VMware vRealize Operations Management Pack for Google Cloud Platform | 21 APRIL 2020 | Build 16038385

What's in the Release Notes

The release notes cover the following topics:

Introduction

 The vRealize Operations Management Pack for Google Cloud Platform allows you to dive into the key performance indicators for your Google Cloud Platform environment. Each adapter instance of this Management Pack has diagnostic dashboards and collects metrics and properties from Google Cloud. 
This Management Pack supports the following Google Cloud Platform products:

  • Compute
  • Engine Container
  • Engine Cloud
  • Storage Cloud
  • VPN
  • Big Query

Compatibility

For compatibility between products, please refer to the VMware Product Interoperability Matrices.

Known Issues

  • Need access to specific services APIs and a service  account  to monitor resources

    Shows throttling issues while monitoring large scale GCP Environment with errors like " Quota exceeded for quota metric 'Time series queries' and limit 'Time series queries per minute' of service 'monitoring.googleapis.com' for consumer ".

    There is a Quota limit page in GCP console and has an option to change this to unlimited. To do so:

    1. Navigate to https://console.cloud.google.com/apis/api/monitoring.googleapis.com/quotas?project={Project Id}.
    2. Change the Limit of Time series queries per minute Quota to unlimited.
  • Permission denied errors: Improper authentication errors in GCP adapters and missing GCP resources in UI. seeing error in collector log "Permission '{resource name}' denied for resource 'projects/projectName ...'.", "status": "PERMISSION_DENIED"

    The Service account does not have the permissions to view the resources in the given Google Cloud Platform project. Grant the appropriate roles to a service account.

    Execute the following command to grant appropriate roles to a service account

    1. Open the IAM & Admin page in the Cloud Console. (https://console.cloud.google.com/projectselector2/iam-admin)
    2.  In the IAM & Admin page, click Select a project.
    3. Choose a project and click Open.
    4. Identify the service account to which you want to add a role.
      If the service account is not already on the member's list, it does not have any roles assigned to it. Click Add and enter the email address of the service account.
      If the service account is already on the member's list, it has existing roles. To edit the service account's roles, click Edit and select one or more roles to apply to the service account.
    5. Click Save to apply the roles to the service account.
  • Monitoring Kubernetes Resources like K8s Pod and K8s Container are Missing in GCP adapter.

    Kubernetes resources like pod and containers are not enabled by default in GCP. It gets blocked by Kubernetes RBAC policies. While fetching Kubernetes resource of GCP Containers Resources.error, GCP adapter throws an error "pods is forbidden: User \"system:anonymous\" cannot list resource \"pods\" in API group \"\" at the cluster scope","reason":"Forbidden","details":{"kind":"pods"},"code":403}”.

    RBAC policies set to restrict the resources we use and limits a few of our action. By default, clusterrolebinding has system:anonymous set which blocks the cluster access. Execute the following command to set a clusterrole as cluster-admin which will gives the required access.

    1. Open cloud shell in GCP console in monitoring project.
    2. Run the kubectl create clusterrolebinding cluster-system-anonymous --clusterrole=cluster-admin --user=system:anonymous command.
check-circle-line exclamation-circle-line close-line
Scroll to top icon