GCP Virtual Private Cloud

GCP Virtual Private Cloud (VPC) provides networking functionality to Compute Engine virtual machine (VM) instances, Google Kubernetes Engine (GKE) clusters, and serverless workloads. VPC provides networking for cloud-based resources and services.

Cisco Cloud Observability supports monitoring the following GCP VPC entities:

VPC Network: A virtual version of a physical network that is implemented inside of Google's production network.
VPC Subnet: A regional resource that has IP address ranges associated with it.
VPC Access Connector: A resource that handles traffic between your serverless environment and your VPC network.
VPC Network Peering: A resource that connects two VPC networks so that resources in each network can communicate with each other.
VPC Static Route: A resource that defines the paths that network traffic takes from a VM instance to other destinations.

You must configure cloud connections to monitor this entity. See Configure Google Cloud Platform Connection.

Cisco Cloud Observability displays GCP entities on the Observe page. Metrics are displayed for specific entity instances in the list and detail views.

This document contains references to third-party documentation. Splunk AppDynamics does not own any rights and assumes no responsibility for the accuracy or completeness of such third-party documentation.

Detail View

The detail view is only available for VPC Network, VPC Subnet, and VPC Access Connector.

To display the detail view of a GCP VPC entity:

Navigate to the Observe page.
Under Networking & App Delivery, click GCP VPC Networks.
The list view is now displayed.
From the list, click an entity Name to display the detail view.
The VPC Network detail view displays the list of related Subnets, Access Connectors, Network Peering, and Static Routes and their properties.

Navigate to the Observe page.
Under Networking & App Delivery, click GCP VPC Networks.
The list view is now displayed.
From the Relationships map in the left-hand navigation panel, click VPC Subnets.
The list view is now displayed.
From the list, click an entity Name to display the detail view.
The VPC Subnet detail view displays the list of subnet instances and their properties.

Navigate to the Observe page.
Under Networking & App Delivery, click GCP VPC Networks.
The list view is now displayed.
From the Relationships map in the left-hand navigation panel, click VPC Access Connector.
The list view is now displayed.
From the list, click an entity Name to display the detail view.
The VPC Access Connector detail view displays metrics, key performance indicators, and properties (attributes) related to the instance you selected.

Metrics and Key Performance Indicators

Cisco Cloud Observability displays the following metrics and key performance indicators (KPIs) for GCP VPC Access Connectors.

Some GCP metrics have been modified in Cisco Cloud Observability. Metric display names and descriptions may differ from the source metric.

Display Name	Source Metric Name	Description
CPU Utilization (%)	`connector/cpu/utilizations`	The average CPU utilization for instances underlying a VPC Access Connector.
Active Instances (Count)	`connector/instances`	The total number of active instances underlying a VPC Access connector.
Network Throughput (By)	`connector/received_bytes_count` `connector/sent_bytes_count`	The delta of bytes transferred by a VPC Access Connector.
Packets Transferred (Count)	`connector/received_packets_count` `connector/sent_packets_count`	The delta of packets transferred by a VPC Access Connector.

Properties (Attributes)

Cisco Cloud Observability displays the following properties for GCP VPC.

Display Name	Source Property Name	Description
ID	`selfLink`	The URI of this resource.
Name	`name`	The name of the VPC network resource.
Project ID	-	The ID of the GCP project.
Region	-	The `global` string, hardcoded.
IPv4 Gateway	`gatewayIPv4`	The gateway address for default routing out of the network.
Auto Create Subnets	`autoCreateSubnetworks`	When set to `true`, the VPC network is created in `auto` mode. When set to `false`, the VPC network is created in `custom` mode. An `auto` mode VPC network starts with one subnet per region with a predetermined range.
Routing Config Mode	`routingConfig.routingMode`	The network-wide routing mode to use. If set to `REGIONAL`, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to `GLOBAL`, this network's Cloud Routers will advertise routes with all subnets of this network, across regions. An enum with the following possible values: `GLOBAL` `REGIONAL`
MTU	`mtu`	The maximum transmission unit in bytes.
Firewall Policy	`firewallPolicy`	The URL of the firewall policy the network is associated with.
Firewall Policy Enforcement Order	`networkFirewallPolicyEnforcementOrder`	The network firewall policy enforcement order. An enum with the following possible values: `AFTER_CLASSIC_FIREWALL` `BEFORE_CLASSIC_FIREWALL`
Enable ULA	`enableUlaInternalIpv6`	Specifies if ULA (Unique Local Addresses) internal IPv6 is enabled on this network. Enabling this feature will assign a /48 from the Google Cloud-defined ULA prefix `fd20::/20`.
Internal IPv6 Range	`internalIpv6Range`	Optionally used if ULA internal IPv6 is enabled. Specifies the /48 range desired from the Google Cloud-defined ULA prefix `fd20::/20`.

The full list of properties are visible on the VPC Subnets detail view. A subset of these properties are visible on the VPC Networks detail view.

