Skip to content

Commit

Permalink
Cherry-pick #14829 to 7.6: [Metricbeat] Add Google Cloud Platform mod…
Browse files Browse the repository at this point in the history
…ule (#15575)

* [Metricbeat] Add Google Cloud Platform module (#14829)

Includes Stackdriver and Compute Metricset

(cherry picked from commit 8be7745)
  • Loading branch information
sayden authored and Carlos Pérez-Aradros Herce committed Jan 15, 2020
1 parent 8fed36e commit 5ae15df
Show file tree
Hide file tree
Showing 80 changed files with 196,652 additions and 1 deletion.
37 changes: 36 additions & 1 deletion NOTICE.txt
Original file line number Diff line number Diff line change
Expand Up @@ -6158,6 +6158,41 @@ COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

--------------------------------------------------------------------
Dependency: google.golang.org/api/internal/third_party/uritemplates
Version: v0.14.0
Revision: 8a410c21381766a810817fd6200fce8838ecb277
License type (autodetected): BSD-3-Clause
./vendor/google.golang.org/api/internal/third_party/uritemplates/LICENSE:
--------------------------------------------------------------------
Copyright (c) 2013 Joshua Tacoma. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

--------------------------------------------------------------------
Dependency: google.golang.org/appengine
Version: v1.6.1
Expand All @@ -6170,7 +6205,7 @@ Apache License 2.0

--------------------------------------------------------------------
Dependency: google.golang.org/genproto
Revision: fa694d86fc64c7654a660f8908de4e879866748d
Revision: 83cc0476cb11ea0da33dacd4c6354ab192de6fe6
License type (autodetected): Apache-2.0
./vendor/google.golang.org/genproto/LICENSE:
--------------------------------------------------------------------
Expand Down
15 changes: 15 additions & 0 deletions metricbeat/docs/fields.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ grouped in the following categories:
* <<exported-fields-envoyproxy>>
* <<exported-fields-etcd>>
* <<exported-fields-golang>>
* <<exported-fields-googlecloud>>
* <<exported-fields-graphite>>
* <<exported-fields-haproxy>>
* <<exported-fields-host-processor>>
Expand Down Expand Up @@ -14485,6 +14486,20 @@ format: bytes
--
[[exported-fields-googlecloud]]
== Google Cloud Platform fields
GCP module
*`googlecloud.labels`*::
+
--
type: object
--
[[exported-fields-graphite]]
== Graphite fields
Expand Down
100 changes: 100 additions & 0 deletions metricbeat/docs/modules/googlecloud.asciidoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
////
This file is generated! See scripts/mage/docs_collector.go
////

[[metricbeat-module-googlecloud]]
[role="xpack"]
== Google Cloud Platform module

beta[]

This module periodically fetches monitoring metrics from Google Cloud Platform using
https://cloud.google.com/monitoring/api/metrics_gcp[Stackdriver Monitoring API] for Google Cloud Platform services.
Note: extra GCP charges on Stackdriver Monitoring API requests will be generated by this module.

[float]
== Module config and parameters
This is a list of the possible module parameters you can tune:

* *zone*: A single string with the zone you want to monitor like "us-central1-a". If you need to fetch from multiple regions, you have to setup a different configuration for each (but you don't need a new instance of Metricbeat running)
* *project_id*: A single string with your GCP Project ID
* *credentials_file_path*: A single string pointing to the JSON file path reachable by Metricbeat that you have created using IAM.
* *exclude_labels*: (`true`/`false` default `false`) Do not extract extra labels and metadata information from Metricsets and fetch metrics onlly. At the moment, *labels and metadata extraction is only supported* in Compute Metricset.

[float]
== Authentication, authorization and permissions.
Authentication and authorization in Google Cloud Platform can be achieved in many ways. For the current version of the Google Cloud Platform module for Metricbeat, the only supported method is using Service Account JSON files. A typical JSON with a private key looks like this:

[float]
==== Example Credentials
[source,json]
----
{
"type": "service_account",
"project_id": "your-project-id",
"private_key_id": "a_private_key_id",
"private_key": "-----BEGIN PRIVATE KEY-----your private key\n-----END PRIVATE KEY-----\n",
"client_email": "some-email@your-project-id.iam.gserviceaccount.com",
"client_id": "123456",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/metricbeat-testing%40your-project-id.iam.gserviceaccount.com"
}
----

Generally, you have to create a Service Account and assign it the following roles or the permissions described on each role:

* `Compute Viewer` (1 permission in use of 138):
- `monitoring.metricDescriptors.list`
- `monitoring.timeSeries.list`

* `Monitoring Viewer` (2 permissions in use of 13)
- `compute.instances.get`

You can play in IAM pretty much with your service accounts and Instance level access to your resources (for example, allowing that everything running in an Instance is authorized to use the Compute API). The module uses Google Cloud Platform libraries for authentication so many possibilities are open but the Module is only supported by using the method mentioned above.

