Set up the Dynatrace GCP log and metric integration on an existing GKE cluster
Dynatrace version 1.230+
As an alternative to the main deployment, where the deployment script runs in a new automatically created GKE Autopilot cluster, you can choose to run the deployment script on an existing standard GKE or GKE Autopilot cluster. In this scenario, you will set up Google Cloud Platform monitoring for metrics and logs in Google Cloud Shell. During setup, a new Pub/Sub subscription will be created. GKE will run two containers: a metric forwarder and a log forwarder. After installation, you'll get metrics, logs, dashboards, and alerts for your configured services in Dynatrace.
For other deployment options, see Alternative deployment scenarios.
Dynatrace version 1.230+
This page describes how to install version 1.0 of the GCP integration on a GKE cluster.
- If you already have an earlier version installed, you need to migrate.
Prerequisites
To deploy the integration, you need to make sure the following requirements are met:
GCP permissions
Running the deployment script requires a list of permissions. You need to create a custom role (see below) and use it to deploy dynatrace-gcp-function.
- Create a YAML file named
dynatrace-gcp-function-helm-deployment-role.yamlwith the following content:
- Run the command below, replacing
<your_project_ID>with the project ID where you want to deploy the Dynatrace integration.
gcloud iam roles create dynatrace_function.helm_deployment --project=<your_project_ID> --file=dynatrace-gcp-function-helm-deployment-role.yamlNote: Be sure to add this role to your GCP user. For details, see Grant or revoke a single role.
GCP settings
The location where you deploy the integration determines whether you need make any additional settings.
Deploy on an existing GKE Autopilot cluster
If you deploy the integration on an existing GKE Autopilot cluster, you don't need to make any additional settings.
Deploy on an existing GKE standard cluster
If you deploy the integration on an existing GKE standard cluster, you need to
Configure log export
- Run the following shell script in the GCP project you've selected for deployment.
Note: Be sure to replace <your-subscription-name> and <your-topic-name> with your own values.
wget https://raw.githubusercontent.com/dynatrace-oss/dynatrace-gcp-function/master/scripts/deploy-pubsub.sh
chmod +x deploy-pubsub.sh
./deploy-pubsub.sh --topic-name <your-topic-name> --subscription-name <your-subscription-name>- Configure log export to send the desired logs to the GCP Pub/Sub topic created above.
Dynatrace permissions
You need to create a token with a set of permissions.
- In the Dynatrace menu, go to Access tokens.
- Select Generate new token.
- Enter a name for your token.
- Under Template, select
GCP Services Monitoring. - Select Generate.
- Copy the generated token to the clipboard. Store the token in a password manager for future use.
Alternatively, you can create the token and add permissions manually.
Log ingestion
-
If you are using Log Monitoring v1, enable the latest version of Dynatrace log monitoring
-
Determine where log ingestion will be performed, according to your deployment. This distinction is important when configuring the parameters for this integration.
-
For SaaS deployments: SaaS log ingest, where log ingestion is performed directly through the Cluster API. recommended
-
For Managed deployments: You have two options:
-
Have the installation script create a dedicated ActiveGate for log ingestion - requires you to create a PaaS token
-
Use an existing ActiveGate for log ingestion
-
-
Install
Complete the steps below to finish your setup.
Download the Helm deployment package in Google Cloud Shell
Configure parameter values
Connect your Kubernetes cluster
Run the deployment script
Download the Helm deployment package in Google Cloud Shell
wget -q "https://github.com/dynatrace-oss/dynatrace-gcp-function/releases/latest/download/helm-deployment-package.tar"; tar -xvf helm-deployment-package.tar; chmod +x helm-deployment-package/deploy-helm.sh Configure parameter values
- The Helm deployment package contains a
values.yamlfile with the necessary configuration for this deployment. Go tohelm-deployment-package/dynatrace-gcp-functionand edit thevalues.yamlfile, setting the required and optional parameter values as follows.
