kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add GCVE Logging and Monitoring Blueprint (#2347)

Browse Source 
---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
This commit is contained in:
Konrad Schieban
2024-06-11 16:36:23 +02:00
committed by GitHub
parent f0c83c4f91
commit 330fe0096b
9 changed files with 1746 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
blueprints/gcve/monitoring/README.md Normal file
View File

@@ -0,0 +1,117 @@
# Google Cloud VMWare Engine Logging Monitoring Module
This Blueprint simplifies the setup of monitoring and syslog logging for Google Cloud VMware Engine (GCVE) private clouds.
## Overview
Infrastructure monitoring and logging for GCVE are typically set up using a [standalone Bindplane agent](https://cloud.google.com/vmware-engine/docs/environment/howto-cloud-monitoring-standalone). This blueprint automates the deployment of the Bindplane agent using a Managed Instance Group. The agent collects metrics and syslog logs from VMware vCenter and forwards them to Cloud Monitoring and Cloud Logging.
<p align="center">
<img src="gcve-mon-diagram.png" alt="GCVE Logging and Monitoring Blueprint">
</p>
## Deployed Resources
This blueprint deploys and configures the following resources:
* **Service Account:** Grants the Bindplane agent permissions to write logs/metrics and access Secret Manager.
* **Firewall Rule (optional):** Allows health checks on TCP port 5142 to ensure the agent is running.
* **Monitoring Dashboards (optional):** Provides default dashboards for GCVE metrics.
* **VM Template:** Creates a Debian 11-based template for the Bindplane agent.
* **Managed Instance Group:** Manages the deployment and provides autohealing to the Bindplane agent.
* **Secret Manager Secrets:** Stores vCenter credentials (username, password, FQDN).
## Completing the Setup
After deploying this blueprint, you need to complete the following steps:
* [Configure GCVE to send traffic to the Bindplane agent](https://cloud.google.com/vmware-engine/docs/environment/howto-forward-syslog), which listens on TCP port 5142 by default.
* Update secrets in Secret Manager with vCenter credentials and FQDN.
## Troubleshooting
If you encounter issues, check the following:
* **Firewall:** Ensure that the firewall rule allows traffic to TCP port 5142.
* **vCenter Configuration:** Verify that GCVE is correctly configured to forward syslog messages.
* **Agent Logs:** Examine the Bindplane agent logs for errors.
## Security Considerations
* **Least Privilege:** Grant the Bindplane agent service account only the necessary permissions.
* **Secret Management:** Store vCenter credentials securely in Secret Manager.
<!-- BEGIN TOC -->
- [Overview](#overview)
- [Deployed Resources](#deployed-resources)
- [Completing the Setup](#completing-the-setup)
- [Troubleshooting](#troubleshooting)
- [Security Considerations](#security-considerations)
- [Basic Monitoring setup with default settings](#basic-monitoring-setup-with-default-settings)
- [Variables](#variables)
- [Outputs](#outputs)
<!-- END TOC -->
## Basic Monitoring setup with default settings
```hcl
module "gcve-monitoring" {
source = "./fabric/blueprints/gcve/monitoring"
project_id = "gcve-mon-project"
project_create = {
billing_account = "0123AB-ABCDEF-123456"
parent = "folders/1234567890"
shared_vpc_host = "abcde-prod-net-spoke-0"
}
vm_mon_config = {
vm_mon_name = "bp-agent"
vm_mon_type = "e2-small"
vm_mon_zone = "europe-west1-b"
}
vpc_config = {
host_project_id = "abcde-prod-net-spoke-0"
vpc_self_link = "https://www.googleapis.com/compute/v1/projects/abcde-prod-net-spoke-0/global/networks/prod-spoke-0"
subnetwork_self_link = "projects/abcde-prod-net-spoke-0/regions/europe-west1/subnetworks/prod-default-ew1"
}
vsphere_secrets = {
vsphere_server = "gcve-mon-vsphere-server"
vsphere_user = "gcve-mon-vsphere-user"
vsphere_password = "gcve-mon-vsphere-password"
}
sa_gcve_monitoring = "gcve-mon-sa"
gcve_region = "europe-west1"
initial_delay_sec = 180
create_dashboards = true
create_firewall_rule = true
}
# tftest modules=7 resources=22
```
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [gcve_region](variables.tf#L29) | Region where the Private Cloud is deployed. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L56) | Project id of existing or created project. | <code>string</code> | ✓ | |
| [vm_mon_config](variables.tf#L67) | GCE monitoring instance configuration. | <code title="object&#40;&#123;&#10; vm_mon_name &#61; optional&#40;string, &#34;bp-agent&#34;&#41;&#10; vm_mon_type &#61; optional&#40;string, &#34;e2-small&#34;&#41;&#10; vm_mon_zone &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | |
| [vpc_config](variables.tf#L77) | Shared VPC project and VPC details. | <code title="object&#40;&#123;&#10; host_project_id &#61; string&#10; vpc_self_link &#61; string&#10; subnetwork_self_link &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | |
| [create_dashboards](variables.tf#L17) | Specify sample GCVE monitoring dashboards should be installed. | <code>bool</code> | | <code>true</code> |
| [create_firewall_rule](variables.tf#L23) | Specify whether a firewall rule to allow Load Balancer Healthcheck should be implemented. | <code>bool</code> | | <code>true</code> |
| [initial_delay_sec](variables.tf#L34) | How long to delay checking for healthcheck upon initialization. | <code>number</code> | | <code>180</code> |
| [monitoring_image](variables.tf#L40) | Resource URI for OS image used to deploy monitoring agent. | <code>string</code> | | <code>&#34;projects&#47;debian-cloud&#47;global&#47;images&#47;family&#47;debian-11&#34;</code> |
| [project_create](variables.tf#L46) | Project configuration for newly created project. Leave null to use existing project. Project creation forces VPC and cluster creation. | <code title="object&#40;&#123;&#10; billing_account &#61; string&#10; parent &#61; optional&#40;string&#41;&#10; shared_vpc_host &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [sa_gcve_monitoring](variables.tf#L61) | Service account for GCVE monitoring agent. | <code>string</code> | | <code>&#34;gcve-mon-sa&#34;</code> |
| [vsphere_secrets](variables.tf#L87) | Secret Manager secrets that contain vSphere credentials and FQDN. | <code title="object&#40;&#123;&#10; vsphere_password &#61; optional&#40;string, &#34;gcve-mon-vsphere-password&#34;&#41;&#10; vsphere_server &#61; optional&#40;string, &#34;gcve-mon-vsphere-server&#34;&#41;&#10; vsphere_user &#61; optional&#40;string, &#34;gcve-mon-vsphere-user&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
## Outputs
| name | description | sensitive |
|---|---|:---:|
| [gcve-mon-firewall](outputs.tf#L17) | Ingress rule to allow GCVE Syslog traffic. | |
| [gcve-mon-mig](outputs.tf#L22) | Managed Instance Group for GCVE Monitoring. | |
| [gcve-mon-sa](outputs.tf#L27) | Service Account for GCVE Monitoring. | |
<!-- END TFDOC -->

