This page describes how to install version 0.1 of the GCP integration in a Kubernetes container, which is scheduled for deprecation.
To ingest metrics and/or logs from Google Cloud, you need to deploy a container on GKE (it also works on Google Autopilot). After it's deployed, you get metrics for services defined in the configmap, preset dashboards, and predefined alerts.
For complete observability of your workloads, be sure to set up generic log ingestion before installation. This requires additional configuration and a second container to forward the logs. See below for instructions.
If you are using Log Monitoring v1, enable the latest version of Dynatrace log monitoring.
Create a Pub/Sub topic and add a subscription to it. There are two ways to do this:
Set up a Pub/Sub topic and add a subscription to it.
When editing the subscription, we recommend the following values:
120
seconds1
dayRun the following shell script in the GCP project you've selected for deployment.
Be sure to replace <your-subscription-name>
and <your-topic-name>
with your own values.
wget https://raw.githubusercontent.com/dynatrace-oss/dynatrace-gcp-monitor/master/scripts/deploy-pubsub.shchmod +x deploy-pubsub.sh./deploy-pubsub.sh --topic-name <your-topic-name> --subscription-name <your-subscription-name>
Configure log export to send the desired logs to the GCP Pub/Sub topic created in Step 2.
If you choose to use an existing ActiveGate during deployment, configure ActiveGate for generic log ingestion.
To deploy the Dynatrace GCP Monitor in a Kubernetes container, you need to make sure the following GCP and Dynatrace requirements are met.
Running the deployment script requires a list of permissions. You can create a custom role (see below) and use it to deploy dynatrace-gcp-monitor
.
dynatrace-gcp-monitor-helm-deployment-role.yaml
with the following content:title: Dynatrace GCP Monitor helm deployment roledescription: Role for Dynatrace GCP Monitor helm and pubsub deploymentstage: GAincludedPermissions:- container.clusters.get- container.configMaps.create- container.configMaps.delete- container.configMaps.get- container.configMaps.update- container.deployments.create- container.deployments.delete- container.deployments.get- container.deployments.update- container.namespaces.create- container.namespaces.get- container.pods.get- container.pods.list- container.replicaSets.create- container.replicaSets.get- container.replicaSets.getScale- container.replicaSets.getStatus- container.replicaSets.list- container.secrets.create- container.secrets.delete- container.secrets.get- container.secrets.list- container.secrets.update- container.serviceAccounts.create- container.serviceAccounts.delete- container.serviceAccounts.get- container.services.create- container.services.delete- container.services.get- container.statefulSets.create- container.statefulSets.delete- container.statefulSets.get- container.statefulSets.update- iam.roles.create- iam.roles.list- iam.roles.update- iam.serviceAccounts.actAs- iam.serviceAccounts.create- iam.serviceAccounts.getIamPolicy- iam.serviceAccounts.list- iam.serviceAccounts.setIamPolicy- pubsub.subscriptions.create- pubsub.subscriptions.get- pubsub.subscriptions.list- pubsub.topics.attachSubscription- pubsub.topics.create- pubsub.topics.getIamPolicy- pubsub.topics.list- pubsub.topics.setIamPolicy- pubsub.topics.update- resourcemanager.projects.get- resourcemanager.projects.getIamPolicy- resourcemanager.projects.setIamPolicy- serviceusage.services.enable- serviceusage.services.get
<your_project_ID>
with the project ID where you want to deploy the dynatrace integration.gcloud iam roles create dynatrace_monitor.helm_deployment --project=<your_project_ID> --file=dynatrace-gcp-monitor-helm-deployment-role.yaml
Be sure to add this role to your GCP user.
If you run the deployment from GCP Cloud Shell, you don't need to install additional tools.
If you run the deployment from any host with bash, you need to install:
If you run the deployment on an existing GKE standard cluster, you need to:
If you run the deployment on an existing GKE Autopilot cluster, or on a new Autopilot cluster that will be automatically created by deployment script, there are no additional settings.
Review the requirements for ActiveGate and tokens as described below.
For ActiveGate, you have two options:
The requirements for API and PaaS tokens are as follows:
To install the GCP Monitor in a Kubernetes cluster, follow the instructions below.
Download the helm deployment package in Google Cloud Shell
Determine the URL for your environment
Configure parameter values
Connect your Kubernetes cluster
Run the script
Download and run the installation script below, making sure to replace <VERSION>
with the release version you want to download, for example 0.1.19
.
Be sure to choose one of the versions before release-1.0.0
, as the newer versions require different installation instructions.
wget -q "https://github.com/dynatrace-oss/dynatrace-gcp-monitor/releases/download/release-<VERSION>/helm-deployment-package.tar"; tar -xvf helm-deployment-package.tar; chmod +x helm-deployment-package/deploy-helm.sh
https://<your-environment-id>.live.dynatrace.com
https://<your-domain>/e/<your-environment-id>
https://<your-active-gate-IP-or-hostname>:9999/e/<your-environment-id>
To determine <your-environment-id>
, see environment ID.
