Google Cloud

Requirements

  • IAM Service Account with Owner or Compute Admin Role permissions
  • project_id, private_key and client_email for the Service Account
  • Compute Engine API enabled in GCP API’s and Services
../../../_images/Google-API-Compute.png

Features

  • Provisioning Virtual Machines
  • Network tagging
  • Private and Local Images
  • Google VM Snapshots
  • Brownfield Inventory
  • Costing
  • Right sizing
  • Shared Network Support

Add a Google Cloud Cloud

Tip

All of the required Google Cloud credentials can be found in the .json file created when generating a key for a Google Cloud service account.

  1. Navigate to Infrastructure -> Clouds

  2. Select + CREATE CLOUD, select Google Cloud, and then click Next.

  3. Enter the following into the Create Cloud modal:

    Name

    Name of the Cloud in Morpheus

    Location

    Description field for adding notes on the cloud, such as location.

    Visibility

    For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.

    Project ID

    Google Cloud Project ID

    Private Key

    Service Account Private key, beginning with —–BEGIN PRIVATE KEY—–` and ending with `—–END PRIVATE KEY—–

    Client Email

    Service Account Client Email. ex: morpheus@morpheus.iam.gserviceaccount.com

    Region

    Regions will auto-populate upon successful authentication with the above credentials. Select appropriate region for this Cloud.

    Inventory Existing Instances

    If enabled, existing Google Instances will be inventoried and appear as unmanaged Virtual Machines in Morpheus .

Note

Morpheus scopes clouds to single regions. Multiple clouds can be added for multi-region support, and then optionally added to the same group.

The Cloud can now be added to a Group or configured with additional Advanced options.

Advanced Options

DOMAIN
Specify a default domain for instances provisioned to this Cloud.
SCALE PRIORITY
Only affects Docker Provisioning. Specifies the priority with which an instance will scale into the cloud. A lower priority number means this cloud integration will take scale precedence over other cloud integrations in the group.
APPLIANCE URL
Alternate Appliance url for scenarios when the default Appliance URL (configured in admin -> settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance URL is used for Agent install and reporting.
TIME ZONE
Configures the time zone on provisioned VM’s if necessary.
DATACENTER ID
Used for differentiating pricing among multiple datacenters. Leave blank unless prices are properly configured.
NETWORK MODE
Unmanaged or select a Network Integration (NSX, ACI etc)
LOCAL FIREWALL
On or Off. Enable to managed Host and VM firewall/IP Table rules (linux only)
SECURITY SERVER
Security Server setting is for Security Service Integrations such as ACI
TRUST PROVIDER
Select Internal (Morpheus) or an existing Trust Provider Integration
STORAGE MODE
Single Disk, LVM or Clustered
BACKUP PROVIDER
Select Internal Backups (Morpheus) or a Backup Integration
REPLICATION PROVIDER
Sets the default Replication Provider for the Cloud. Select an existing Replication Provider Integration
GUIDANCE
Enable Guidance recommendations on cloud resources.
COSTING
Enable for Morpheus to sync Costing data from the Cloud provider, when available. If your organization utilizes reserved instances and you want to pull in related pricing data, select Costing and Reservations. If this is not relevant, select Costing to save money on additional calls to the AWS Cost Explorer API or similar service for other clouds.
DNS INTEGRATION
Records for instances provisioned in this cloud will be added to selected DNS integration.
SERVICE REGISTRY
Services for instances provisioned in this cloud will be added to selected Service Registry integration.
CONFIG MANAGEMENT
Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
CMDB
Select CMDB Integration to automatically update selected CMDB.
CHANGE MANAGEMENT
Select an existing Change Management Integration to set on the Cloud. ex: Cherwell
AGENT INSTALL MODE
  • SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
  • Cloud Init / Unattend (when available): (DEFAULT) Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or WINRM if cloud-init is not installed on the provisioned image. Morpheus will also add Agent installation to Windows unattend.xml data when performing Guest Customizations or utilizing syspreped images.
API PROXY
Set a proxy for outbound communication from the Morpheus Appliance to the Cloud endpoints. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
INSTALL AGENT
Enable to have Agent Installation on by default for all provisioning into this Cloud. Disable for Agent Installation to be off by default for all provisioning into this Cloud.

Provisioning Options

PROXY
Set a proxy for inbound communication from Instances to the Morpheus Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Bypass Proxy for Appliance URL
Enable to bypass proxy settings (if added) for Morpheus Agent communication to the Appliance URL.
USER DATA (LINUX)
Add cloud-init user data. Morpheus 4.1.0 and earlier assumes bash syntax. Morpheus 4.1.1 and later supports all User Data formats. Refer to https://cloudinit.readthedocs.io/en/latest/topics/format.html for more information.

Finally, add Google Cloud to an existing Group or create a new Group, and you have now integrated Morpheus with Google Cloud!

Important

If you experience difficulties adding a GCP Cloud, ensure you have met all the Requirements above, and have logged into Google Cloud and navigated to the Compute Engine sections as it will not be initialized until navigated to upon Google Cloud account creation.

Windows Images

Morpheus can add custom metatdata that will be injected into the unattend conf by GCP during provisioning. This is required for customizations including setting the Windows Administrator password during provisioning. GCP Windows Images must be syspreped using the GCESysprep command prior to image creation, and must have platform/os set on the Virtul Image record in Morpheus after image sync for successful customization and Agent Installation.

GCP Windows Requirements

  • GCP Windows Images must be syspreped using the GCESysprep command prior to Image creation in GCP. Refer to Googles “creating-windows-os-image” doc.
  • Once the Image is synced into Morpheus, the Platform (Windows, Windows 2016 etc) must be set on the Morpheus Virtual Image record, otherwise linux is assumed and the metadata will not be generated correctly.
  • The Global Windows “Administrator” password must be set in Morpheus under /admin/provisioning/settings -> Windows Settings -> Administrator Password, or Administrator and password defined on the Morpheus Virtual Image record.
  • Be aware the unattend configuration during startup after sysprep delays causes a reboot and a prolonged finalization process during provisioning, and console/rdp may not be available during this time as windows is configuring.

Note

Some Google provided Windows Images have slow startups that cause the Morpheus Agent service to not start within the default 30 second service startup timeframe, including after initial reboot after sysprep/unattend configuration. This can be adjusted by running New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\" -Name "ServicesPipeTimeout" -PropertyType DWORD -Value 180000 in powershell on the Windows Image.

Important

Failure to use a GCP Windows Image that has not been sysprepped using GCESysprep will cause Agent Installation, Automation, and Console issues as Morpheus will not be able to set user credentials and authenticate.