diff --git a/osdc/base/kubernetes/git-cache/central-configmap.yaml b/osdc/base/kubernetes/base/git-cache/central-configmap.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-configmap.yaml
rename to osdc/base/kubernetes/base/git-cache/central-configmap.yaml
diff --git a/osdc/base/kubernetes/git-cache/central-headless-service.yaml b/osdc/base/kubernetes/base/git-cache/central-headless-service.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-headless-service.yaml
rename to osdc/base/kubernetes/base/git-cache/central-headless-service.yaml
diff --git a/osdc/base/kubernetes/git-cache/central-metrics-service.yaml b/osdc/base/kubernetes/base/git-cache/central-metrics-service.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-metrics-service.yaml
rename to osdc/base/kubernetes/base/git-cache/central-metrics-service.yaml
diff --git a/osdc/base/kubernetes/git-cache/central-pdb.yaml.tpl b/osdc/base/kubernetes/base/git-cache/central-pdb.yaml.tpl
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-pdb.yaml.tpl
rename to osdc/base/kubernetes/base/git-cache/central-pdb.yaml.tpl
diff --git a/osdc/base/kubernetes/git-cache/central-service.yaml b/osdc/base/kubernetes/base/git-cache/central-service.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-service.yaml
rename to osdc/base/kubernetes/base/git-cache/central-service.yaml
diff --git a/osdc/base/kubernetes/git-cache/central-statefulset.yaml.tpl b/osdc/base/kubernetes/base/git-cache/central-statefulset.yaml.tpl
similarity index 100%
rename from osdc/base/kubernetes/git-cache/central-statefulset.yaml.tpl
rename to osdc/base/kubernetes/base/git-cache/central-statefulset.yaml.tpl
diff --git a/osdc/base/kubernetes/git-cache/daemonset-configmap.yaml b/osdc/base/kubernetes/base/git-cache/daemonset-configmap.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/daemonset-configmap.yaml
rename to osdc/base/kubernetes/base/git-cache/daemonset-configmap.yaml
diff --git a/osdc/base/kubernetes/git-cache/daemonset.yaml b/osdc/base/kubernetes/base/git-cache/daemonset.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/daemonset.yaml
rename to osdc/base/kubernetes/base/git-cache/daemonset.yaml
diff --git a/osdc/base/kubernetes/git-cache/deploy.sh b/osdc/base/kubernetes/base/git-cache/deploy.sh
similarity index 100%
rename from osdc/base/kubernetes/git-cache/deploy.sh
rename to osdc/base/kubernetes/base/git-cache/deploy.sh
diff --git a/osdc/base/kubernetes/git-cache/kustomization.yaml b/osdc/base/kubernetes/base/git-cache/kustomization.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/kustomization.yaml
rename to osdc/base/kubernetes/base/git-cache/kustomization.yaml
diff --git a/osdc/base/kubernetes/git-cache/rbac.yaml b/osdc/base/kubernetes/base/git-cache/rbac.yaml
similarity index 100%
rename from osdc/base/kubernetes/git-cache/rbac.yaml
rename to osdc/base/kubernetes/base/git-cache/rbac.yaml
diff --git a/osdc/base/kubernetes/git-cache/scripts/python/.coverage b/osdc/base/kubernetes/base/git-cache/scripts/python/.coverage
similarity index 100%
rename from osdc/base/kubernetes/git-cache/scripts/python/.coverage
rename to osdc/base/kubernetes/base/git-cache/scripts/python/.coverage
diff --git a/osdc/base/kubernetes/git-cache/scripts/python/central_lib.py b/osdc/base/kubernetes/base/git-cache/scripts/python/central_lib.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/scripts/python/central_lib.py
rename to osdc/base/kubernetes/base/git-cache/scripts/python/central_lib.py
diff --git a/osdc/base/kubernetes/git-cache/scripts/python/daemonset_lib.py b/osdc/base/kubernetes/base/git-cache/scripts/python/daemonset_lib.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/scripts/python/daemonset_lib.py
rename to osdc/base/kubernetes/base/git-cache/scripts/python/daemonset_lib.py
diff --git a/osdc/base/kubernetes/git-cache/scripts/python/test_central_lib.py b/osdc/base/kubernetes/base/git-cache/scripts/python/test_central_lib.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/scripts/python/test_central_lib.py
rename to osdc/base/kubernetes/base/git-cache/scripts/python/test_central_lib.py
diff --git a/osdc/base/kubernetes/git-cache/scripts/python/test_daemonset_lib.py b/osdc/base/kubernetes/base/git-cache/scripts/python/test_daemonset_lib.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/scripts/python/test_daemonset_lib.py