552
blueprints/gcve/monitoring/dashboards/contention.json Normal file
View File

@@ -0,0 +1,552 @@
{
"displayName": "GCVE Contention",
"mosaicLayout": {
"columns": 12,
"tiles": [
{
"height": 3,
"widget": {
"title": "Available CPU in Mhz",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.cluster.cpu.available\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 1
},
{
"height": 3,
"widget": {
"title": "Available Memory",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.cluster.memory.available\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 1
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "Cluster"
},
"width": 12
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "Hosts"
},
"width": 12,
"yPos": 4
},
{
"height": 3,
"widget": {
"title": "CPU Used",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.cpu.used\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 5
},
{
"height": 3,
"widget": {
"title": "Memory Used",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.memory.used\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 5
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "Virtual Machines"
},
"width": 12,
"yPos": 16
},
{
"height": 3,
"widget": {
"title": "Memory Usage Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.usage_bytes\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 17
},
{
"height": 3,
"widget": {
"title": "CPU Usage in Mhz",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.usage\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 17
},
{
"height": 3,
"widget": {
"title": "Disk Usage Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.usage_bytes\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 12,
"yPos": 26
},
{
"height": 3,
"widget": {
"title": "Memory Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_PERCENTILE_95",
"groupByFields": [
"resource.label.\"node_id\""
],
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.memory.utilization\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 8,
"yPos": 11
},
{
"height": 3,
"widget": {
"scorecard": {
"gaugeView": {
"upperBound": 100
},
"timeSeriesQuery": {
"timeSeriesQueryLanguage": "fetch generic_node\n| metric\n 'external.googleapis.com/vmware/vcenter.host_system.memory.utilization'\n| group_by 1m, [value_utilization_max: max(value.utilization)]\n| every 1m\n| group_by [resource.node_id],\n [value_utilization_max_max: max(value_utilization_max)]\n| top 1"
}
},
"title": "Peak Memory Utilization"
},
"width": 4,
"xPos": 8,
"yPos": 11
},
{
"height": 3,
"widget": {
"title": "CPU Usage",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.cpu.usage\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 8,
"yPos": 8
},
{
"height": 3,
"widget": {
"scorecard": {
"gaugeView": {
"upperBound": 100
},
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.cpu.usage\" resource.type=\"generic_node\""
}
}
},
"title": "Peak CPU Usage"
},
"width": 4,
"xPos": 8,
"yPos": 8
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.usage_bytes\" resource.type=\"generic_node\""
}
}
},
"title": "VM Total Memory Used"
},
"width": 3,
"xPos": 3,
"yPos": 20
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.hosts.powered_on\" resource.type=\"generic_node\""
}
}
},
"title": "Powered On Hosts"
},
"width": 2,
"xPos": 8,
"yPos": 14
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.hosts.powered_off\" resource.type=\"generic_node\""
}
}
},
"title": "Powered Off Hosts"
},
"width": 2,
"xPos": 10,
"yPos": 14
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.cluster.memory.available\" resource.type=\"generic_node\""
}
}
},
"title": "Memory Available In Cluster"
},
"width": 4,
"yPos": 14
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.memory.used\" resource.type=\"generic_node\""
}
}
},
"title": "Memory Used By Hosts"
},
"width": 4,
"xPos": 4,
"yPos": 14
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.cluster.memory.available\" resource.type=\"generic_node\""
}
}
},
"title": "Memory Available in Cluster"
},
"width": 3,
"yPos": 20
},
{
"height": 2,
"widget": {
"scorecard": {
"gaugeView": {
"upperBound": 100
},
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.used_percent\" resource.type=\"generic_node\""
}
}
},
"title": "Used CPU Percentage"
},
"width": 6,
"xPos": 6,
"yPos": 20
},
{
"height": 4,
"widget": {
"title": "CPU Ready",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.ready\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 12,
