gce/Ops Agent

Investigates the necessary GCP components for the proper functioning of the Ops Agent in a VM

Product: Compute Engine Kind: Debugging Tree

Description

This runbook will examine the following key areas:

  1. API Service Checks: - Ensures that Cloud APIs for Logging and/or Monitoring are accessible.

  2. Permission Checks: - Verifies that the necessary permissions are in place for exporting logs and/or metrics.

  3. Workload Authentication: - Confirms that the Ops Agent has a service account for authentication. - If using Google Application Credentials, provide the service account with the gac_service_account parameter.

  4. Scope of Investigation: - Note that this runbook does not include internal VM checks, such as guest OS investigations.

Executing this runbook

gcpdiag runbook gce/ops-agent \
  -p project_id=value \
  -p name=value \
  -p id=value \
  -p zone=value \
  -p start_time_utc=value \
  -p end_time_utc=value \
  -p gac_service_account=value \
  -p check_logging=value \
  -p check_monitoring=value \
  -p check_serial_port_logging=value

Parameters

Name Required Default Type Help
project_id True None str The Project ID containing the VM
name False None str Name of the GCE instance running the Ops Agent
id False None str ID of the GCE instance running the Ops Agent
zone False None str Zone of the GCE instance running the Ops Agent
start_time_utc False None datetime Start time of the issue
end_time_utc False None datetime End time of the issue
gac_service_account False None str GOOGLE_APPLICATION_CREDENTIALS used by ops agent, if applicable
check_logging False True bool Investigate logging issues
check_monitoring False True bool Investigate monitoring issues
check_serial_port_logging False True bool Check if VM Serial logging is enabled

Get help on available commands

gcpdiag runbook --help

Potential Steps