| Parameter name | Description | Default value | ||||
|---|---|---|---|---|---|---|
gcpProjectId | required The ID of the GCP project you've selected for deployment. | Your current project ID | ||||
deploymentType | required Leave to 'all'. | all | ||||
dynatraceAccessKey | required Your Dynatrace API token with the required permissions. | |||||
dynatraceUrl | required Your environment URL (https://<your-environment-id>.live.dynatrace.com).Note: To determine <your-environment-id>, see environment ID. | |||||
logsSubscriptionId | required The ID of your log Sink Pub/Sub subscription. For details, see Configure log export. | |||||
dynatraceLogIngestUrl | required Required only for SaaS log ingestion, or for Managed log ingestion with an existing ActiveGate. For SaaS log ingestion, it's your environment URL ( https://<your_environment_ID>.live.dynatrace.com)For Managed with an existing ActiveGate, it's the URL of your ActiveGate ( https://<your_activegate_IP_or_hostname>:9999/e/<your_environment_ID>)Note: To determine <your-environment-id>, see environment ID. | true | ||||
requireValidCertificate | optional If set to true, Dynatrace requires the SSL certificate of your Dynatrace environment. For SaaS log ingestion, we recommend leaving the default value. For Managed log ingestion with a new ActiveGate, we recommend setting this value to false. | true | ||||
selfMonitoringEnabled | optional Send custom metrics to GCP to quickly diagnose if dynatrace-gcp-function processes and sends metrics/logs to Dynatrace properly. For details, see Self-monitoring metrics for the Dynatrace GCP integration. | false | ||||
serviceAccount | optional Name of the service account to be created. | |||||
dockerImage | optionalDynatrace GCP function Docker image. We recommend using the default value, but you can adapt it if needed. | dynatrace/dynatrace-gcp-function:v1-latest | ||||
logIngestContentMaxLength | optional The maximum content length of a log event. Should be the same as or lower than the setting on your Dynatrace environment. | 8192 | ||||
logIngestAttributeValueMaxLength | optional The maximum length of the log event attribute value. If it exceeds the server limit, content will be truncated. | 250 | ||||
logIngestRequestMaxEvents | optional The maximum number of log events in a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413. | 5000 | ||||
logIngestRequestMaxSize | optional The maximum size in bytes of a single payload to the logs ingestion endpoint. If it exceeds the server limit, payload will be rejected with code 413. | 1048576 | ||||
logIngestEventMaxAgeSeconds | optional Determines the maximum age of a forwarded log event. Should be the same as or lower than the setting on your Dynatrace environment. | 86400 | ||||
printMetricIngestInput | optional If set to true, the function outputs the lines of metrics to stdout. | false | ||||
serviceUsageBooking | optional Service usage booking is used for metrics and determines a caller-specified project for quota and billing purposes. If set to source, monitoring API calls are booked in the project where the Kubernetes container is running. If set to destination, monitoring API calls are booked in the project that is monitored. For details, see Monitor multiple GCP projects - Step 4. | source | ||||
useProxy | optional Depending on the value you set for this flag, the function will use the following proxy settings: Dynatrace (set to DT_ONLY), GCP API (set to GCP_ONLY), or both (set to ALL). | By default, proxy settings are not used. | ||||
httpProxy | optional The proxy HTTP address; use this flag in conjunction with USE_PROXY. | |||||
httpsProxy | optional The proxy HTTPS address; use this flag in conjunction with USE_PROXY. | |||||
gcpServicesYaml | optional Configuration file for GCP services. | |||||
queryInterval | optional Metrics polling interval in minutes. Allowed values: 1 - 6 | 3 |
- Choose which services you want Dynatrace to monitor.
By default, the Dynatrace GCP integration starts monitoring a series of selected services. Uncomment any additional services you want Dynatrace to monitor in the values.yaml file.
Note: For DDU consumption information, see Monitoring consumption.
Connect your Kubernetes cluster
To connect to your existing GKE standard cluster or existing GKE Autopilot cluster, run the command below, making sure to replace
<cluster>with your cluster name<region>with the region where your cluster is running<project>with the project ID where your cluster is running
gcloud container clusters get-credentials <cluster> --region <region> --project <project>For details, see Configuring cluster access for kubectl.
Run the deployment script
The deployment script will create an IAM service account with the necessary roles and deploy dynatrace-gcp-function to your GKE cluster.
You have two options:
- Run the deployment script without parameters if you want to use the default values provided (
dynatrace-gcp-function-safor the IAM service account name anddynatrace_functionfor the IAM role name prefix):
cd helm-deployment-package
./deploy-helm.sh- Run the deployment script with parameters if you want to set your own values (be sure to replace the placeholders with your desired values):
cd helm-deployment-package
./deploy-helm.sh [--role-name <role-to-be-created/updated>]Verify installation
To check whether installation was successful
-
Check if the container is running.
Note: After the installation, it may take couple of minutes until the container is up and running.
kubectl -n dynatrace get pods -
Check the container logs for errors or exceptions. You have two options:
Run the following commands.
kubectl -n dynatrace logs -l app=dynatrace-gcp-function -c dynatrace-gcp-function-metrics
kubectl -n dynatrace logs -l app=dynatrace-gcp-function -c dynatrace-gcp-function-logsTo check the container logs for errors in your GCP console
- Go to Logs explorer.
- Use the filters below to get metric and/or log ingest logs from the Kubernetes container:
resource.type="k8s_container"resource.labels.container_name="dynatrace-gcp-function-metrics"(for metric ingest logs)resource.labels.container_name="dynatrace-gcp-function-logs"(for log ingest logs)
-
Check if dashboards are imported.
