You need to set up a GKE cluster within an existing VPC that can be accessed from your on-premises network, meeting the following criteria: - Keep the IP ranges for pods and services as small as possible. - Ensure the nodes and the master are not accessible from the internet. - Allow kubectl commands from on-premises subnets to manage the cluster. What steps should you take to create the GKE cluster?