Documentation forSolarWinds Platform Self-Hosted

Configure Google Cloud Platform for monitoring

To add a Google Cloud Platform (GPC) account for monitoring, you must configure GCP to work with the SolarWinds Platform.

GCP features supported in SolarWinds Observability Self-Hosted that require no extra node license

  • Persistent Disks
  • VM (not managed as nodes)
  • Virtual Private Cloud (VPC)
  • VPN Gateways

GCP features supported in SolarWinds Observability Self-Hosted that consume a node license

  • Cloud VM Management
  • GCP Cloud Storage
  • GCP SQL Databases

Requirements for the GCP account

To enable monitoring in SolarWinds Observability Self-Hosted, you must extract a private key from a Google Cloud Platform (GCP) service account.

Make sure the required Identity and Access Management (IAM) roles are assigned to the service account in your GCP project.

For setup instructions, see Create a GCP service account and add IAM permissions for cloud monitoring in SolarWinds Observability Self-Hosted.

Required roles

The service account must have the following IAM roles assigned at the GCP project level.

General viewer role

Grants read-only access to all GCP resources. If you add this role, you don't need to assign the more specifci compute- or network-specific viewer roles.

  • roles/viewer

Compute-specific roles

Use these roles if you don't want to use the wider roles/viewer role.

  • roles/compute.viewer
  • roles/monitoring.viewer
  • roles/dns.reader
  • roles/compute.networkViewer

Network-specific role

Add this role in addition to compute-specific roles to monitor network traffic and connectivity.

  • roles/networkmanagement.viewer

Tag management roles

Use these roles to create and manage tags in the GCP console and to allow the user to view resources under respective tags.

  • roles/tagUser
  • roles/tagViewer

Instance management roles

Assign one of the following roles to allow start, stop, or delete operations on monitored compute instances.

  • roles/compute.instanceAdmin.v1 - Grants permissions to start, stop, or delete operations on Compute Engine instances .
  • roles/editor - Includes all permissions of compute.instanceAdmin.v1 and allows edititing other GCP resources.

Unsupported features

In the current release, the following cloud monitoring features are not supported for Google Cloud Platform.

  • Selecting specific cloud instances or VMs for monitoring
  • Performing actions on cloud instances or VMs, such as unmanaging, initiating a manual poll, or toggling polling on/off.
  • Throttling alerts in GCP.

Create a GCP service account and add IAM permissions for cloud monitoring in SolarWinds Observability Self-Hosted

Before you begin, contact an IT admin and have GCP projects within your organization created.

See Create service accounts in Google documentation for more information.

  1. Log in to the Google console using an account with admin privileges.

  2. Enable the following APIs/services:

    • Cloud DNS API
    • Cloud Resource Manager API
    • Compute Engine API
    • CloudMonitoring API
    • Network Management API
    • Network Services API

    See Enabling an API in Google Cloud documentation.

  3. Create a service account. See Create service accounts in Google Cloud documentation.

  4. Grant the account the following required roles. See IAM basic and predefined roles reference in Google Cloud documentation.

    Viewer roles
    • roles/viewer - general viewer

    OR

    • roles/compute.viewer - compute-specific role

    • roles/monitoring.viewer - compute-specific role

    • roles/dns.reader - compute-specific role

    • roles/compute.networkViewer - compute-specific role

    • roles/networkmanagement.viewer - network-specific role

    Tag manager roles
    • roles/tagUser - create and manage tags

    • roles/tagViewer - view resources by tag

    Instance management roles
    • roles/compute.instanceAdmin.v1 - perform start, stop, and delete operations on compute instances

    OR

    • roles/editor - includes permissions of compute.instanceAdmin.v1, allows start, stop, and delete operations on other GCP resources.

  5. Generate a private key for the service account. As the key type, select JSON. See Create and delete service account keys in Google Cloud documentation.

    The generated key file contains the GCP credentials needed to add the GCP account to the SolarWinds Platform.

Add a GCP account for monitoring

  1. In the SolarWinds Platform Web Console menu bar, click Settings > All Settings.

  2. Scroll down to Product Specific Settings and click Cloud Infrastructure Monitoring Settings.

  3. In Cloud Infrastructure Monitoring, click Add Cloud Account.

  4. In the Add Cloud Account wizard, click Google Cloud Platform and then click Next.

  5. On Cloud Settings, enter all required details and click Test connection to verify that you can connect to the GCP account. Click Next to continue.

  6. In Cloud Account Display Name, type a name for the account you want to see in the web console.

    • Client Email - provide your email address used to access the GCP console.

    • Private Key - paste the key you generated for the GCP service account.

    • Project ID - enter ID of the GCP project you want to monitor.

    • Optionally, provide your Client Id, Scopes, and Credential Description.

      Consider adding a description to remember which IAM user access key you applied.

  7. On Monitored Regions, review the discovered regions and click Next.

    All discovered regions are monitored, regardless of your selection. Region-specific monitoring will be added in a future version.

  8. On Monitored Resources, review that Monitor all supported resources is selected and click Finish. Your GCP resources will be added for monitoring.

Explore GCP views

In the SolarWinds Platform Web Console menu bar, go to My Dashboards > Cloud > GCP to open the GCP Overview page, with an overview of monitored accounts, entities, and alerts triggered for GCP entities.

Overview

The Overview tab shows a summary of all monitored GCP entities, including triggered alerts and monitored accounts.

Network

The Network tab shows:

  • Total Network Entities

  • DNS Zones

  • Virtual Network Gateways

  • Site-to-Site connections

Storage

The Storage tab shows:

  • Volumes Storage Status

  • Volumes Storage Type

  • Cloud Storage Accounts

  • Top 5 Volumes size

  • Top 5 Used Capacity Cloud Storage Account

Compute

The Compute tab shows the summary of monitored GCP Compute Instances and VMs.

  • To view a list of monitored VMs with details, such as state, type, or CPU usage, click the Virtual Machines widget.

  • To view more details about a specific VM, click the VM. The VM details page opens.

Database

The Database tab shows information about monitored GCP Cloud Storage and Cloud SQL instances. The information includes total instances by type, total allocated storage, the total number of databases.