GCP Quick Start Guide (Public Preview)

About

SevOne's GCP plugin allows you to collect metrics for GCP resources along with device metadata for each resource type from GCP environment. It allows you to monitor multiple different geographies for any given subscription. Multiple integrations can be created on a per subscription basis.

Device Creation

Edit online

SevOne NMS GCP plugin regularly calls GCP APIs to retrieve information about

Cloud Router
Cloud Storage
Compute Instance
Interconnect

and then automatically create devices for each GCP resource.

Configure Web Proxy for GCP Plugin

Edit online

Important: Please refer to section Appendix: Web Proxy Setup to set up the proxy using the environment variables.

Required Resources in GCP

Edit online

To monitor a GCP account, the following are necessary.

Project ID
Service Account
Cloud Resource Manager API & Cloud Billing API

Service Account

Edit online

For the GCP plugin to run, you need to authenticate with GCP by creating a service account and using it’s ID and private key.

To create a service account, please navigate to GCP Portal and select your project.
From the left-navigation bar, click Service Accounts.
Click CREATE SERVICE ACCOUNT tab.

Note: You may need to request your administrator for access to create a service account.
On the Create service account page,
1. (optional) Service account name - enter a service account name. For example, SevOne.
2. Service account ID - enter an ID.
3. (optional) Service account description - enter description.
4. Click CREATE AND CONTINUE button.
5. (optional) Grant this service account access to the project.
6. Select Editor role from the Basic drop-down list and click CONTINUE button.
7. (optional) Grant users access to this service account.
8. Click DONE button.
Click on the newly created service account to create a new key.
Select KEYS tab and from ADD KEY drop-down, choose Create new key.

In the pop-up, select key type, JSON and click CREATE button. The private key is saved to your computer as a .json file. Please check the download directory on your computer and store the key securely.

gcpCreateServiceAccountKeyJSON

Example:


{
"type": "service_account",
"project_id": "precise-rite-450122-g2",
"private_key_id": "214c4d9c6e5e736f564449da1ff4db1c977fc4b4",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCmKwJdYeR+5Zz/\nSXR8KeJIIhVk/cNIxdHjw9P7iLEZKF6k9kRI5ZUHAgHOPsNBWhiPfYe1/ILY5euh\nQ+M3sSPyQLPtT1IG1MQg4ikgi4bsCmRHTArav9YiO5EJFqBxkWIMl92ZMFTjvphK\nly3PXVs1MxuJaKObzd8LfM4DHJIKWg/blM62+fw3/HcDgBxI6M0An5x1KkoTov5G\nsdZE0Tb1ZzgY350ieQLR1OBv1hLRao0QweJmCz9uQaaq3RYpd9qT+lJrS74COTXd\nUEEKFe6Q5T8qFwLMkZ3wcp83zbYBDKiw4kTkP2jJGozqaXT066cWjMHpRKrAMGXK\n5Vgbo6KZAgMBAAECggEAUeW7viOr1wE7LjVZZILOJIgr7EEH+TuKdYwEVCIsSv5z\nGzHHOPhySWhrVGfpmzGZDkur0f2YzecQCcToXYAAe/r40xr3jidaXOyqoYAzKO38\nO4mWhfbrxqZ+FrEgtaiWXyeQT9qa1D6RV54INX5JIEDGryQ0EuvWJRbHgJAZyGCL\n4QwSdjBTY4m8zYDpsHQpEV+zPABh/bmgBwy8CHI0c3nGijFaWoiypfpSkZbQtd8M\nHivjwfB8XFKh5cTqde7K42oMrdZfdwrFn8NQu+f2Swowqy2CDLRHg6UQK/YTtDRe\nOo8pouF+D7m+7AA7O/FVkjVYZ8hQZje74FVjf7GNCwKBgQDijXaeI/ygpEyaVW7U\n6ObZKESQnvg6UUrqQgZJiio9I6WqfKqXaPDeF8WGMJ4uTcbn5MumOuSIuvM4Knsa\nTVL7cC+ymDKrltRFuA5LTEFHLc0WqMXvCTlZR06IR61t7RVRz4XjIojmy/YtpFiu\nuPG5ZtZ2uS/00halU15WXg4KnwKBgQC7xD++GmFGWnGJXUnQegQ/LnDshm6Ahfth\n9Pq3tkeHa5HhdoegVG3HEJ+R4preaPi69BQdcUVT6eLJ6XERfnY0jljtYJKu+2Jd\nakcqxAz6tWjVv1IvWrFitgwSli9Jjcsmn0AkOOF+GYBV3DDGpSDXyaUtcjLBTI98\nSFw0wLv/xwKBgAbEvzR+Ur/h6L/7qXIG+06lm1bOyQ/E+f4BtvpffF+TPxHW46ne\nYsPf5fDaZv9vJ3AqL8NpowZKv5V//2mLwdztPx+Q2IKz4OesVhD92D1uKuBwbmlz\n1xjJvpjnu1C7cpWdI5zjnT93/ITkkhm2QNKPNf0aD0q7NB4AXaMq8DR1AoGAIlT0\nzr6mEKYS4mnzSDI3OpI0RZsi808MMtIHUbX7iDBMASyaCd/GHsLUWmlTpd0NtalR\nUDzYz0oRlJehe/BijqOEcQraZzJBvxDiqFgmg2TOIV8VGOF9U64zsOZTCSDrB0nR\nAY6A9HyXMZvMM1YYFjyhfhjGXP+xsKjOazreZRsCgYEAtuEaP/Uq9Vo2e6kI3Z63\naUmE1ubFpWI2QA+X3/a6AFCLm6nUa9WtzhMyX05iyLAp6c+xvIGhi7xKLVnb9TEA\nZr5Ham3km4s9IyOcWQ2FTCluiLQwO1vihcSkRjPIkGE9XOEQ7w3ORUs55t0ZKUEq\nCTUnBGY0l4WNY2E0dlBuOFU=\n-----END PRIVATE KEY-----\n",
"client_email": "sevone@precise-rite-450122-g2.iam.gserviceaccount.com",
"client_id": "117098811635186267674",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/sevone%40precise-rite-450122-g2.iam.gserviceaccount.com",
"universe_domain": "googleapis.com"
}

