Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > Clouds > Google > Guide for Evaluating GCE

Guide for Evaluating GCE

 

logo-Google_Cloud_Platform-v1.png

 

Table of Contents

  1. Getting Started
    1. Purpose of the Evaluation Guide
    2. Audience
  2. Introduction to Google Compute Engine
    1. Introduction to RightScale
  3. Key RightScale Concepts
    1. Use Cases
      1. High performance computing
        1. Batch processing
          1. Data processing
      2. Configuration Framework
      3. Automation Engine
      4. Governance Controls
      5. Services & Support
  4. Google Compute Engine Registration
    1. Sign up for Google Compute Engine
      1. Create a Google Compute Engine Account
      2. Activate Google Compute Engine
      3. Activate Google Cloud Storage
      4. Enable Billing
      5. Required GCE Credentials
        1. Project ID
    2. Add Google Compute Engine to your Account
      1. Troubleshooting
        1. Username Mismatch
  5. Introductory Lab
    1. Create a Deployment
    2. Import a ServerTemplate
    3. Add a Server
    4. Server Management and Monitoring
      1. Inputs
        1. SSH
          1. Audit Entries
          2. Monitoring
          3. Deployment Budget Estimate Widget
  6. Advanced Configuration
  7. Advanced Management Features
    1. User Management
      1. Governance and Control
        1. Centralized Control Example (Enterprise Account)
        2. Enterprise User Roles
      2. Managing Permissions and Users
    2. Accounts
    3. User
      1. Invite Users
      2. Accept an Account Invitation
    4. Managing your RightScale Account
    5. User Roles
    6. Server Roles
      1. Collaboration
    7. Billing and Usage Reporting
    8. SAML
    9. OAuth
  8. Conclusion
    1. Support
      1. Contact Information
    2. Next Steps
      1. Learning Resources
      2. Feedback

Getting Started

Purpose of the Evaluation Guide

This guide gives an introduction to Google Compute Engine with RightScale to administer cloud infrastructure with an integrated solution.

Audience

This guide favors the following audiences:

  • New Google Compute Engine users and New RightScale users
    If you are new to Google Compute Engine and RightScale, read the entire evaluation guide for the best context of this integrated solution. 
  • New Google Compute Engine users but experienced RightScale users
    If you are new to Google Compute Engine but have some experience with RightScale, feel free to skip the "Introduction to RightScale" and "Register for a RightScale Account" sections. 

Introduction to Google Compute Engine

Google Compute Engine is a high performance IaaS and PaaS offering, built on the same infrastructure that powers Google’s global operations. Google Compute Engine provides consistent performance and networking. Scale efficiently to tens of thousands of cores while benefiting from encrypted data at rest and transit for local ephemeral drives as well as volumes.

Introduction to RightScale

RightScale is the leading cloud management platform, supporting a range of public and private clouds. RightScale has more than 50,000 users and has launched over 5 million servers including many of the largest production deployments and scaling events in public and private clouds.

RightScale provides complete lifecycle management for public and private cloud-based applications including provisioning, monitoring, configuration, automation, auditing, and governance. This enables efficient administration with a single view of multiple cloud accounts’ usage, resources, and role-based access controls. RightScale is a multi-cloud solution that enables users to migrate workloads to and from public and private clouds and construct hybrid and multi-data center environments for large organizations, distributed applications, and high availability. RightScale offers services including consultative support, business critical SLAs, onboarding services, and end-to-end engineering that advises Cloud’s cutting edge deployments.

Key RightScale Concepts

RightScale Cloud Management is the bridge between your applications and your cloud infrastructure. RightScale's MultiCloud Platform provides a universal remote to conveniently access your public, private, and hybrid cloud resource pools from one Dashboard and API. The Configuration Framework provides intelligent cloud blueprints to configure and operate your servers in a dynamic and completely customizable fashion. The MultiCloud Marketplace™ provides a single location for cloud-ready components. The Automation Engine gives you the power to provision, monitor, scale, and manage entire server deployments efficiently and reliably. Governance Controls allow you to keep watch over access, security, auditing, reporting, and budgeting through a “single pane of glass” view.

 

diag-GCEArchitecture.png

Use Cases

High performance computing

Run high-performance and grid computing workloads using Google Compute Engine’s hardware, networking, and storage with consistently high performance.

