As a cloud administrator, you can create a Google Cloud Platform (GCP) cloud account for account regions to which your team deploys vRealize Automation cloud templates.

Prerequisites

Procedure

  1. In Cloud Assembly, select Infrastructure > Connections > Cloud Accounts and then click Add Cloud Account.
  2. Select the Google Cloud Platform account type and enter the appropriate credentials and related information. Use the service account that was created when the source GCP account compute engine was initialized.

    As noted in the Prerequisites section above, credential requirements are available at Credentials required for working with cloud accounts in vRealize Automation. To successfully create the cloud account in vRealize Automation, the source GCP account must have the compute engine service enabled.

    In vRealize Automation, the project ID is part of the Google Cloud Platform endpoint. You specify it when you create the cloud account. During data collection of project-specific private images, the vRealize Automation GCP adapter queries the Google Cloud Platform API.

  3. Click Validate.
    The account regions associated with the account are collected.
  4. Select the regions to which you want to provision this resource.
  5. For efficiency, click Create a Cloud zone for the selected regions.
  6. If you need tags to support a tagging strategy, enter capability tags. See How do I use tags to manage Cloud Assembly resources and deployments and Creating a tagging strategy.

    video symbolFor more information about how capability tags and constraint tags help control deployment placements, see the Constraint Tags and Placement video tutorial.

  7. Click Add.

Results

The account is added to vRealize Automation, and the selected regions are available for the specified cloud zone.

When you configure a Google Cloud Platform cloud account and specify a GCP project, users with appropriate privileges can use GCP Virtual Private Cloud (VPC) network funtionality. These users have access to local networks for that project as well as to all of the shared networks and sub networks for that host project. You can select one of these local or shared networks on the Cloud Assembly Networks page and add it to a Network Profile so that you can use it in a GCP deployment. Users with the following roles can use VPC networks.
  • Compute Instance Administrators
  • Compute Network Administrators
  • Owners
  • Editors

What to do next

Create infrastructure resources for this cloud account.

The following paragraphs provide some information on deploying a Google Cloud Platform virtual machine from Cloud Assembly.

When you add a Google Cloud Platform cloud account to a Cloud Assembly cloud template, you can use the useSoleTenant YAML property to indicate that you want to deploy a virtual machine to a sole tenant node. This configuration enables you to isolate virtual machines for security, privacy or others issues.

To facilitate this functionality, Google Cloud Platform node affinity labels are converted to tags in Cloud Assembly, and these tags are applied on relevant vRealize Automation availability zones where node groups reside. When the useSoleTenant property is set to true, constraint tags must be one of the node affinity labels. Also, to deploy a machine in sole tenant mode, you must include the useSoleTenant property in the cloud template as well as the constraint tags.

Before using this feature, you must create the appropriate node template and node affinity labels inGoogle Cloud Platform and then create a node group.

The following YAML example shows how the useSoleTenant property can be used in Cloud Assembly cloud templates. The constraint tags are the node affinity labels that were auto-collected from your Google Cloud Platform server.

resources:
  Cloud_GCP_Machine_1:
    type: Cloud.GCP.Machine
    properties:
      image: ubuntu
      flavor: c2-family
      name: demo-vm
      useSoleTenant: true
      constraints:
        -tag: 'env:prod'
        -tag: 'region:asia-east1'

The Google Cloud Platform cloud account supports several administrator day 2 actions on deployed virtual machines. These day 2 actions for Google Cloud Platform virtual machines include create, delete, and revert actions for snapshots and attached disks. These actions are available from the Actions menu on the Cloud Assembly Deployments page.