** to check the status of your node. The node you created should appear online, with a heartbeat. If it does not appear online, perform a hard refresh of your browser. If it is still not online in a few minutes, verify that the StrongDM service is running with the `ps aux|grep sdm` command on the server. Look for a line that includes `sdm relay`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.strongdm.com/admin/networking/gateways-and-relays/gcp-nodes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.