Batch processing

Execute batch processing jobs like video transcoding and image rendering with Google Compute Engine’s enormous capacity and dedicated, inter-region networking.

Data processing

Analyze mass data in the cloud using frameworks like Hadoop, spinning up and down thousands of instances on-demand.

Configuration Framework

The RightScale configuration framework — the ServerTemplate — is the key to efficient, automated provisioning and operations on Google Compute Engine and other public and private clouds. ServerTemplates are built from modular images, scripts, and variable inputs. ServerTemplates are dynamic, provisioning your servers at boot time using your chosen configuration and variable inputs. Dynamic configuration ensures that your servers are provisioned in context — they automatically register with the correct load balancers and databases, begin backups with the proper frequencies and storage locations, and much more.

The modular and dynamic aspects of ServerTemplates enable complete customization, from the inputs all the way down to the images. Each element of a ServerTemplate is version controlled, providing reproducible behavior across time and infrastructure, so that you design once and then consistently deploy multiple times on multiple clouds. ServerTemplates abstract cloud-specific differences, ensuring consistent multi-cloud configuration across public, private, and hybrid cloud resource pools.

screen-ServerTemplateConfig.png

The MultiCloud Marketplace offers ServerTemplates, scripts, and architectures published by RightScale, our partners, and our users. All of these pre-built configurations are fully customizable and provide a variety of solutions to get started. Swap scripts and recipes and change default inputs and alerts. ServerTemplates and components published by RightScale are rigorously tested, version controlled, and backed by our support.

Automation Engine

The RightScale automation engine provides powerful tools to make cloud resources efficient and highly available:

  • Keep tabs on your resources with granular Server and Application Monitoring. View entire systems of hundreds of servers with Cluster Monitoring.
  • Link monitors to Alerts and Escalations that notify you of issues and automatically take action.
  • Scale resources up and down according to your needs with Auto-Scaling Arrays.
  • Stand up entire architectures using Deployment Orchestration. Perform Application and Database Automation with powerful tools such as tags and our customizable library of scripts.

Governance Controls

Manage access and usage of cloud resources with a comprehensive set of RightScale governance controls:

  • Control authentication, permissions, and credentials with the Access and Security Manager.
  • Create secure environments for multiple teams with Enterprise Manager and Federated Identity.
  • Resolve issues and trace events with Auditing.
  • Track resources and budgets with Usage and Cost Reporting.

Services & Support

RightScale has been a provider of leading services and support for public and private clouds since 2006. RightScale offers a range of services to help you succeed:

  • Do-it-yourself materials to white glove engineering.
  • Onboarding services provide you with invaluable assistance getting cloud projects up and running on time.
  • 24/7 support keeps your applications running.
  • Customizable training offers insights into using RightScale, cloud-based applications, and adopting cloud best practices.

Google Compute Engine Registration

Sign up for Google Compute Engine

Create a Google Compute Engine Account

The first step is to sign up for Google Compute Engine. If you already have a Google Compute Engine account, you may sign in using your existing Google Compute Engine account or sign up here.

Activate Google Compute Engine

From your Google APIs Console, under "Services," request access for the "Google Compute Engine" service and make it active.

File:09-Clouds/Google/Tutorials/Sign_up_for_Google_Compute_Engine/screen-ActiveGCE.png

This service must stay active for Google Compute Engine use.

Activate Google Cloud Storage

File:09-Clouds/Google/Tutorials/Sign_up_for_Google_Compute_Engine/screen-AddGCS.png

RightScale recommends that "Google Cloud Storage" service stays "ON" for RightScale with Google Compute Engine use.

From your Google APIs Console, under "Services," make "Google Cloud Storage" active.

Enable Billing

To use Google cloud services, you must enable billing by providing valid credit card information. Under the "Billing" section, click Enable Billing and provide the required information.

Required GCE Credentials

Later, you will add the following information into the RightScale Dashboard to validate your account. RightScale requires this information to execute actions in GCE on your behalf.

Project ID

Your unique Google Project ID (e.g. rightscale.com:example) is shown in the Overview area of your GCE console, which RightScale requires to add to your account.

