Managing GCP Projects
Status of Google Project
Google Projects configured in the VMware Tanzu CloudHealth Platform are assigned a Status that indicates the health of the project. A project can switch between the following statuses depending on specific conditions.
Green
- Billing account is enabled for the project
- Storage bucket is verified
- Compute API is enabled for the project
- Billing API is enabled for the project
- Storage API is enabled for the project
Yellow
One or more of these errors occurred.
- No storage bucket exists for the bucket name provided
- No billing statement bucket or prefix is entered
- Storage API is not enabled for the project
Red
One or more of these errors occurred.
- The project does not exist
- The billing account does not exist for the project
- The billing account is not enabled for the project
- Billing API is not enabled for the project
- Compute API is not enabled for the project
- The provided JSON or P12 keys are invalid or stale
- API email or key is invalid
Not Configured
This status only appears for projects that are not consolidated under another project.
All standalone projects enabled in the Tanzu CloudHealth Platform require you to configure a P12 private key and passphrase or a JSON private key. The status Not Configured appears if one of these errors occur.
- P12 key: A valid PKCS12 private key and private key passphrase are not present
- JSON key: A valid RSA private key is not present
Pending
This status appears in the narrow timeframe between project creation and project verification. Verification occurs each time a new project is enabled or an existing project is updated in the Tanzu CloudHealth Platform. If project verification fails, the Pending state persists.
Unknown
A catch-all state that appears when conditions do not match those for any of the other states.
Invite GCP Customers to Tanzu CloudHealth Platform
Invite users to Tanzu CloudHealth to allow them access to the Tanzu CloudHealth platform.
- Log in to the Tanzu CloudHealth Platform. In the bottom-left corner, switch to the customer that you want to invite.
- From the left menu, select Setup > Admin > Users. Click Invite User.
- Enter the name, email address, and role of the user you want to invite. If you are an administrator, you can click the Invite Google tab to allow a Google employee to view your Tanzu CloudHealth account.
- Click Invite User.
Cost Allocation by Resource Level Label for GCP
Why Cost Allocation By Resource Level Label
For BigQuery Billing Export, the costs at resource level is an aggregate of the project, product SKU, and label combination. Tanzu CloudHealth provides visibility using project level labels and perspective engines. In addition to this, labelling at resource level provides better granularity.
The Cost Allocation by Resource Level Label (CARLL) in Tanzu CloudHealth allows users to allocate costs in Perspectives based on the labels that have been added at the resource level. This supports accurate chargebacks/showbacks based on usage at a resource level. Resource level visibility also supports daily granularity.
Apply CARLL to Perspectives
- Navigate to Setup > Perspectives and click on a Perspective.
- Under the Discover tab, click on the dropdown for Choose an Asset Type.
- Scroll down to Google Cloud Platform and select BigQuery Billing Line Item from the dropdown.
- (Optional) Select either of the Discovery Method and choose the field for categorization or set the filters to run the search.
- From the results, select the BigQuery Billing Line Item and click on Add to Existing Group to add this to the Perspective.
Disable GCP Unknown Project Cost Reallocation
By default, Tanzu CloudHealth reallocates the unknown billing account cost among all the projects under a given billing account according to the proportion of their original cost. With the Disable GCP Non-project cost reallocation option, you can stop the default billing account cost reallocation and keep that cost under Unknown Projects at the billing account level.
This feature gives you the flexibility to manage cost reallocation on your own as per your business requirement and build your best chargeback and show back models.
If you disable the cost reallocation of unidentified projects, it won’t be applied to historical data, and the feature does not support backfilling or adjustment.
To disable the automatic cost reallocation, go to Setup > Admin > Settings. Scroll down to the Settings section and turn ON the toggle button.
| Toggle | Cost Reallocation |
|---|---|
| ON | Disabled |
| OFF | Enabled |
Tanzu CloudHealth Collection Frequency for GCP
The frequencies specified below indicate the rates at which Tanzu CloudHealth adds API service queries to a queue. These queries help Tanzu CloudHealth identify changes in your GCP infrastructure. These frequencies are not the intervals at which the Tanzu CloudHealth platform refreshes with changes in your GCP infrastructure.