"yPos": 22
}
]
}
}

499
blueprints/gcve/monitoring/dashboards/overview.json Normal file
View File

@@ -0,0 +1,499 @@
{
"displayName": "GCVE Overview",
"mosaicLayout": {
"columns": 12,
"tiles": [
{
"height": 3,
"widget": {
"title": "Memory Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_BAR",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.memory.utilization\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"xPos": 4,
"yPos": 9
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "DATACENTER"
},
"width": 12
},
{
"height": 3,
"widget": {
"title": "Average Host CPU Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.datacenter.cpu.average_host_utilization\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 12,
"yPos": 5
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.usage_bytes\" resource.type=\"generic_node\""
}
}
},
"title": "Total Storage Used"
},
"width": 3,
"yPos": 3
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.usage_bytes\" resource.type=\"generic_node\""
}
}
},
"title": "Total Memory Used "
},
"width": 3,
"xPos": 3,
"yPos": 3
},
{
"height": 2,
"widget": {
"scorecard": {
"thresholds": [
{
"color": "RED",
"direction": "ABOVE"
}
],
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MAX",
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.datacenter.hosts\" resource.type=\"generic_node\" metric.label.\"color\"=\"red\""
}
}
},
"title": "Red Hosts"
},
"width": 3,
"xPos": 6,
"yPos": 3
},
{
"height": 3,
"widget": {
"title": "CPU Usage %",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_AREA",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.cpu.usage\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"yPos": 9
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.datacenter.virtual_machines\" resource.type=\"generic_node\""
}
}
},
"title": "Running VMs"
},
"width": 3,
"xPos": 9,
"yPos": 3
},
{
"height": 3,
"widget": {
"title": "CPU Utilization Ratio",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.host_system.cpu.utilization_ratio\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"xPos": 8,
"yPos": 9
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "HOSTS"
},
"width": 12,
"yPos": 8
},
{
"height": 1,
"widget": {
"text": {
"format": "RAW"
},
"title": "VMs"
},
"width": 12,
"yPos": 12
},
{
"height": 3,
"widget": {
"title": "CPU Used %",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.used_percent\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"xPos": 8,
"yPos": 13
},
{
"height": 3,
"widget": {
"title": "Memory Used %",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.used_percent\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"xPos": 4,
"yPos": 13
},
{
"height": 3,
"widget": {
"title": "Disk Used Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_BAR",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.usage_bytes\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 4,
"yPos": 13
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.clusters.total\" resource.type=\"generic_node\""
}
}
},
"title": "Clusters Total"
},
"width": 3,
"yPos": 1
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MEAN",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.datastores.total\" resource.type=\"generic_node\""
}
}
},
"title": "Datastores Total"
},
"width": 3,
"xPos": 3,
"yPos": 1
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MAX",
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.hosts\" resource.type=\"generic_node\""
}
}
},
"title": "Hosts Total"
},
"width": 3,
"xPos": 6,
"yPos": 1
},
{
"height": 2,
"widget": {
"scorecard": {
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"crossSeriesReducer": "REDUCE_MAX",
"perSeriesAligner": "ALIGN_MAX"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vsphere.virtual_machines.total\" resource.type=\"generic_node\""
}
}
},
"title": "VMs Total"
},
"width": 3,
"xPos": 9,
"yPos": 1
},
{
"height": 4,
"widget": {
"title": "Memory Used Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.usage_bytes\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 16
},
{
"height": 4,
"widget": {
"title": "Network Throughput Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_BAR",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.network.throughput_bytes\" resource.type=\"generic_node\"",
"secondaryAggregation": {}
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 16
}
]
}
}