File:09-Clouds/Google/Tutorials/Sign_up_for_Google_Compute_Engine/screen-GoogleAPIsDashboard.png

Add Google Compute Engine to your Account

  1. Go to Settings > Account Settings > Clouds tab.  Click Connect to a Cloud.
  2. Click the Add icon (+) next to Google.
  3. Enter your Google Compute Engine cloud credentials. You will need to enter your Project ID and click Continue. RightScale will make an API call to GCE's API endpoint to retrieve all of your cloud resources so they appear in the RightScale Dashboard.
    • Where is my GCE Project ID?
      Log into the Google Cloud Console and go to your list of projects. (view screenshot)​
       

File:09-Clouds/Google/Tutorials/Add_Google_Compute_Engine_to_a_RightScale_Account/screen-ConnectRSwithGoogle.png

  1. Check the cloud's status. On the same Clouds tab, check the status of your cloud. Both of these items require active (green) status to successfully launch cloud servers:
    File:09-Clouds/Google/Tutorials/Add_Google_Compute_Engine_to_a_RightScale_Account/screen-GCECloudStatus.png

 

Troubleshooting

Username Mismatch

Important! The Google username you signed in with to request access must match the username that's tied to the Google Project ID that you are adding to the RightScale account. Otherwise, you can add Google as a cloud to the RightScale account, but it will not be usable.

screen-Email_Match-v2.png

 

Once you allow access, you will see that the Google Compute Engine cloud is "enabled" under the Clouds tab in the Dashboard. All of your Google Compute Engine resources are now visible under the Clouds menu (CloudsGoogle Compute Engine).

Introductory Lab

This introductory lab introduces some of the fundamental steps required for creating deployments and launching servers with RightScale with Google Compute Engine. 

Create a Deployment

Your deployment is the container for your servers. A deployment consists of a cluster or group of Servers that work together and share common Input variables and cloud configurations.

Before launching servers, you must create a deployment. To create a deployment:

  1. Go to Manage > Deployments.
  2. Click New and provide the following information:
  • Nickname - User-defined name for the deployment.
  • Description - A short, internal-only description of the deployment.

Import a ServerTemplate

The next step is to import a ServerTemplate. A ServerTemplate includes one or more MultiCloud Images that define an operating system and the supporting applications for the server. It is a collection of RightScripts or Chef recipes that install select applications and define configuration settings and other attributes. ServerTemplates are available the RightScale MultiCloud Marketplace.

  1. In the Dashboard, go to Design > MultiCloud Marketplace > ServerTemplates
  2. Find and select the Base ServerTemplate for Linux ServerTemplate.

  3. Click Import

Once imported, the ServerTemplate and associated RightScripts are considered part of your "local" collection.

Add a Server

With your new ServerTemplate, add a server to your deployment:

  1. Go to your deployment (Manage > Deployments > your deployment).
  2. Click Add Server to add a server and select your cloud from the Cloud drop down menu.
  3. Select your imported ServerTemplate from ServerTemplates in Your Account

  4. Launch the server. 

Check the events pane on the left for real time updates of your server's status.

Server Management and Monitoring

The RightScale management platform offers options for managing and monitoring your servers after you launch them in Google Compute Engine. This section provides an overview of some of the available options. 

Inputs

Inputs are tools to easily customize and reuse scripts. Inputs are variables within a script that allow you to substitute specific, user-defined values for the input when an associated script runs on a server. A ServerTemplate's Inputs tab shows all of the inputs declared in any of its scripts (RightScripts or Chef Recipes) located under its Scripts tab. 

SSH

You can use SSH to securely connect to servers in the cloud through the RightScale Dashboard. To connect to a server using SSH, go to your deployment > server name > SSH Console

Audit Entries

The Audit Entries tab shows a detailed, historical record for all server activity within a deployment. Audit entries are created for the vast majority of actions, such as launching and terminating instances, script execution, or performing database backups. These log files are beneficial for troubleshooting problems or tracking changes. To see an Audit Entry report, go to your deployment > Reports > Audit Entries.

Monitoring

The Monitoring tab (Manage > View Dashboard > Monitoring ) displays real-time graphical data for all servers in your deployment. By default, the 'cpu-overview' and 'interface if_packets-eth0' graphs display, which show you status of your server's resources and incoming/outgoing data (packet) traffic. View detailed graphs for individual servers as well, if those servers have monitoring enabled. Cluster Monitoring is also available and provides a simple and efficient means to browse through monitoring data for Deployments consisting of many Servers. 