rename to osdc/base/kubernetes/base/git-cache/scripts/python/test_daemonset_lib.py
diff --git a/osdc/base/kubernetes/git-cache/tests/smoke/conftest.py b/osdc/base/kubernetes/base/git-cache/tests/smoke/conftest.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/tests/smoke/conftest.py
rename to osdc/base/kubernetes/base/git-cache/tests/smoke/conftest.py
diff --git a/osdc/base/kubernetes/git-cache/tests/smoke/test_git_cache.py b/osdc/base/kubernetes/base/git-cache/tests/smoke/test_git_cache.py
similarity index 100%
rename from osdc/base/kubernetes/git-cache/tests/smoke/test_git_cache.py
rename to osdc/base/kubernetes/base/git-cache/tests/smoke/test_git_cache.py
diff --git a/osdc/base/kubernetes/harbor-namespace.yaml b/osdc/base/kubernetes/base/harbor-namespace.yaml
similarity index 100%
rename from osdc/base/kubernetes/harbor-namespace.yaml
rename to osdc/base/kubernetes/base/harbor-namespace.yaml
diff --git a/osdc/base/kubernetes/base/kustomization.yaml b/osdc/base/kubernetes/base/kustomization.yaml
new file mode 100644
index 00000000..0ae31465
--- /dev/null
+++ b/osdc/base/kubernetes/base/kustomization.yaml
@@ -0,0 +1,10 @@
+# Base Kubernetes resources shared across ALL providers (EKS, GKE, etc.).
+# Provider-specific resources go in overlays/<provider>/.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - harbor-namespace.yaml
+  - nvidia-device-plugin.yaml
+  - registry-mirror-config.yaml
+  - git-cache/
diff --git a/osdc/base/kubernetes/nvidia-device-plugin.yaml b/osdc/base/kubernetes/base/nvidia-device-plugin.yaml
similarity index 100%
rename from osdc/base/kubernetes/nvidia-device-plugin.yaml
rename to osdc/base/kubernetes/base/nvidia-device-plugin.yaml
diff --git a/osdc/base/kubernetes/registry-mirror-config.yaml b/osdc/base/kubernetes/base/registry-mirror-config.yaml
similarity index 100%
rename from osdc/base/kubernetes/registry-mirror-config.yaml
rename to osdc/base/kubernetes/base/registry-mirror-config.yaml
diff --git a/osdc/base/kubernetes/kustomization.yaml b/osdc/base/kubernetes/kustomization.yaml
index 8dfdd6a9..a5407ea3 100644
--- a/osdc/base/kubernetes/kustomization.yaml
+++ b/osdc/base/kubernetes/kustomization.yaml
@@ -1,16 +1,12 @@
 # Base Kubernetes resources applied to EVERY cluster.
-# These are cluster-agnostic and required regardless of which modules are enabled.
+# Shared (provider-agnostic) resources live in base/.
+# Provider-specific resources live in overlays/<provider>/.
 #
-# Module-specific resources belong in osdc/<module>/kubernetes/ instead.
+# This top-level kustomization points to the EKS overlay for backward
+# compatibility — deploy-base's `kubectl apply -k base/kubernetes/` works
+# unchanged. Future providers (GKE, AKS) use their own overlay directly.
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-  - storageclass-gp3.yaml
-  - node-performance-tuning.yaml
-  - nvidia-device-plugin.yaml
-  - harbor-namespace.yaml
-  - git-cache/
-  - registry-mirror-config.yaml
-  # NOTE: Namespaces for modules (arc-runners, arc-systems, buildkit, etc.)
-  # are created by the module's own kubernetes/ directory, not here.
+  - overlays/eks
diff --git a/osdc/base/kubernetes/overlays/eks/kustomization.yaml b/osdc/base/kubernetes/overlays/eks/kustomization.yaml
new file mode 100644
index 00000000..5705312d
--- /dev/null
+++ b/osdc/base/kubernetes/overlays/eks/kustomization.yaml
@@ -0,0 +1,8 @@
+# EKS overlay: shared base + EKS-specific resources.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+  - storageclass-gp3.yaml
+  - node-performance-tuning.yaml
diff --git a/osdc/base/kubernetes/node-performance-tuning.yaml b/osdc/base/kubernetes/overlays/eks/node-performance-tuning.yaml
similarity index 100%
rename from osdc/base/kubernetes/node-performance-tuning.yaml
rename to osdc/base/kubernetes/overlays/eks/node-performance-tuning.yaml
diff --git a/osdc/base/kubernetes/storageclass-gp3.yaml b/osdc/base/kubernetes/overlays/eks/storageclass-gp3.yaml
similarity index 100%
rename from osdc/base/kubernetes/storageclass-gp3.yaml
rename to osdc/base/kubernetes/overlays/eks/storageclass-gp3.yaml
diff --git a/osdc/base/kubernetes/overlays/gke/kustomization.yaml b/osdc/base/kubernetes/overlays/gke/kustomization.yaml
new file mode 100644
index 00000000..b6859541
--- /dev/null
+++ b/osdc/base/kubernetes/overlays/gke/kustomization.yaml
@@ -0,0 +1,8 @@
+# GKE overlay: shared base + GKE-specific resources.