[float]
== Google Cloud Platform module: Under the hood

Google Cloud Platform offers the https://cloud.google.com/monitoring/api/metrics_gcp[Stackdriver Monitoring API] to fetch metrics from its services. *Those metrics are retrieved one by one*.

If you also want to *extract service metadata and labels* (by setting `exclude_labels` to false, which is the default state). You also make a new API check on the corresponding service. Service labels requires a new API call to extract those metrics. In the worst case the number of API calls will be doubled. In the best case, all metrics come from the same GCP entity and 100% of the required information is included in the first API call (which is cached for subsequent calls).

A recommended `period` value between fetches is between 5 and 10 minutes, depending on how granular you want your metrics. GCP restricts information for less than 5 minutes.

[float]
=== Rough estimation of the number of API Calls
Google Cloud Platform pricing depends of the number of requests you do to their API's. Here you have some information that you can use to make an estimation of the pricing you should expect. For example, imagine that you have a Compute Metricset activated and you don't want to exclude labels. You have a total of 20 instances running in a particular GCP project, region and zone.

For example, if Compute Metricset fetches 14 metrics (which is the number of metrics fetched in the early beta version). Each of those metrics will attempt an API call to Compute API to retrieve also their metadata. Because you have 20 different instances, the total number of API calls that will be done on each refresh period are: 14 metrics + 20 instances = 34 API requests every 5 minutes if that is your current Period. 9792 API requests per day with one zone. If you add 2 zones more with the same amount of instances you'll have 19584 API requests per day (9792 on each zone) or around 587520 per month for the Compute Metricset. This maths must be done for each different Metricset with slight variations.


[float]
=== Example configuration

The Google Cloud Platform module supports the standard configuration options that are described
in <<configuration-metricbeat>>. Here is an example configuration:

[source,yaml]
----
metricbeat.modules:
- module: googlecloud
metricsets:
- compute
zone: "us-central1-a"
project_id: "your project id"
credentials_file_path: "your JSON credentials file path"
exclude_labels: false
period: 300s
----

[float]
=== Metricsets

The following metricsets are available:

* <<metricbeat-metricset-googlecloud-compute,compute>>

include::googlecloud/compute.asciidoc[]

18 changes: 18 additions & 0 deletions metricbeat/docs/modules/googlecloud/compute.asciidoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
////
This file is generated! See scripts/mage/docs_collector.go
////

[[metricbeat-metricset-googlecloud-compute]]
=== Google Cloud Platform compute metricset

beta[]

include::../../../../x-pack/metricbeat/module/googlecloud/compute/_meta/docs.asciidoc[]

This is a default metricset. If the host module is unconfigured, this metricset is enabled by default.

==== Fields

For a description of each field in the metricset, see the
<<exported-fields-googlecloud,exported fields>> section.

3 changes: 3 additions & 0 deletions metricbeat/docs/modules_list.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,8 @@ This file is generated! See scripts/mage/docs_collector.go
|<<metricbeat-module-golang,Golang>> |image:./images/icon-yes.png[Prebuilt dashboards are available] |
.2+| .2+| |<<metricbeat-metricset-golang-expvar,expvar>>
|<<metricbeat-metricset-golang-heap,heap>>
|<<metricbeat-module-googlecloud,Google Cloud Platform>> beta[] |image:./images/icon-no.png[No prebuilt dashboards] |
.1+| .1+| |<<metricbeat-metricset-googlecloud-compute,compute>> beta[]
|<<metricbeat-module-graphite,Graphite>> |image:./images/icon-no.png[No prebuilt dashboards] |
.1+| .1+| |<<metricbeat-metricset-graphite-server,server>>
|<<metricbeat-module-haproxy,HAProxy>> |image:./images/icon-yes.png[Prebuilt dashboards are available] |
Expand Down Expand Up @@ -248,6 +250,7 @@ include::modules/elasticsearch.asciidoc[]
include::modules/envoyproxy.asciidoc[]
include::modules/etcd.asciidoc[]
include::modules/golang.asciidoc[]
include::modules/googlecloud.asciidoc[]
include::modules/graphite.asciidoc[]
include::modules/haproxy.asciidoc[]
include::modules/http.asciidoc[]
Expand Down
Loading

0 comments on commit 5ae15df

Please sign in to comment.