240
blueprints/gcve/monitoring/dashboards/virtual-machine-performance.json Normal file
View File

@@ -0,0 +1,240 @@
{
"displayName": "GCVE Virtual Machine Performance",
"mosaicLayout": {
"columns": 12,
"tiles": [
{
"height": 4,
"widget": {
"title": "CPU Usage",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.usage\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6
},
{
"height": 4,
"widget": {
"title": "Disk Space Used",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_BAR",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.usage_bytes\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 8
},
{
"height": 4,
"widget": {
"title": "Memory Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.memory.used_percent\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 4
},
{
"height": 4,
"widget": {
"title": "Network Throughput Bytes",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.network.throughput_bytes\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6,
"yPos": 4
},
{
"height": 4,
"widget": {
"title": "CPU Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.cpu.used_percent\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"xPos": 6
},
{
"height": 4,
"widget": {
"title": "Disk Space Free",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "STACKED_BAR",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.free_bytes\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 8
},
{
"height": 4,
"widget": {
"title": "Disk Utilization",
"xyChart": {
"chartOptions": {
"mode": "COLOR"
},
"dataSets": [
{
"minAlignmentPeriod": "60s",
"plotType": "LINE",
"timeSeriesQuery": {
"timeSeriesFilter": {
"aggregation": {
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MEAN"
},
"filter": "metric.type=\"external.googleapis.com/vmware/vcenter.vm.disk.used_percent\" resource.type=\"generic_node\""
}
}
}
],
"timeshiftDuration": "0s",
"yAxis": {
"label": "y1Axis",
"scale": "LINEAR"
}
}
},
"width": 6,
"yPos": 12
}
]
}
}

BIN
blueprints/gcve/monitoring/gcve-mon-diagram.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 262 KiB