The values.yaml
file located in helm-deployment-package/dynatrace-gcp-monitor
allows you to set the required and optional parameter values. See below for the complete list of parameters available for this integration.
Parameter name | Description | Default value |
---|---|---|
gcpProjectId | The GCP project ID where the Dynatrace GCP Monitor should be deployed. Use the GCP project of log Sink Pub/Sub subscription. For details, see Set up generic log ingestion. | Your current project ID |
deploymentType | Set to 'all'. | all |
dynatraceAccessKey | Your Dynatrace API token with the required permissions according to your selected deployment. For details, see Token requirements. | |
activeGate.dynatracePaasToken | Your PaaS token. For details, see Token requirements. | |
dynatraceUrl | Your Dynatrace environment endpoint. For details, see Determine the URL for your environment. | |
logsSubscriptionId | The ID of your log Sink Pub/Sub subscription. For details, see Set up generic log ingestion. |
optional
Parameter name | Description | Default value |
---|---|---|
activeGate.useExisting | Set to true if you choose to use an existing ActiveGate to ingest logs. For details, see ActiveGate requirements. | false |
dynatraceLogIngestUrl | Your ActiveGate endpoint used to ingest logs to Dynatrace. For details, see Determine the URL for your environment. | |
requireValidCertificate | If set to true , Dynatrace requires the SSL certificate of your Dynatrace environment. | true |
selfMonitoringEnabled | Send custom metrics to GCP to quickly diagnose if dynatrace-gcp-monitor processes and sends metrics/logs to Dynatrace properly. | false |
dockerImage | Dynatrace GCP Monitor docker image. We recommend using the default value, but you can adapt it if needed. | dynatrace/dynatrace-gcp-monitor |
logIngestContentMaxLength | The maximum content length of a log event. Should be less than or equal to the setting on your Dynatrace environment. | 8192 |
logIngestAttributeValueMaxLength | The maximum length of the log event attribute value. If it exceeds the server limit, content will be truncated. | 250 |
logIngestRequestMaxEvents | The maximum number of log events in a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413 . | 5000 |
logIngestRequestMaxSize | The maximum size in bytes of a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413 . | 1048576 |
logIngestEventMaxAgeSeconds | Determines the maximum age of a forwarded log event. Should be less than or equal to the setting on your Dynatrace environment. | 86400 |
printMetricIngestInput | If set to true , the GCP Monitor outputs the lines of metrics to stdout. | false |
serviceUsageBooking | Service usage booking is used for metrics and determines a caller-specified project for quota and billing purposes. If set to source , monitoring API calls are booked in the project where the Kubernetes container is running. If set to destination , monitoring API calls are booked in the project that is monitored. For details, see Monitor multiple GCP projects - Step 4. | source |
useProxy | Depending on the value you set for this flag, the GCP Monitor will use the following proxy settings: Dynatrace (set to DT_ONLY ), GCP API (set to GCP_ONLY ), or both (set to ALL ). | By default, proxy settings are not used. |
httpProxy | The proxy HTTP address; use this flag in conjunction with USE_PROXY . | |
httpsProxy | The proxy HTTPS address; use this flag in conjunction with USE_PROXY . | |
importDashboards | Import predefined dashboards for selected services. | true |
importAlerts | Import predefined alerting rules for selected services. | true |
gcpServicesYaml | Configuration file for GCP services. | |
queryInterval | Metrics polling interval in minutes. Allowed values: 1 - 6 | 3 |
Parameter name | Description | Default value |
---|---|---|
deploymentType | Set to 'metrics'. | all |
dynatraceAccessKey | Your Dynatrace API token with the required permissions according to your selected deployment. For details, see Token requirements. | |
dynatraceUrl | Your Dynatrace environment endpoint. For details, see Determine the URL for your environment. |
optional
Parameter name | Description | Default value |
---|---|---|
requireValidCertificate | If set to true , Dynatrace requires the SSL certificate of your Dynatrace environment. | true |
selfMonitoringEnabled | Send custom metrics to GCP to quickly diagnose if dynatrace-gcp-monitor processes and sends metrics/logs to Dynatrace properly. | false |
dockerImage | Dynatrace GCP Monitor docker image. We recommend using the default value, but you can adapt it if needed. | dynatrace/dynatrace-gcp-monitor |
printMetricIngestInput | If set to true , the GCP Monitor outputs the lines of metrics to stdout. | false |
serviceUsageBooking | Service usage booking is used for metrics and determines a caller-specified project for quota and billing purposes. If set to source , monitoring API calls are booked in the project where the Kubernetes container is running. If set to destination , monitoring API calls are booked in the project that is monitored. For details, see Monitor multiple GCP projects - Step 4. | source |
