Getting support

Google's primary support objective is to resolve production incidents as quickly as possible. We do this by understanding your configuration, analyzing logs and metrics, and collaborating with partners to solve incidents quickly.

Google Cloud offers a variety of support packages to accommodate your support needs. All Google Cloud Support packages include support for GKE Enterprise and Google Distributed Cloud. If you have an existing Google Cloud Support package, then you already have support for GKE Enterprise and Google Distributed Cloud.

For more information, see the Cloud Customer Care documentation.

Requirements for Google Distributed Cloud Support

To effectively troubleshoot business-critical incidents, you must:

  1. Check that the environment is current with the published end-of-support timeframes (see Version Support Policy below).
  2. Enable Cloud Logging and Cloud Monitoring for system components (for more details, see the Support tools section).
  3. When you open a support case, provide a configuration snapshot using the gkectl diagnose snapshot command.

Support tools

To troubleshoot a Google Distributed Cloud incident, Google Cloud Support relies on three pieces of information:

  • Your environment's configuration
  • Logs from your admin and user clusters
  • Metrics from your admin and user clusters

Configuration

When you open a support case, you are asked to run the gkectl diagnose snapshot --seed-config command and attach the resulting tarball to the support case. gkectl diagnose snapshot --seed-config captures information about Kubernetes and your nodes.

The tool is highly configurable and includes several predefined scenarios. You can also pass a YAML file with a customized set of information to gather. To learn more, refer to Diagnosing Clusters.

You can add an excludeWords field to your configuration file to omit sensitive or confidential information. Be sure to carefully review the information captured by the tool. Highly confidential or sensitive information should not be attached to your support case.

Logs

When you create a new Google Distributed Cloud cluster, Cloud Logging agents are enabled by default and scoped only to system-level components. This replicates system-level logs into the Google Cloud project associated with the cluster. System-level logs are from Kubernetes pods running in one of five namespaces:

  • kube-system
  • gke-system
  • gke-connect
  • istio-system
  • config-management-system
  • knative-serving

Logs can be queried from the Cloud Logging console.

For more details, see Logging and Monitoring.

Metrics

In addition to logs, metrics are also captured by the Cloud Monitoring agent. This replicates system-level metrics into the Google Cloud project associated with the cluster. System-level metrics are from Kubernetes pods running in the same namespaces listed in Logs.

For more details, see Logging and Monitoring.

Google Cloud CLI and remote cluster access

If you open a support case, Cloud Customer Care may ask you for remote read-only access to your clusters to help diagnose and resolve issues more effectively. For the support team to have sufficient access to troubleshoot your cluster issue remotely:

  • Ensure that you've installed and updated to the latest version of the Google Cloud CLI. The Google Cloud CLI must be at version 401.0.0 or higher to give Cloud Customer Care the needed permissions. We recommend that you update Google Cloud CLI regularly to pick up added permissions and other enhancements. To install the latest components of the gcloud CLI, use the gcloud components update command.

  • Ensure the target cluster is registered and you have the project ID, membership name and kubeconfig file.

        gkectl list admin --kubeconfig ADMIN_CLUSTER_KUBECONFIG
    
        gkectl list clusters --kubeconfig ADMIN_CLUSTER_KUBECONFIG
    
  • To grant access to the cluster, you run a gcloud command that generates and displays a set of Kubernetes role-based access control (RBAC) policies and applies them to the target cluster. See Review the RBAC policies in advance.

For more information about giving Cloud Customer Care remote read-only access to your clusters, see Google Cloud Support for your registered clusters.

How we troubleshoot your environment

Here is an example of a typical support incident:

  1. Someone—for example, the cluster administrator—opens a support case via Google Cloud console or the Google Cloud Support Center, and selects Anthos and Google Distributed Cloud as Category and Component, respectively. They enter the information required and attach the output of gkectl diagnose snapshot to the case.
  2. The support case is routed to a Technical Support Engineer specializing in Google Distributed Cloud.
  3. The support engineer examines the contents of the snapshot to gain context of the environment.
  4. The support engineer examines the logs and metrics in the Google Cloud project, entering the support case ID as the business justification, which is logged internally.
  5. The support engineer responds to the case with an assessment and recommendation. The support engineer and the user continue troubleshooting until they come to a resolution.

Collaborative Support Partners

Google maintains collaborative support relationships with select partners to deliver a more seamless support experience for Google Distributed Cloud. With these relationships, Google is able to collaborate closely with that partner on behalf of our shared customers.

To benefit from Collaborative Support, you must maintain support agreements with both Google and the partner in question.

Google currently has a collaborative support relationship in place with the partners specified on the Collaborative Support Partners page.

Data about support issues may be shared with Collaborative Support Partners, as described in Google's Technical Support Services Guidelines.

What does Google support?