168
blueprints/gcve/monitoring/main.tf Normal file
View File

@@ -0,0 +1,168 @@
/**
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
base_gcve_agent_endpoint = "https://storage.googleapis.com/gcve-observability-agent/latest/vmware-linux-amd64"
base_gcloud_secret_manager = "gcloud secrets versions access latest --secret="
sa_gcve_monitoring_roles = toset([
"roles/secretmanager.secretAccessor",
"roles/monitoring.admin",
"roles/logging.logWriter",
])
use_shared_vpc = (
try(var.project_create.shared_vpc_host, null) != null
)
vpc_name = split("/", var.vpc_config.vpc_self_link)[length(split("/", var.vpc_config.vpc_self_link)) - 1]
}
module "project" {
source = "../../../modules/project"
parent = try(var.project_create.parent, null)
billing_account = try(var.project_create.billing_account, null)
name = var.project_id
project_create = var.project_create != null
services = [
"compute.googleapis.com",
"monitoring.googleapis.com",
"logging.googleapis.com",
"secretmanager.googleapis.com"
]
shared_vpc_service_config = !local.use_shared_vpc ? null : {
//attach = true
host_project = var.project_create.shared_vpc_host
service_iam_grants = module.project.services
}
}
module "sa_gcve_monitoring" {
source = "../../../modules/iam-service-account"
project_id = var.project_id
name = var.sa_gcve_monitoring
iam_project_roles = {
"${var.project_id}" = [
"roles/secretmanager.secretAccessor",
"roles/monitoring.admin",
"roles/logging.logWriter",
]
}
}
module "gcve-mon-template" {
source = "../../../modules/compute-vm"
project_id = var.project_id
name = "gcve-mon-template"
zone = var.vm_mon_config.vm_mon_zone
instance_type = var.vm_mon_config.vm_mon_type
create_template = true
can_ip_forward = false
network_interfaces = [
{
network = var.vpc_config.vpc_self_link
subnetwork = var.vpc_config.subnetwork_self_link
nat = false
addresses = null
}
]
boot_disk = {
initialize_params = {
image = var.monitoring_image
size = 100
type = "pd-balanced"
}
}
options = {
allow_stopping_for_update = true
deletion_protection = false
spot = false
termination_action = "STOP"
}
metadata = {
startup-script = templatefile("${path.module}/scripts/installer.sh",
{
endpoint_agent = "${local.base_gcve_agent_endpoint}/artifacts/bpagent-headless-vmware.tar.gz"
endpoint_install = "${local.base_gcve_agent_endpoint}/installer/install.sh"
gcloud_secret_vsphere_server = "${local.base_gcloud_secret_manager}${var.vsphere_secrets.vsphere_server}"
gcloud_secret_vsphere_user = "${local.base_gcloud_secret_manager}${var.vsphere_secrets.vsphere_user}"
gcloud_secret_vsphere_password = "${local.base_gcloud_secret_manager}${var.vsphere_secrets.vsphere_password}"
gcve_region = var.gcve_region
project_id = var.project_id
})
}
service_account = {
email = module.sa_gcve_monitoring.email
scopes = ["https://www.googleapis.com/auth/cloud-platform"]
}
}
module "gcve-mon-mig" {
source = "../../../modules/compute-mig"
project_id = var.project_id
location = var.gcve_region
name = "${var.vm_mon_config.vm_mon_name}-mig"
instance_template = module.gcve-mon-template.template.self_link
target_size = 1
auto_healing_policies = {
initial_delay_sec = var.initial_delay_sec
}
health_check_config = {
enable_logging = true
tcp = {
port = 5142
}
}
}
module "secret-manager" {
source = "../../../modules/secret-manager"
project_id = var.project_id
secrets = {
(var.vsphere_secrets.vsphere_server) = { locations = [var.gcve_region] },
(var.vsphere_secrets.vsphere_user) = { locations = [var.gcve_region] },
(var.vsphere_secrets.vsphere_password) = { locations = [var.gcve_region] }
}
}
module "firewall" {
source = "../../../modules/net-vpc-firewall"
count = var.create_firewall_rule ? 1 : 0
project_id = var.vpc_config.host_project_id
network = local.vpc_name
default_rules_config = {
disabled = true
}
ingress_rules = {
allow-healthcheck = {
description = "Allow healthcheck for Syslog port."
source_ranges : ["35.191.0.0/16", "130.211.0.0/22"]
targets : [module.sa_gcve_monitoring.email]
use_service_accounts : true
rules = [{
protocol = "tcp"
ports = [5142]
}]
}
}
}
resource "google_monitoring_dashboard" "gcve_mon_dashboards" {
for_each = var.create_dashboards ? fileset("${path.module}/dashboards", "*.json") : []
dashboard_json = file("${path.module}/dashboards/${each.value}")
project = var.project_id
}

30
blueprints/gcve/monitoring/outputs.tf Normal file
View File

@@ -0,0 +1,30 @@
/**
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
output "gcve-mon-firewall" {
description = "Ingress rule to allow GCVE Syslog traffic."
value = module.firewall
}
output "gcve-mon-mig" {
description = "Managed Instance Group for GCVE Monitoring."
value = module.gcve-mon-mig
}
output "gcve-mon-sa" {
description = "Service Account for GCVE Monitoring."
value = module.sa_gcve_monitoring
}