05-monitoring_cpu.gif

Deployment Budget Estimate Widget

The Deployment Budget Estimate Widget is s built-in widget that provides a budgetary breakdown of all deployments in the account. By default, the built-in widgets display on the Overview tab of the Dashboard (Manage > View Dashboard > Overview). 

Advanced Configuration

If you complete the introductory lab and would like to see an example of some of the more advanced capabilities of RightScale + Google Compute Engine, go to the example configuration that demonstrates video transcoding. 

Advanced Management Features

After your deployment is up and running, RightScale provides a set of advanced management features to help you monitor and manage your Google Compute Engine cloud.

User Management

RightScale user management features allow you to control access to your Google Compute Engine cloud and add or remove users as needed. RightScale has several types of users that are defined by their roles. RightScale administrators can assign the different roles to users, depending on each user's needs. This level of control adds flexibility and lets users collaborate on projects in RightScale and in your Google Compute Engine cloud.

Governance and Control

Governance and control refers to the ability to view all cloud activities from a single dashboard with comprehensive audits and logs while controlling user access, server security, resource usage, and budgeting.

You decide how to control access to your cloud resources and how to govern changes, processes, and workflows. Distribute control among deployments, accounts, or regions using a different administrator for each or centralize control and maintain it under one administrator, deployment, or account. Because you structure your administration of RightScale and Google Compute Engine in whatever way best serves your business needs, RightScale does not offer a step-by-step process for putting your governance and control systems in place. But for the purposes of this evaluation guide, the following example uses the enterprise account to demonstrate one method for using a centralized model.

Centralized Control Example (Enterprise Account)

Enterprise customers can create a 'master' enterprise account that acts as an umbrella account for all of its 'child' accounts. Use the master enterprise account to monitor the cloud related activity across all RightScale accounts in the enterprise. Each child account is essentially a separate RightScale account with its own credentials. Each enterprise can have up to four child accounts. If you require more than four child accounts, please contact sales@rightscale.com.

The user who is given the 'enterprise_manager' user role is responsible for managing all accounts of the enterprise.

diag-EnterpriseOverview-v2.png

In the preceding diagram, Michael is the Enterprise Manager. He maintains that role across all accounts in his enterprise. He has access to both master and child accounts. Regardless of which account he is logged into and viewing, he has access to the Enterprise view under SettingsEnterprise.

The Enterprise view is where he monitors and manages all activity within the Enterprise. He tracks current run-rates, adds/removes/modifies user roles, and invites users across all accounts.

Enterprise User Roles

One additional role is available to the enterprise.

  • enterprise_manager - Manages all accounts within the enterprise. Grants user role privileges across all accounts in the enterprise. Controls which child accounts have access to which sharing groups. The master enterprise account must have at least one 'enterprise_manager' user. An 'enterprise_manager' can also grant the same privileges to another user.

Managing Permissions and Users

One of the core responsibilities of administrators is managing accounts, users, roles, and permissions. The terms 'accounts', 'user', and 'roles' are used in this evaluation guide. This section contains detailed descriptions of these terms and provides information about their appropriate usage/application.

Accounts

Each user needs access to two types of accounts:

  • RightScale Account - Create a RightScale Account to log in to the RightScale Dashboard and manage your Google Compute Engine cloud. Registration requires an email and password. To view information about your RightScale Account in the Dashboard, go to Settings > Account.
    Note: Unless otherwise specified, the word 'account' in the documentation refers to your RightScale Account.
  • Google Compute Engine - Before using the RightScale Dashboard to manage your server instances in Google Compute Engine, you must have valid Google Compute Engine credentials. Enter valid credentials into the Dashboard to launch and manage resources in your Google Compute Engine cloud through the RightScale Dashboard or API. 

