gcve-monitoring

Copyright 2022 Google LLC

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

GCVE Monitoring Module

This module contains the infrastructure to setup the GCVE Cloud Monitoriring with a standalone agent. This has been provisioned as a stateful MIG to utilize autohealing capabilities with a static IP address. To forward syslog messages, please refer to the following documentation on how to configure a private cloud for syslog forwarding.

Notes:

• Secrets must be created in Secret Manager containing the values for vsphere_server (fqdn), vsphere_user (must be admin) and vsphere_password.
• The standalone agent configuration will be overriden, when executing the installer (startup-)script.

Requirements

Name	Version
terraform	>= 1.3.0
google	>= 4.35.0

Usage

Basic usage of this module is as follows:

module "example" {
	 source  = "<module-path>"

	 # Required variables
	 gcve_region  = 
	 project  = 
	 sa_gcve_monitoring  = 
	 secret_vsphere_password  = 
	 secret_vsphere_server  = 
	 secret_vsphere_user  = 
	 subnetwork  = 
	 vm_mon_name  = 
	 vm_mon_zone  = 

	 # Optional variables
	 create_dashboards  = true
	 hc_healthy_threshold  = 2
	 hc_interval_sec  = 5
	 hc_timeout_sec  = 5
	 hc_unhealthy_threshold  = 2
	 initial_delay_sec  = 180
	 vm_mon_type  = "e2-small"
}

Resources

Name	Type
google_compute_firewall.healthcheck	resource
google_compute_health_check.tcp_healthcheck	resource
google_compute_instance_template.vm_mon_tpl	resource
google_compute_region_instance_group_manager.mig_monitoring_gcve	resource
google_monitoring_dashboard.gcve_mon_dashboards	resource
google_project_iam_member.gcve_monitoring_permissions	resource
google_project_service.enable_destination_api	resource
google_service_account.sa_gcve_monitoring	resource
google_compute_image.gcve_mon_image	data source
google_compute_subnetwork.gcve-subnetwork	data source

Inputs

Name	Description	Type	Default	Required
create_dashboards	Define if sample GCVE monitoring dashboards should be installed	bool	true	no
gcve_region	Region where the Private Cloud is deployed	string	n/a	yes
hc_healthy_threshold	How many consecutive success checks to consider the VM as healthy	number	2	no
hc_interval_sec	Healthcheck interval in seconds	number	5	no
hc_timeout_sec	Healthcheck timeout in seconds	number	5	no
hc_unhealthy_threshold	How many consecutive success checks to consider the VM as unhealthy	number	2	no
initial_delay_sec	How long to delay checking for healthcheck upon initialization	number	180	no
project	The GCP project that will be used for GCVE monitoring	string	n/a	yes
sa_gcve_monitoring	Service account for GCVE monitoring agent	string	n/a	yes
secret_vsphere_password	The secret name containing the password for the vCenter admin user	string	n/a	yes
secret_vsphere_server	The secret name conatining the FQDN of the vSphere vCenter server	string	n/a	yes
secret_vsphere_user	The secret name containing the user for the vCenter server. Must be an admin user	string	n/a	yes
subnetwork	Subnetwork where the VM will be deployed to	string	n/a	yes
vm_mon_name	GCE VM name where GCVE monitoring agent will run	string	n/a	yes
vm_mon_type	GCE VM machine type	string	"e2-small"	no
vm_mon_zone	GCP zone where GCE VM will be deployed	string	n/a	yes

Outputs

Name	Description
gcve_mon_dashboards	GCVE Monitoring Dashboards resources
google_service_account	The resource object of the service account for GCVE monitoring
mig_monitoring_gcve	The name of the monitoring MIG