Tanzu CloudHealth makes the best effort to queue up query requests at these frequencies. However, factors such as network latency, the number of queued items to be processed, the number of GCP services that you utilize, and GCP service-level rate limits determine how quickly the query responses are returned to the Tanzu CloudHealth platform.
A new public region will be discovered automatically and added to the Tanzu CloudHealth platform in 24 to 48 hours. Once discovered, data of the new region and supported assets in that region will be available in the Tanzu CloudHealth platform in approximately 24 hours.
Every 15 min
- Attached disks
- Buckets
- Disks
- Instances
- Images
- Snapshots
- Static IPs
- Zones
Every 1 h
-GKE Clusters
Every 4 h
- Dataproc Clusters
Every 12 h
- Billing
- Derive Projects
- Rightsizing
Every 24 h
- Disk Types
- Machine types
- Regions
Templates such as Deployment Manager for GCP can be configured to receive notifications for hyperscaler changes. These templates use scripts for creating and enabling the required resources for generating and routing the related events.
Detailed Data Export
Tanzu CloudHealth supports detailed GCP data export for the following resources:
- Compute Engine
- Google Kubernetes Engine (GKE)
- Cloud Functions
- Cloud Run
- Cloud SQL
- Cloud Spanner
- App Engine
- Firestore and Datastore
This is now supported only through FlexReports. For resource level visibility, configure detailed data export at the GCP console and configure these for Tanzu CloudHealth GCP accounts.
Configure GCP Account for Detailed Data Export
- On Tanzu CloudHealth platform, under Google Cloud, navigate to Setup > Accounts > GCP > GCP Billing, and click on Add Account.
- Under Big Query > Table, select the table for Detailed export - gcp_billing_export_resource_v1_BILLING_ACCOUNT_ID.
- Click Save Account.
Note: You can have only one table configured at a time. It is not recommended to change the configuration from detailed export to standard export for an existing account as it will take away all resource level details and Perspectives built on these. These Perspectives will appear as assets not allocated.
Partners can also use existing data-connect API to modify the detailed export table.
Configure FlexReports
- On Tanzu CloudHealth platform, under Google Cloud, navigate to Reports > FlexReports. Create a new report or click on Edit for the report to be modified.
- Under Report Configuration > Dimensions, click on Add Dimensions.
- Click on Service and select the following two options from the drop-down list:
- ResourceGlobalName - Column for the resource unique identifier
- ResourceName - Column for the name provided by user
- Click Apply. Click Save & Run Report to access the detailed report.
Enable Eventing
Execute the cloud shell script within a GCP project to set up an event stream.
Install the Script
- Navigate to Setup > Accounts > GCP Projects.
- Locate the project in the list. Note that the Eventing Status for this project will be OFF.
- Click on the ⇄ icon for the project.
- The pop-up window will display the steps and the script for installing event streaming.
Verify if the event stream is activated
- Navigate to Setup > Accounts > GCP Projects.
- Locate your project in the list.
- Check if the field Eventing Status displays ON. This verifies that event stream is activated for your account.
While the event stream is active, you will see real-time updates in the service for any changes in your GCP project.
Disable Eventing
Execute the cloud shell script within a GCP project to disable and tear down the event stream setup for the added GCP projects.
This script will remove all earlier constructs and will disable event generation on any changes.
Install the Script
- Navigate to Setup > Accounts > GCP Projects.
- Locate the project in the list. Note that the Eventing Status for this project will be ON.
- Click on the ⇄ icon for the project.
- The pop-up window will display the steps and the script for uninstalling event streaming.
Verify if the event stream is disabled
- Navigate to Setup > Accounts > GCP Projects.
- Locate the project in the list. Filter if necessary.
- Check if the field Eventing Status displays OFF. This verifies that event stream is disabled for your account.
