Set up managed data collection with Managed Service for Prometheus

This page explains how you can set up managed data collection with Google Cloud Managed Service for Prometheus for Anthos clusters on Azure. This feature is available on Azure clusters running Kubernetes version 1.25 or later. It is also supported on Kubernetes clusters at version 1.24 for customers who had earlier signed up for a preview of this feature on that version.

With this feature, you can use a PodMonitoring resource to choose the metrics that you want to ingest into Cloud Monitoring. You can then view these metrics in the Google Cloud console.

Limitations

• This feature is not available on Kubernetes clusters earlier than version 1.24.
• HTTP proxy is not supported.
• This feature requires a Linux workload.

Set up managed data collection

To set up managed data collection with Managed Service for Prometheus, complete the following steps:

1. Authorize the gmp-system/collector and gmp-system/rule-evaluator service accounts to write your metrics:

   gcloud projects add-iam-policy-binding GOOGLE_PROJECT_ID \
       --member="serviceAccount:GOOGLE_PROJECT_ID.svc.id.goog[gmp-system/collector]" \
       --role=roles/monitoring.metricWriter
   gcloud projects add-iam-policy-binding GOOGLE_PROJECT_ID \
       --member="serviceAccount:GOOGLE_PROJECT_ID.svc.id.goog[gmp-system/rule-evaluator]" \
       --role=roles/monitoring.viewer
   gcloud projects add-iam-policy-binding GOOGLE_PROJECT_ID \
       --member="serviceAccount:GOOGLE_PROJECT_ID.svc.id.goog[gmp-system/rule-evaluator]" \
       --role=roles/monitoring.metricWriter
   

   Replace GOOGLE_PROJECT_ID with your Google Cloud project ID.

2. Create a cluster with the standard gcloud Create your cluster command, but include the optional --enable-managed-prometheus flag. For example:

   gcloud container azure clusters create \
       ...
       --enable-managed-prometheus
   

3. To configure which workload metrics you want to ingest, set up a PodMonitoring resource. For an example, see Configure a PodMonitoring resource in the Cloud Operations for GKE documentation.

After you enable managed data collection with Managed Service for Prometheus, Anthos clusters on Azure creates the gmp-system namespace. Don't modify or deploy anything in this namespace. Anthos clusters on Azure also creates the gmp-public namespace. Managed Service for Prometheus uses the gmp-public namespace to deploy the OperatorConfig resource.

Update your Prometheus configuration

To disable or re-enable Prometheus data collection, use the standard gcloud Update your cluster command, but add a --disable-managed-prometheus or --enable-managed-prometheus optional parameter. For example:

  gcloud container aws clusters update \
    ...
    --disable-managed-prometheus
       OR
    --enable-managed-prometheus

What's next

• Discover how to Configure a query user interface in the Cloud Operations for GKE documentation.
• Learn about Managed rule evaluation and alerting in the Cloud Operations for GKE documentation.