Display Name	Source Property Name	Description
ID	`selfLink`	The URI of this resource.
Name	`name`	The name of the subnet resource.
Project ID	-	The ID of the GCP project.
Region	-	The geographical region the resource is running.
IP Range	`ipCidrRange`	The range of internal IPv4 addresses that are owned by this subnet.
Gateway Address	`gatewayAddress`	The gateway address for default routes to reach destination addresses outside this subnet.
Private IP Google Access	`privateIpGoogleAccess`	Specifies whether the VMs in this subnet can access Google services without assigned external IP addresses.
Secondary IP Ranges	`secondaryIpRanges[i].ipCidrRange`	An array of configurations for secondary IP ranges for VM instances contained in this subnet.
IPv6 CIDR Range	`ipv6CidrRange`	The range of internal IPv6 addresses that are owned by this subnet.
External IPv6 Range	`externalIpv6Prefix`	The external IPv6 address range that is owned by this subnet.
Internal IPv6 Range	`internalIpv6Prefix`	The internal IPv6 address range that is assigned to this subnet.
Purpose	`purpose`	The purpose of the resource. An enum with the following possible values: `PRIVATE` `REGIONAL_MANAGED_PROXY` `PRIVATE_SERVICE_CONNECT` `INTERNAL_HTTPS_LOAD_BALANCER`
State	`state`	The state of the subnetwork, which can be one of the following values: `READY` `DRAINING`
Stack Type	`stackType`	The stack type for the subnet. If set to `IPV4_ONLY`, new VMs in the subnet are assigned IPv4 addresses only. If set to `IPV4_IPV6`, new VMs in the subnet can be assigned both IPv4 and IPv6 addresses. If not specified, `IPV4_ONLY` is used.

The full list of properties are visible on the VPC Access Connectors detail view. A subset of these properties are visible on the VPC Networks detail view.

Display Name	Source Property Name	Description
ID	`name`	The full path to the application resource in the API. Example: `projects/{project-id}/locations/{region}/connectors/{connector-name}`
Name	-	The name of the VPC Access Connector, trimmed from the GCP `name` field.
Project ID	-	The ID of the GCP project.
Region	-	The geographical region the resource is running.
IP CIDR Range	`ipCidrRange`	The range of internal addresses that follows the RFC 4632 notation.
State	`state`	The state of the VPC Access Connector. An enum containing the following possible values: `STATE_UNSPECIFIED` `READY` `CREATING` `DELETING` `ERROR` `UPDATING`
Subnet	`subnet.name`	The subnet in which to house the VPC Access Connector.
Min Throughput	`minThroughput`	The minimum throughput of the VPC Access Connector in Mbps. The default and minimum is 200. If both `min-throughput` and `min-instances` are provided, `min-instances` takes precedence over `min-throughput`.
Max Throughput	`maxThroughput`	The maximum throughput of the VPC Access Connector in Mbps. The default is 300 and the maximum is 1000. If both `max-throughput` and `max-instances` are provided, `max-instances` takes precedence over `max-throughput`.
Machine Type	`machineType`	The machine type of VM instance underlying the VPC Access Connector.
Min Instances	`minInstances`	The minimum value of instances in the autoscaling group underlying the VPC Access Connector.
Max Instances	`maxInstances`	The maximum value of instances in the autoscaling group underlying the VPC Access Connector.

These properties are visible on the VPC Networks detail view.

Display Name	Source Property Name	Description
Name	`vpc.peerings[i].name`	The name of the peer network.
ID	-	The ID of the peer network.
Network Destination	`vpc.peerings[i].network`	The URL of the peer network.
State	`vpc.peerings[i].state`	The state of the VPC Network Peering instance. Possible values: `ACTIVE`, `INACTIVE`
Peer MTU	`vpc.peerings[i].peerMtu`	The maximum transmission unit (MTU) in bytes.
Stack Type	`vpc.peerings[i].stackType`	Specifies the IP version(s) of traffic and routes are allowed to be imported or exported between peer networks. The default value is `IPV4_ONLY`.

These properties are visible on the VPC Networks detail view.

Display Name	Source Property Name	Description
Name	`name`	The name of the route resource.
ID	`selfLink`	The URI of this resource.
Destination Range	`destRange`	The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
Status	`routeStatus`	The status of the route.
Priority	`priority`	The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In cases where multiple routes have equal prefix length, the route with the lowest-numbered priority value wins.
Type	`routeType`	The type of this route, which can be one of the following values: `TRANSIT`: For a transit route that this router learned from another Cloud Router and will re-advertise to one of its BGP peers. `SUBNET`: For a route from a subnet of the VPC. `BGP`: For a route learned from a BGP peer of this router. `STATIC`: For a static route.

Retention and Purge Time-To-Live (TTL)

For all cloud and infrastructure entities, the retention TTL is 180 minutes (3 hours) and the purge TTL is 525,600 minutes (365 days).

Third party names, logos, marks, and general references used in these materials are the property of their respective owners or their affiliates in the United States and/or other countries. Inclusion of such references are for informational purposes only and are not intended to promote or otherwise suggest a relationship between Splunk AppDynamics and the third party.