 

The following diagram shows three separate users. John set up the 'Site1.com' RightScale account and invited Ben (who has his own RightScale account) as a user of the 'Site1.com' RightScale account. Ben set up his own RightScale account, where he manages resources across multiple cloud providers. Greg is new to RightScale and has never set up his own RightScale account, however Ben invited him as a user of his 'Site2.com' RightScale account. 

diag-AccountScenarios-v2_GCE.png

 

Keep in mind that a RightScale Account is separate from a Cloud Account. You may register multiple cloud accounts with a single RightScale account. However, you are responsible for paying for all cloud and cloud-related cloud usage costs. If you are a paying customer of RightScale, your cloud usage costs are separate charges from your RightScale Edition subscription fee.

diag-BillingModel-v2_GCE.png

User

RightScale users are identified by their email address. Each user can have access to multiple RightScale Accounts. Create your own RightScale Account or accept invitations as a user of other RightScale Accounts. To view information about your User settings across all of the RightScale accounts, go to Settings > User

In the diagram below, John Doe is identified as 'john@mysite.com' in the RightScale platform. He currently has access to three RightScale Accounts and has different user role privileges in each of those accounts.

diag-UserRoles-v2.png
 

In the RightScale system, your email address is your username or unique identifier and is also used in audit entries, changelogs, and histories to identify which user performed a particular action(s) within a RightScale Account. Therefore, it's important that login credentials (email/password) are never shared or used by multiple users because it is not possible to track user actions in the Dashboard.

Invite Users

Users with 'admin' user role privileges can send RightScale account invitations to other users. In order to invite a user to a RightScale account, you must send the invitation to the email address that the user will use to log into the RightScale Dashboard. 

To send a RightScale account invitation, go to Settings > Account Settings. Under the Invitations tab, click the Invite Users button. Click the Send Invitations button to send an email invitation to each user. (A copy of the email invitation is sent to the owner of the RightScale account.) Invitations are either temporary or permanent. Temporary invitations allow account admins to invite users to their account, but the invited user will be removed after a specified number of days.

Note: If you have a free RightScale account, you must grant each invited user 'admin' user role privileges.

The invitation link that users receive in email will expire in six days. If the user does not use the invitation to activate a RightScale account within that period, you must send a new invitation.

Accept an Account Invitation

An invitation to a RightScale account sends an email from root@rightscale.com. If the email is not in the recipient's inbox, check the spam folder or perform a keyword search for 'rightscale' in your email.

To accept the account invitation, click on the validation link in the email. Once you are logged into the Dashboard, click the Accept Invitation button.

Managing your RightScale Account

If you are an 'admin' user of a RightScale account, use the various user roles to control the permissions of all invited users in order to manage their level of access and functionality. Only 'admin' users may send account invitations. You must specify a user's roles before sending an account invitation. Later, you may change user roles under the SettingsAccount Settings > Users tab. 

Note: Only an 'admin' user may revoke another user's 'admin' privileges.

It's important you never share the email/password that you use to log into the RightScale Dashboard. For example, if an account (e.g. 'Site1.com') has multiple users, each user should create a unique RightScale account. Later, the 'admin' user of the 'Site1.com' account can invite additional users to that account. This is the only way that you can have user accountability within an account. If you share the same email/password with multiple users, there is no way to determine who launched or terminated a server. It's important that each action can be attributed to a single user.

User Roles

To view your own user role privileges across all of your accounts, go to Settings > UserInfo. Remember, user roles are account-specific. The following is a list of available roles and a brief description of what each role can do in the RightScale Dashboard.

admin: Administrative control of the RightScale Account. 

actor: Ability to manage all cloud related activity. 

observer: Ability to view the RightScale account. 

designer: Ability to create ServerTemplates, RightScripts, and Macros. Ability to view local object collections under the Design menu.

library: Ability to import objects from the MultiCloud Marketplace to your local view (collection). The ability to view the MultiCloud Marketplace requires the 'designer' role.

security_manager: Ability to create a cloud Security Group and modify an existing Security Group's port permissions. Ability to view and generate Infrastructure Audit Reports.

server_login: Ability to log into servers. 

publisher: Ability to create sharing groups and share RightScale objects (ServerTemplates, RightScripts, and Macros) with other users.

enterprise_manager: (Enterprise only) Manages all accounts within the enterprise. Send account invitations and grant user role privileges across all accounts in the enterprise. 

billing: By default all users of a RightScale account can view billing information. You will be able to see estimated cloud usage costs (ReportUsage Estimate) or the Deployments Budget Estimates under Manage > DeploymentsView Dashboard

