Configure Google Cloud Platform for monitoring
To add a Google Cloud Platform (GPC) account for monitoring, you must configure GCP to work with the SolarWinds Platform.
GCP features supported in SolarWinds Observability Self-Hosted that require no extra node license
- Persistent Disks
- VM (not managed as nodes)
- Virtual Private Cloud (VPC)
- VPN Gateways
GCP features supported in SolarWinds Observability Self-Hosted that consume a node license
- Cloud VM Management
- GCP Cloud Storage
- GCP SQL Databases
Requirements for the GCP account
To enable monitoring in SolarWinds Observability Self-Hosted, you must extract a private key from a Google Cloud Platform (GCP) service account.
Make sure the required Identity and Access Management (IAM) roles are assigned to the service account in your GCP project.
For setup instructions, see Create a GCP service account and add IAM permissions for cloud monitoring in SolarWinds Observability Self-Hosted.
Required roles
The service account must have the following IAM roles assigned at the GCP project level.
General viewer role
Grants read-only access to all GCP resources. If you add this role, you don't need to assign the more specifci compute- or network-specific viewer roles.
roles/viewer
Compute-specific roles
Use these roles if you don't want to use the wider roles/viewer
role.
roles/compute.viewer
roles/monitoring.viewer
roles/dns.reader
roles/compute.networkViewer
Network-specific role
Add this role in addition to compute-specific roles to monitor network traffic and connectivity.
roles/networkmanagement.viewer
Tag management roles
Use these roles to create and manage tags in the GCP console and to allow the user to view resources under respective tags.
roles/tagUser
roles/tagViewer
Instance management roles
Assign one of the following roles to allow start, stop, or delete operations on monitored compute instances.
roles/compute.instanceAdmin.v1
- Grants permissions to start, stop, or delete operations on Compute Engine instances .roles/editor
- Includes all permissions ofcompute.instanceAdmin.v1
and allows edititing other GCP resources.
Unsupported features
In the current release, the following cloud monitoring features are not supported for Google Cloud Platform.
- Selecting specific cloud instances or VMs for monitoring
- Performing actions on cloud instances or VMs, such as unmanaging, initiating a manual poll, or toggling polling on/off.
- Throttling alerts in GCP.
Create a GCP service account and add IAM permissions for cloud monitoring in SolarWinds Observability Self-Hosted
Before you begin, contact an IT admin and have GCP projects within your organization created.
See Create service accounts in Google documentation for more information.
Log in to the Google console using an account with admin privileges.
Enable the following APIs/services:
- Cloud DNS API
- Cloud Resource Manager API
- Compute Engine API
- CloudMonitoring API
- Network Management API
- Network Services API
See Enabling an API in Google Cloud documentation.
Create a service account. See Create service accounts in Google Cloud documentation.
Grant the account the following required roles. See IAM basic and predefined roles reference in Google Cloud documentation.
Viewer roles roles/viewer
- general viewer
OR
roles/compute.viewer
- compute-specific roleroles/monitoring.viewer
- compute-specific roleroles/dns.reader
- compute-specific roleroles/compute.networkViewer
- compute-specific roleroles/networkmanagement.viewer
- network-specific role
Tag manager roles roles/tagUser
- create and manage tagsroles/tagViewer
- view resources by tag
Instance management roles roles/compute.instanceAdmin.v1
- perform start, stop, and delete operations on compute instances
OR
roles/editor
- includes permissions ofcompute.instanceAdmin.v1,
allows start, stop, and delete operations on other GCP resources.
Generate a private key for the service account. As the key type, select JSON. See Create and delete service account keys in Google Cloud documentation.
The generated key file contains the GCP credentials needed to add the GCP account to the SolarWinds Platform.
Add a GCP account for monitoring
In the SolarWinds Platform Web Console menu bar, click Settings > All Settings.
Scroll down to Product Specific Settings and click Cloud Infrastructure Monitoring Settings.
In Cloud Infrastructure Monitoring, click Add Cloud Account.
In the Add Cloud Account wizard, click Google Cloud Platform and then click Next.
On Cloud Settings, enter all required details and click Test connection to verify that you can connect to the GCP account. Click Next to continue.
In Cloud Account Display Name, type a name for the account you want to see in the web console.
Client Email - provide your email address used to access the GCP console.
Private Key - paste the key you generated for the GCP service account.
Project ID - enter ID of the GCP project you want to monitor.
Optionally, provide your Client Id, Scopes, and Credential Description.
Consider adding a description to remember which IAM user access key you applied.
On Monitored Regions, review the discovered regions and click Next.
All discovered regions are monitored, regardless of your selection. Region-specific monitoring will be added in a future version.
On Monitored Resources, review that Monitor all supported resources is selected and click Finish. Your GCP resources will be added for monitoring.
Explore GCP views
In the SolarWinds Platform Web Console menu bar, go to My Dashboards > Cloud > GCP to open the GCP Overview page, with an overview of monitored accounts, entities, and alerts triggered for GCP entities.
Overview
The Overview tab shows a summary of all monitored GCP entities, including triggered alerts and monitored accounts.
Network
The Network tab shows:
Total Network Entities
DNS Zones
Virtual Network Gateways
Site-to-Site connections
Storage
The Storage tab shows:
Volumes Storage Status
Volumes Storage Type
Cloud Storage Accounts
Top 5 Volumes size
Top 5 Used Capacity Cloud Storage Account
Compute
The Compute tab shows the summary of monitored GCP Compute Instances and VMs.
To view a list of monitored VMs with details, such as state, type, or CPU usage, click the Virtual Machines widget.
To view more details about a specific VM, click the VM. The VM details page opens.
Database
The Database tab shows information about monitored GCP Cloud Storage and Cloud SQL instances. The information includes total instances by type, total allocated storage, the total number of databases.