Configuration prerequisites
This section contains information about requirements that must be in place before beginning the configuration:
- Service Account Key File:
The service account key file must be present in the <PATROL_HOME>/gcp/key directory on the PATROL Agent server. For information about how to create a service account key, see Creating-a-Service-Account-Key-in-the-Google-Cloud-Platform-project. - Service Account Permissions:
The service account must have access to the Project > Viewer role OR to the individual service viewer role, that is:
App Engine > App Engine Viewer
Compute Engine > Compute Viewer
Cloud Functions > Cloud Functions Viewer
- Monitoring > Monitoring Viewer
- Kubernetes Engine Cluster -> Kubernetes Engine Cluster Viewer
- Cloud SQL > Cloud SQL Viewer
- GKE Monitoring Permission
To enable monitoring for Google Kubernetes Engine (GKE), navigate to Kubernetes Cluster > Cluster > Features, and select Enable Cloud Monitoring. Make sure that the following components are selected to grant full observability permissions:
Control Plane
Kube State Metrics
cAdvisor and Kubelet Metrics
- Required APIs:
The following APIs must be enabled on the Google Cloud Platform:API
Required for
Stackdriver monitoring API
Performance metrics collection
Google Compute Engine API
Compute engine instances discovery
Google Cloud Functions API
Cloud functions discovery
Google App Engine Admin API
App engine discovery
Cloud Resource Manager API
Displaying project name along with project ID
Google Cloud SQL Admin API
Cloud SQL discovery
You can check these APIs in the Cloud Console by clicking APIs & Services > Library. Search for required APIs and enable it if necessary.
Ensure that there are no clock (date and time) differences on the PATROL Agent system. The clock (date and time) must match exactly with the timezone to which the system is configured.