VHM and Google Compute Engine

You can use a virtual host manager (VHM) to gather instances from Google Compute Engine (GCE).

The VHM allows SUSE Manager to obtain and report information about your virtual machines. For more information on VHMs, see client-configuration:vhm.adoc.

1. Create a GCE VHM

The Virtual Host Manager (VHM) runs on the SUSE Manager Server.

To run a VHM, your SUSE Manager Server needs to have port 443 open, to access the clients.

Ensure you have installed the virtual-host-gatherer-libcloud package on the SUSE Manager Server.

Before you begin, log in to the GCE panel, and download a certificate file. Store this file locally on your SUSE Manager Server, and take note of the path.

Procedure: Creating a GCE VHM
  1. In the SUSE Manager Web UI, navigate to Systems  Virtual Host Managers.

  2. Click Create and select Google Compute Engine from the drop-down menu.

  3. In the Add a Google Conpute Engine Virtual Host Manager section, use these parameters:

    • In the Label field, type a custom name for your VHM.

    • In the Service Account Email field, type the email address associated with your Google account.

    • In the Cert Path field, type the path to the certificate downloaded from the GCE panel.

    • In the Project ID field, type the project ID used by the GCE instance.

    • In the Zone field, type the zone your VM is located in. This is required for subscription matching to work.

  4. Click Create to save your changes and create the VHM.

  5. On the Virtual Host Managers page, select the new VHM.

  6. On the Properties page, click Refresh Data to inventory the new VHM.

To see which objects and resources have been inventoried, navigate to Systems  System List  Virtual Systems.

2. Assigning Permissions

The VHM you create needs to have the correct permissions assigned, in order for it to access the GCE VM.

Log in to your Google Cloud Platform account as an administrator, and use the Cloud Identity and Access Management (IAM) tool to ensure that the service account has the appropriate roles. You also need to ensure that the VM has been assigned the VM` role.

If the permissions are not set correctly, you might receive an error like this when you run virtual-host-gatherer:

ERROR: {'domain': 'global', 'reason': 'forbidden', 'message': "Required 'compute.zones.list' permission for 'projects/project-id'"}
ERROR: Could not connect to the Google Compute Engine Public Cloud using specified credentials.

To determine the correct credentials, run this command at the prompt on the SUSE Manager Server:

virtual-host-gatherer -i input_google.json -o out_google.json -vvv

The input_google.json file should contain this information:

[
    {
        "id": "google_vhm",
        "module": "GoogleCE",
        "service_account_email": "mail@example.com",
        "cert_path": "secret-key",
        "project_id": "project-id",
        "zone": "zone"
    }
]

3. GCE UUID

Instances running on the Google public cloud report this UUID to SUSE Manager Server:

152986662232938449