This Terraform module will create a GCVE monitoring agent that can be used in your GCVE project to send logs into Cloud Operations. The agent will be created in the project that you specify as per the example.
The module will create a VM Instance called gcve-mon by default, and it will create a service account called gcve-mon-sa by default. Both can be changed by specifiy in the variable when calling the module.
You should place the password for your vCenter instance into a secret in secret manager within the same project that VMWare Engine is operating. The secret is vc_password by default however you can can specify another name.
The subnetwork you attach this to MUST have Private Network Access enabled, as a public ip is not created. This is likely preferrable as it is recommended to keep the VM Instance as secure as possible.
If you are using a different monitoring project to send logs to, you can specify it in the mon_project variable. However if you set that you will need to manually grant the sevice account monitoring.logging.write and monitoring.admin permissions in the monitoring project.
Google supplies a number of pre-built dashboards that can be used to monitor your GCVE project. They are called;
- GCVE Overview
- GCVE Virtual Machine Performance
- GCVE Contention
It is recommended to install all of these dashboards.
For more details on how GCVE monitoring works, please refer to;
- https://cloud.google.com/blog/products/vmware-engine/monitor-your-vmware-instances-in-google-cloud
- https://cloud.google.com/vmware-engine/docs/environment/howto-cloud-monitoring-standalone
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| gcve_mon_sa | The GCVE Monitor Service Account | string |
"gcve-mon-sa" |
no |
| instance_name | The name of the instance, 'gcds' will be used if not set | string |
"gcve-mon" |
no |
| mon_project | The project where the metrics will be sent. Use this if the monitoring project is different. If set to empty will use the project_id | string |
"" |
no |
| network | The network to deploy to, if not specified 'default' will be used | string |
"default" |
no |
| network_tag | The network tag to use for the instance | list(string) |
[ |
no |
| project_id | The project to deploy to | string |
n/a | yes |
| region | The region to deploy to | string |
n/a | yes |
| subnetwork | The subnetwork to deploy to, if not specified 'default' will be used | string |
"default" |
no |
| subnetwork_project | The project the subnetwork is in, if not specified null will be used | string |
"" |
no |
| vc_host | The vCenter hostname as provided from the VMWARE installation | string |
n/a | yes |
| vc_secret | The project secret that contains the vCenter password as provided from the VMWARE installation | string |
"vc_secret" |
no |
| vc_user | The vCenter user as provided from the VMWARE installation | string |
n/a | yes |
| zone | The zone to deploy to | string |
n/a | yes |
No output.