For GCP Plugin to run, you will require details from the following fields in the .json file.
- Project ID - value from field project_id.
- Service Account ID - value from field client_email.
- Private Key - value from field private_key.

Enable Cloud Resource Manager API & Cloud Billing API

Edit online

To enable cloud billing API, please navigate to GCP Portal.

From the left-navigation bar, navigate to APIs and services > Enabled APIs and services.
Click ENABLE APIS AND SERVICES tab.
Search for Cloud Billing API and select it.
Click ENABLE button to enable the Cloud Billing API.
Search for Cloud Resource Manager API and select it.
Click ENABLE button to enable the Cloud Resource Manager API.

Enable GCP Plugin

Edit online

Please refer to GCP Plugin (Public Preview) for details on how to monitor a GCP account. This will automatically create devices and collect metrics for various GCP resources for that account.

Create TopN View in SevOne NMS to view GCP Resources

Edit online

SevOne NMS contains a package with GCP-specific TopN views. To import, execute the following command.


podman exec -it nms-nms-nms SevOne-import --file /config/gcp/topn.spk

Warning: The import will fail unless the GCP collector has run successfully at least once.

OOTB Reports

Edit online

Once the NMS GCP Plugin integration is setup and Devices and Objects are populated in the Device Manager, the following out-of-the-box (OOTB) reports are available in Data Insight to get insight on the resources.

GCP Cloud Router - report showing GCP Cloud Router metrics.
GCP Cloud Storage - report showing GCP Cloud Storage metrics.
GCP Compute Instance - report showing GCP Compute Instance metrics.
GCP Interconnect - report showing GCP Interconnect metrics.

Appendix: Web Proxy Setup

Edit online

If you are using Web Proxies for connecting to the GCP environment, you may need to set the web proxy. The proxy URL can be in one of the following two formats.


http://<user>:<password>@<domain name or IP address>:<port>

or

https://<user>:<password>@<domain name or IP address>:<port>

where, <user> and <password> are URL encoded strings.

These URLs are defined using the environment variables. For example,


HTTP_PROXY=http://user1:password@proxy.corp.com:8080

or 

HTTPS_PROXY=https://user1:password@proxy.corp.com:8080


http://<domain name or IP address>:<port>

or

https://<domain name or IP address>:<port>

if there is no username and password associated with the proxy.

These URLs are defined using the environment variables. For example,


HTTP_PROXY=http://proxy.corp.com:8080

or 

HTTPS_PROXY=https://proxy.corp.com:8080

As the GCP collector is running within a pod as a container, the environment variables must be set for that container. Execute the following steps.

Using ssh, log in to SevOne NMS appliance as support user.
```
ssh support@<NMS appliance>
```
Using a text editor of your choice, edit /config/gcp/.env file.
```
sudo vi /config/gcp/.env
```

Add the following, for example, to the file based on your format and save the file.


HTTP_PROXY=http://user1:password@proxy.corp.com:8080
HTTPS_PROXY=https://user1:password@proxy.corp.com:8080

or 

HTTP_PROXY=http://proxy.corp.com:8080
HTTPS_PROXY=https://proxy.corp.com:8080

Restart nms-collectors service.
```
sudo systemctl restart nms-collectors;
```