Installing and Configuring GCP Stackdriver Nozzle for PCF

This topic describes how to install and configure GCP Stackdriver Nozzle for Pivotal Cloud Foundry (PCF).

Prepare a GCP Project

The GCP Stackdriver Nozzle for PCF requires that you have a GCP project with a specific configuration. Follow the steps below the prepare a GCP project.

Create the Project

Follow these steps to create a GCP project for Stackdriver Nozzle.

  1. In a browser, navigate to the GCP Console. If you do not have an account, create one.

  2. From the GCP console, click the project drop-down menu between the GCP logo and the search bar and select Create Project.

  3. Enter a project name and click Create.

Enable APIs for your Project

Follow these steps to enable the APIs required by Stackdriver Nozzle.

  1. Navigate to the Stackdriver Logging API page and click Enable API.

  2. Navigate to the Stackdriver Monitoring API page and click Enable API.

Create a Service Account

Follow these steps to create a GCP Service Account for Stackdriver Nozzle.

  1. In the GCP console, open the Products and services menu above the home icon and select IAM & Admin > Service accounts.

  2. Click Create Service Account.

  3. Enter a Service account name.

  4. From the Role drop-down menu, select Logging > Logs Configuration Writer, Logging > Logs Writer, and Project > Editor. Create service account

  5. Select the checkbox to Furnish a new Private Key, and click Create.

  6. Save the automatically downloaded key file to a secure location for use later in this topic.

Optional: Create a UAA User Account

If you are using Elastic Runtime v1.9.29+, v1.10.16+, v1.11.2+, or v1.12+, then skip this procedure. If you are using an earlier version of Pivotal Elastic Runtime, you must perform the following steps.

Create a UAA user with access to the Firehose and Cloud Controller:

  1. Target your system with the UAA CLI (UAAC):

    $ uaac target https://uaa.YOUR-SYSTEM-DOMAIN

  2. Run the following command to authenticate and obtain an access token for the admin client from the UAA server.

    $ uaac token client get admin -s ADMIN-CLIENT-CREDENTIALS-SECRET

  3. Create a Stackdriver Nozzle user with the password of your choosing.

    $ uaac -t user add stackdriver-nozzle --password PASSWORD --emails na

  4. Add the user to the Cloud Controller Admin Read-Only group.

    $ uaac -t member add cloud_controller.admin_read_only stackdriver-nozzle

  5. Add the user to the Doppler Firehose group.

    $ uaac -t member add doppler.firehose stackdriver-nozzle

For information about creating a UAA user, see Creating and Managing Users with the UAA CLI.

Install GCP Stackdriver Nozzle for PCF in Ops Manager

Import to Ops Manager

Follow these steps to download the product file and add it to your Ops Manager Installation Dashboard.

  1. Download the product file from Pivotal Network.

  2. Navigate to the Ops Manager Installation Dashboard and click Import a Product to upload the product file.

  3. Click Add next to the uploaded GCP Stackdriver Nozzle for PCF tile in the Ops Manager Available Products view to add it to your staging area.

  4. Click the newly added GCP Stackdriver Nozzle for PCF tile.

  5. Follow the instructions in the next section to complete the tile configuration pane.

Configure

Complete the following fields to configure GCP Stackdriver Nozzle for PCF.

  1. Cloud Foundry API Endpoint: Enter the URL of the API endpoint for your PCF deployment. This value is https://api.YOUR-SYSYTEM-DOMAIN. To determine your system domain, see the Domains pane in the Elastic Runtime tile. For an example, see Step 5: Configure Domains in Deploying Elastic Runtime on AWS.

  2. Whitelist for Stackdriver Logging: Enter a comma separated list, without spaces, of the Loggregator events you want to ingest into Stackdriver Logging.

  3. Whitelist for Stackdriver Monitoring: Enter a comma separated list, without spaces, of the Loggregator events you want to ingest into Stackdriver Monitoring.

  4. UAA Username/UAA Password: If you created a username and password in Create a UAA User Account then enter it here. Otherwise leave this field blank to use the default credentials provided by Elastic Runtime.

  5. Skip SSL validation on Cloud Foundry API Endpoint: For a production environment, set to false. For a development environment, you can set to true.

  6. Service Account Credentials: Paste in the contents of your service account private key from the Set up a Service Account step, above.

  7. Google Project ID: Enter the Project ID for the GCP project you created in the Create a GCP Project step, above. To view your Project ID, click the project drop-down menu between the GCP logo and the search bar and select your project.

Create a pull request or raise an issue on the source for this page in GitHub