+# Consumer adds GKE-specific resources (StorageClass, etc.) via patches or
+# by overriding this overlay in their own modules/ directory.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
diff --git a/osdc/justfile b/osdc/justfile
index 3a26ec74..48ac7cd7 100644
--- a/osdc/justfile
+++ b/osdc/justfile
@@ -83,7 +83,7 @@ kubeconfig cluster:
 # BOOTSTRAP
 # ============================================================================
 
-# Bootstrap S3 state bucket + DynamoDB lock table for a cluster
+# Bootstrap remote state storage for a cluster (S3/GCS, auto-detected)
 bootstrap cluster:
     @OSDC_ROOT="{{ROOT}}" OSDC_UPSTREAM="{{UPSTREAM}}" CLUSTERS_YAML="{{CLUSTERS_YAML}}" {{SCRIPTS}}/bootstrap-state.sh {{cluster}}
 
diff --git a/osdc/scripts/bootstrap-state-gcp.sh b/osdc/scripts/bootstrap-state-gcp.sh
new file mode 100755
index 00000000..a548ae1a
--- /dev/null
+++ b/osdc/scripts/bootstrap-state-gcp.sh
@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+set -euo pipefail
+#
+# Bootstrap GCS state bucket for a GCP cluster.
+#
+# Creates:
+#   - GCS bucket for state storage (versioned, uniform IAM)
+#
+# GCS provides native state locking — no DynamoDB equivalent needed.
+#
+# Usage:
+#   ./scripts/bootstrap-state-gcp.sh <cluster-id>
+#
+# Idempotent: safe to run multiple times.
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+# shellcheck source=/dev/null
+source "$SCRIPT_DIR/mise-activate.sh"
+CONFIG_PY="$SCRIPT_DIR/cluster-config.py"
+
+CLUSTER="${1:?Usage: $0 <cluster-id>}"
+PROJECT=$(uv run "$CONFIG_PY" "$CLUSTER" gcp_project)
+BUCKET=$(uv run "$CONFIG_PY" "$CLUSTER" state_bucket)
+REGION=$(uv run "$CONFIG_PY" "$CLUSTER" region)
+
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+echo "Bootstrapping state for: $CLUSTER"
+echo "  Bucket: $BUCKET (region: $REGION)"
+echo "  Project: $PROJECT"
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+
+if gcloud storage buckets describe "gs://${BUCKET}" --project="${PROJECT}" >/dev/null 2>&1; then
+  echo "  Bucket '${BUCKET}' already exists, skipping create."
+else
+  echo "  Creating bucket '${BUCKET}'..."
+  gcloud storage buckets create "gs://${BUCKET}" \
+    --project="${PROJECT}" \
+    --location="${REGION}" \
+    --uniform-bucket-level-access
+fi
+
+echo "  Enabling versioning..."
+gcloud storage buckets update "gs://${BUCKET}" --versioning
+
+echo "  Done."
+echo ""
+echo "State bootstrapping complete."
diff --git a/osdc/scripts/bootstrap-state.sh b/osdc/scripts/bootstrap-state.sh
index 4c3dd5cf..793b8107 100755
--- a/osdc/scripts/bootstrap-state.sh
+++ b/osdc/scripts/bootstrap-state.sh
@@ -24,6 +24,15 @@ STATE_REGION="us-west-2"
 
 bootstrap_cluster() {
   local cluster_id="$1"
+  local cloud
+  cloud=$(uv run "$CONFIG_PY" "$cluster_id" cloud aws)
+
+  # Non-AWS providers have their own bootstrap script
+  if [[ "$cloud" != "aws" ]]; then
+    "$SCRIPT_DIR/bootstrap-state-${cloud}.sh" "$cluster_id"
+    return
+  fi
+
   local bucket
   bucket=$(uv run "$CONFIG_PY" "$cluster_id" state_bucket)