In the Dynatrace menu, go to Dashboards and filter by Tag for
Google Cloud. A number of dashboards for Google Cloud Services should be available.
Enable alerting
To activate alerting, you need to enable custom events for alerting in Dynatrace.
To enable custom events
- In the Dynatrace menu, go to Settings.
- In Anomaly detection, select Custom events for alerting.
- Filter for GCP alerts and turn on On/Off for the alerts you want to activate.
View metrics and logs
After deploying the integration, depending on your deployment type, you can:
- See metrics from monitored services: in the Dynatrace menu, go to Metrics and filter by
gcp. - View and analyze GCP logs: in the Dynatrace menu, go to Logs and, to look for GCP logs, filter by
cloud.provider: gcp.
View enabled services
The list of currently enabled services can be found in the cluster's ConfigMap named dynatrace-gcp-function-config.
Add or remove services
To add or remove monitored services, follow the steps below.
- Edit
values.yamlby commenting or uncommenting configuration blocks corresponding to specific services. Note: If you already deleted the deployment package and don't have the originalvalues.yamlfile anymore, you can use a new one. In this case, the new file will override your previous configuration, so make sure not to accidentally disable monitoring of previously monitored services. - Update monitored services by running the script below.
cd helm-deployment-package ./deploy-helm.sh --upgrade-extensions - If you removed services from monitoring, find the relevant extensions in your Dynatrace Hub (in the Dynatrace menu, go to Extensions) and delete them to remove service-specific assets (dashboards, alerts, etc).
Example
In the following example
- The
gae_instanceservice is disabled. - For the
gce_instanceservice, only two feature sets are enabled:default_metricsandistio.
# Google App Engine Instance
#- service: gae_instance
# featureSets:
# - default_metrics
# vars:
# filter_conditions: ""
# Google VM Instance
- service: gce_instance
featureSets:
- default_metrics
# - agent
# - firewallinsights
- istio
# - uptime_check
vars:
filter_conditions: ""For a complete list of the GCP supported services, see Google Cloud Platform supported service metrics.
Change deployment settings
- To change the deployment type (
all,metrics, orlogs), see Change deployment type. - To change which services are monitored, see Add or remove services.
- To change other settings in
values.yaml, see Change parameters fromvalues.yaml.
Change parameters from values.yaml
To load a new values.yaml file, you need to upgrade your Helm release.
To update your Helm release
-
Find out what helm release version you're using.
helm ls -n dynatrace -
Run the command below, making sure to replace
<your-helm-release>with the value from the previous step.helm upgrade <your-helm-release> dynatrace-gcp-function -n dynatrace
For details, see Helm upgrade.
Change deployment type
To change the deployment type (all, metrics, or logs)
-
Find out what Helm release version you're using.
helm ls -n dynatrace -
Uninstall the release.
Note: Be sure to replace
<your-helm-release>with the release name from the previous output.helm uninstall <your-helm-release> -n dynatrace -
Edit
deploymentTypeinvalues.yamlwith the new value and save the file. -
Run the deployment command again. For details, see Run the deployment script.
Troubleshoot
To investigate potential deployment and connectivity issues
- Verify installation
- Enable self-monitoring optional
- Check the
dynatrace_gcp_<date_time>.loglog file created during the installation process.
- This file will be created each time the installation script runs.
- The debug information won't contain sensitive data such as the Dynatrace access key.
- If you are contacting Dynatrace ONE:
- Make sure to provide the
dynatrace_gcp_<date_time>.loglog file described in the previous step. - Provide version information.
- For issues during installation, check the
version.txtfile. - For issues during runtime, check container logs.
- For issues during installation, check the
- Make sure to provide the
Uninstall
- Find out what Helm release version you're using.
helm ls -n dynatrace- Uninstall the release.
Note: Be sure to replace <your-helm-release> with the release name from the previous output.
helm uninstall <your-helm-release> -n dynatraceAlternatively, you can delete the namespace.
kubectl delete namespace dynatrace- To remove all monitoring assets (dashboards, alerts, etc) from Dynatrace, you need to remove all GCP extensions.
To remove an extension
- In the Dynatrace menu, go to Extensions and search for the GCP extensions.
- Select an extension you want to remove, and then select the trash icon in the Actions column to remove it.
Repeat the procedure until you remove all GCP extensions.
Monitoring consumption
Metric ingestion
All cloud services consume DDUs. The amount of DDU consumption per service instance depends on the number of monitored metrics and their dimensions (each metric dimension results in the ingestion of 1 data point; 1 data point consumes 0.001 DDUs). For details, see Extending Dynatrace (Davis data units).
Log ingestion
DDU consumption applies to cloud Log Monitoring. See DDUs for Log Monitoring for details.