useProxy | Depending on the value you set for this flag, the GCP Monitor will use the following proxy settings: Dynatrace (set to DT_ONLY ), GCP API (set to GCP_ONLY ), or both (set to ALL ). | By default, proxy settings are not used. |
httpProxy | The proxy HTTP address; use this flag in conjunction with USE_PROXY . | |
httpsProxy | The proxy HTTPS address; use this flag in conjunction with USE_PROXY . | |
importDashboards | Import predefined dashboards for selected services. | true |
importAlerts | Import predefined alerting rules for selected services. | true |
gcpServicesYaml | Configuration file for GCP services. | |
queryInterval | Metrics polling interval in minutes. Allowed values: 1 - 6 | 3 |
Parameter name | Description | Default value |
---|---|---|
gcpProjectId | The GCP project ID where the Dynatrace GCP Monitor should be deployed. Use the GCP project of log Sink Pub/Sub subscription. For details, see Set up generic log ingestion. | Your current project ID |
deploymentType | Set to 'logs'. | all |
dynatraceAccessKey | Your Dynatrace API token with the required permissions according to your selected deployment. For details, see Token requirements. | |
activeGate.dynatracePaasToken | Your PaaS token. For details, see Token requirements. | |
dynatraceUrl | Your Dynatrace environment endpoint. For details, see Determine the URL for your environment. | |
logsSubscriptionId | The ID of your log Sink Pub/Sub subscription. For details, see Set up generic log ingestion. |
optional
Parameter name | Description | Default value |
---|---|---|
activeGate.useExisting | Set to true if you choose to use an existing ActiveGate to ingest logs. For details, see ActiveGate requirements. | false |
dynatraceLogIngestUrl | Your ActiveGate endpoint used to ingest logs to Dynatrace. For details, see Determine the URL for your environment. | |
requireValidCertificate | If set to true , Dynatrace requires the SSL certificate of your Dynatrace environment. | true |
selfMonitoringEnabled | Send custom metrics to GCP to quickly diagnose if dynatrace-gcp-monitor processes and sends metrics/logs to Dynatrace properly. | false |
dockerImage | Dynatrace GCP Monitor docker image. We recommend using the default value, but you can adapt it if needed. | dynatrace/dynatrace-gcp-monitor |
logIngestContentMaxLength | The maximum content length of a log event. Should be less than or equal to the setting on your Dynatrace environment. | 8192 |
logIngestAttributeValueMaxLength | The maximum length of the log event attribute value. If it exceeds server limit, content will be truncated. | 250 |
logIngestRequestMaxEvents | The maximum number of log events in a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413 . | 5000 |
logIngestRequestMaxSize | The maximum size in bytes of a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413 . | 1048576 |
logIngestEventMaxAgeSeconds | Determines the maximum age of a forwarded log event. Should be less than or equal to the setting on your Dynatrace environment. | 86400 |
--create-autopilot-cluster
to the script. No connection is needed in this case, because the deployment script will connect to the new cluster automatically.dynatrace-gcp-monitor
to your Kubernetes cluster.--create-autopilot-cluster
option, the script will automatically create the new GKE Autopilot cluster and deploy dynatrace-gcp-monitor
to it.To run the script, follow the instructions below.
You have two options:
dynatrace-gcp-monitor-sa
for the IAM service account name and dynatrace_monitor
for the IAM role name prefix):cd helm-deployment-package./deploy-helm.sh
cd helm-deployment-package./deploy-helm.sh [--service-account <service-account-to-be-created/updated>] [--role-name <role-to-be-created/updated>]
To check whether installation was successful
Check if the container is running.
After the installation, it may take couple of minutes until the container is up and running.
kubectl -n dynatrace get pods
Check the container logs for errors or exceptions. You have two options:
For deployments of type 'metrics', run:
kubectl -n dynatrace logs -l app=dynatrace-gcp-monitor -c dynatrace-gcp-monitor-metrics
For deployments of type 'logs', run:
kubectl -n dynatrace logs -l app=dynatrace-gcp-monitor -c dynatrace-gcp-monitor-logs
For deployments of type 'all', run:
kubectl -n dynatrace logs -l app=dynatrace-gcp-monitor -c dynatrace-gcp-monitor-metricskubectl -n dynatrace logs -l app=dynatrace-gcp-monitor -c dynatrace-gcp-monitor-logs
Check if dashboards are imported (for deployments of type 'metrics' or 'all').
Go to Dashboards or Dashboards Classic and filter by Tag for Google Cloud. A number of dashboards for Google Cloud Services should be available.
After deploying the integration, depending on your deployment type, you can:
cloud.provider: gcp
.To investigate potential deployment and connectivity issues, see Troubleshoot Google Cloud monitoring setup.