44
blueprints/gcve/monitoring/scripts/installer.sh Normal file
View File

@@ -0,0 +1,44 @@
#!/usr/bin/env bash
# Copyright 2024 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# BindPlane Agent with Terraform
# https://github.com/GoogleCloudPlatform/monitoring-dashboard-samples/tree/master/terraform/agents/bindplane
# Install prerequisites
sudo apt-get install -y rsync
# Setting up Cloud Monitoring with a standalone agent
# https://cloud.google.com/vmware-engine/docs/environment/howto-cloud-monitoring-standalone
curl -s ${endpoint_agent} -o /tmp/agent.tar.gz
curl -s ${endpoint_install} -o /tmp/install.sh
sudo chmod +x /tmp/install.sh
sudo /tmp/install.sh /tmp/agent.tar.gz
# Configure the agent to access your private cloud for metrics
sudo cp /opt/bpagent/config/metrics/examples/vmware_vcenter.yaml /opt/bpagent/config/metrics/sources
gcloud config set project ${project_id}
sudo sed -i "s/host:.*$/host: $(${gcloud_secret_vsphere_server})/g" /opt/bpagent/config/metrics/sources/vmware_vcenter.yaml
sudo sed -i "s/username:.*$/username: $(${gcloud_secret_vsphere_user})/g" /opt/bpagent/config/metrics/sources/vmware_vcenter.yaml
sudo sed -i "s/password:.*$/password: $(${gcloud_secret_vsphere_password})/g" /opt/bpagent/config/metrics/sources/vmware_vcenter.yaml
sudo sed -i "s/# region:.*$/region: ${gcve_region}/g" /opt/bpagent/config/metrics/sources/vmware_vcenter.yaml
#Configure the agent to access the service account for reporting
sudo cp /opt/bpagent/config/log_agent.example.yaml /opt/bpagent/config/log_agent.yaml
sudo sed -i "s/project_id:.*$/project_id: ${project_id}/g" /opt/bpagent/config/log_agent.yaml
sudo sed -i "s/credentials_file:.*$/#credentials_file: /g" /opt/bpagent/config/log_agent.yaml
sudo systemctl stop bpagent
sudo systemctl start bpagent
sudo systemctl enable bpagent

96
blueprints/gcve/monitoring/variables.tf Normal file
View File

@@ -0,0 +1,96 @@
/**
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "create_dashboards" {
description = "Specify sample GCVE monitoring dashboards should be installed."
type = bool
default = true
}
variable "create_firewall_rule" {
description = "Specify whether a firewall rule to allow Load Balancer Healthcheck should be implemented."
type = bool
default = true
}
variable "gcve_region" {
description = "Region where the Private Cloud is deployed."
type = string
}
variable "initial_delay_sec" {
description = "How long to delay checking for healthcheck upon initialization."
type = number
default = 180
}
variable "monitoring_image" {
description = "Resource URI for OS image used to deploy monitoring agent."
type = string
default = "projects/debian-cloud/global/images/family/debian-11"
}
variable "project_create" {
description = "Project configuration for newly created project. Leave null to use existing project. Project creation forces VPC and cluster creation."
type = object({
billing_account = string
parent = optional(string)
shared_vpc_host = optional(string)
})
default = null
}
variable "project_id" {
description = "Project id of existing or created project."
type = string
}
variable "sa_gcve_monitoring" {
description = "Service account for GCVE monitoring agent."
type = string
default = "gcve-mon-sa"
}
variable "vm_mon_config" {
description = "GCE monitoring instance configuration."
type = object({
vm_mon_name = optional(string, "bp-agent")
vm_mon_type = optional(string, "e2-small")
vm_mon_zone = string
})
nullable = false
}
variable "vpc_config" {
description = "Shared VPC project and VPC details."
type = object({
host_project_id = string
vpc_self_link = string
subnetwork_self_link = string
})
nullable = false
}
variable "vsphere_secrets" {
description = "Secret Manager secrets that contain vSphere credentials and FQDN."
type = object({
vsphere_password = optional(string, "gcve-mon-vsphere-password")
vsphere_server = optional(string, "gcve-mon-vsphere-server")
vsphere_user = optional(string, "gcve-mon-vsphere-user")
})
nullable = false
default = {}
}