Server Roles

Sometimes the word 'role' refers to a server's role or configuration. For example, when you launch an instance on a cloud infrastructure you are provisioning a "blank" piece of hardware that you can configure to fulfill a specific type of server role. Additionally, you can use different ServerTemplates to configure instances to fulfill certain roles such as dedicated load balancers, application servers, database servers, etc.

diag-ServerRoles-v1.png

 

Collaboration

RightScale gives you a single pane of glass to manage your Google Compute Engine cloud which makes collaboration across teams and regions easy and effective. Instead of using multiple tools or systems to manage cloud assets, using the RightScale cloud management platform enables you to see everything in one place. You can manage public clouds, private clouds, and hybrid clouds across geographies and time zones under one platform.

Billing and Usage Reporting

RightScale offers reporting tools to help with cost tracking and usage monitoring. Some of these options include:

  • Cost Quotas: Cost Quotas are reports found in the Dashboard that are exclusive to Enterprise editions of RightScale. Cost quotas are designed to warn enterprise administrators when one of the RightScale accounts within the enterprise is about to exceed its designated limit for the current month. Most public clouds charge and bill cloud usage on a monthly basis. The Usage Estimate (Reports > Usage Estimate) offers an estimate of all billable cloud-related activity for a particular RightScale account. As an Enterprise admin ('enterprise_manager'), you can set up cost quota alerts (Settings > Enterprise > Accounts) for the RightScale accounts in your Enterprise to better track the account-specific cloud usage costs that are currently being accrued for the current month.
  • Cost Estimates: You can view an estimated breakdown of your cloud usage costs (Report > Usage Estimate) including instances, Elastic IPs, data transfers, EBS provisioning, etc. from the RightScale Dashboard. The monthly reports are meant to provide a rough estimate of your cloud usage costs. Actual billing costs may vary.
  • Report Manager: Report Manager (Reports > Report Manager) is available in Enterprise accounts and allows you to aggregate usage data across accounts in the enterprise. It allows you to organize usage data by tags placed on accounts, deployments, and servers, export CSV reports on demand or on a scheduled basis, and save common reports for repeated or scheduled use.

SAML

Security Assertion Markup Language (SAML) is an XML standard used to authenticate users from an Identity Provider (IdP) to a software provider. SAML allows a user to log on once to a site (an IdP) and have access granted to affiliated websites. In conjunction with our provisioning API, this functionality enables you to authenticate and synchronize with existing identity stores.

RightScale is enabling SAML 2.0-based Single Sign-On (SSO) functionality for Enterprise Plan customers who request this feature. This, combined with our provisioning API, allows for full identity federation including syncing with Active Directory. In addition, RightScale has tested this functionality with our partners Okta and PingIdentity so that you can use their (and similar) SaaS-based Identity Provider.

OAuth

OAuth-compatible authentication and authorization supports a password-less Dashboard user that can login to the API and make authenticated requests. This feature is currently in public beta. Please contact support with any issues. To enable OAuth, navigate to Settings > Account Settings > API Credentials. Here you can obtain an API access token which allows you to make changes without logging in.

Conclusion

Using RightScale to manage your Google Compute Engine cloud gives you maximum control and flexibility by integrating all of your cloud management into one interface. Using Google Compute Engine with RightScale provides you the following benefits:

  • Manage your entire Google Compute Engine cloud infrastructure with a single, integrated solution using RightScale.
  • Use RightScale abstraction with customization so you can focus on your applications running in Google Compute Engine rather than on administration.
  • Automate deployment and management of cloud resources.
  • Build and manage your cloud by leveraging the expertise of both the RightScale and Google Compute Engine teams.
  • Provision and monitor your servers in the Internet-scale hosting environment provided by Google Compute Engine, using RightScale as a "single pane of glass" management interface.

Support

Contact Information

Next Steps

Learning Resources

  • Please see Google for information on RightScale support.
  • For tutorials, videos and reference information, please utilize our support portal.

Feedback

 

You must to post a comment.
Last modified
11:31, 31 Oct 2014

Tags

This page has no custom tags.

Classifications

This page has no classifications.

Announcements

None

Powered by MindTouch ®

© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.