Generally, the Cloud Support team supports all software components shipped as part of Google Distributed Cloud. The table below details this further:

GCP Support Collaborative Support Not Supported
Kubernetes and the container runtime
VMware vSphere (vCenter Server and ESXi)
VMware products beyond vSphere
Canonical Ubuntu for guest/node OS
F5 BIG-IP load balancers
Customer code (see Developer Support below)
vCenter controller
Hardware and hyper-converged infrastructure solutions as listed in the Collaborative Support Partners page
Customer choice of host OS
F5 controller

Physical server, storage, and network
Calico and related network policies

External DNS, DHCP, and identity systems
Ingress controller

Calico Enterprise Edition
Prometheus and Grafana
Stackdriver Monitoring, Stackdriver Logging, and Stackdriver agents
Identity federation with OIDC compliant providers
Hub, Connect, and the Connect Agent
Knative serving / Knative
Bundled LoadBalancer (Seesaw)

Version Support Policy

Support for Google Distributed Cloud follows the Anthos Version Support Policy. Google supports the current version and the previous two (n-2) minor versions of Google Distributed Cloud.

The following table shows the supported and unsupported versions of this product:

Release version Release date End of life date*
1.29 (latest) April 29, 2024 April 29, 2025 or 1.32 release date
1.28 December 14, 2023 December 14, 2024 or 1.31 release date
1.16 August 23, 2023 August 23, 2024 or 1.30 release date
1.15 (unsupported) May 2, 2023 May 2, 2024 or 1.29 release date

*The EOL will be the later of these two dates.

Supported features

This document lists the features for Google Distributed Cloud for supported releases. The table is not intended to be an exhaustive list, but it highlights some of the benefits of upgrading your clusters to the latest supported version.

Features are listed by their product launch stage, either as Preview or General Availability. Features listed as Preview are covered by the Pre-GA Offerings Terms of the Google Cloud Terms of Service. Preview offerings are intended for use in test environments only and might have limited support. Changes to pre-GA products and features might not be compatible with other pre-GA verisons. General Availability features are open to all customers, and are fully supported. For more information, see Product launch stages.

For information about supported Anthos components and their compatibility, see Anthos version and upgrade support.

Feature/capability 1.16 1.28 1.29 (latest)
Regional fleet membership GA GA
Version skew n+2 admin cluster - user cluster Preview GA
Version skew n+2 node pool - user cluster Preview GA
Max surge setting for node pool updates Preview Preview
cgroup v2 for nodes Preview GA
DSR mode for Dataplane V2 Preview GA GA
BinAuthz for Controlplane V2 user clusters GA GA
Storage vMotion for SPBM clusters Preview Preview
User-managed admin workstation Preview GA GA
StatefulSet CSI migration tool Preview Preview Preview
Seesaw to MetalLB migration Preview GA GA
Disable bundled ingress GA GA GA
Admin cluster prepared credentials Preview GA GA
Storage policy for a user cluster GA GA GA
Storage policy for an admin cluster Preview GA GA
Node auto repair GA GA GA
High availability admin cluster GA GA GA
VM-Host affinity GA GA GA
Generate configuration files from an existing cluster GA GA GA
Managed Service for Prometheus system metrics collection GA GA GA
Upgrade and rollback of nodepools GA GA GA
Update private registry credentials GA GA GA
Admin cluster backup and restore with gkectl Preview Preview Preview
User cluster nodepool autoscaling GA GA GA
Cluster automatic node resizing GA GA GA
Multiple vSphere cluster support GA GA GA
Multiple vSphere data centers support GA GA GA
OpenID Connect (OIDC) support for authentication to clusters GA GA GA
CA certificate rotation GA GA GA
Workload Identity support GA GA GA
AIS with LDAP authentication support GA GA GA
Always-on secrets encryption without hardware security module (HSM) GA GA GA
Update vCenter CA certificates with gkectl GA GA GA
Egress NAT gateway GA GA GA
Admin cluster fleet registration GA GA GA
Windows node pool support GA GA GA
containerd runtime for Windows node pool GA GA GA
Container-optimized OS node pool support GA GA GA
CoreDNS as the cluster DNS provider GA GA GA
User cluster lifecycle in the Google Cloud console GA GA GA
Admin cluster node creation with Container-optimized OS GA GA GA
Multi-NIC capability for Pods GA GA GA
MetalLB load balancer option GA GA GA
gkectl update admin support for enabling and disabling Cloud Logging and Cloud Monitoring GA GA GA
Windows Dataplane V2 support GA GA GA
Summary API metrics GA GA GA
gkectl update credentials support for updating component access service account key GA GA GA
Prepared credentials for user cluster GA GA GA
Dry run upgrade of user cluster GA
Asynchronous upgrade of user cluster GA GA GA
Asynchronous upgrade of admin cluster GA
Sequential update of node pools GA GA GA
Create volume snapshot with vSphere CSI driver Preview Preview Preview
Create user cluster with ControlPlaneV2 enabled GA GA GA
Storage migration with SPBM Preview GA
Migrate a datastore to a SPBM Preview
Migrate a user cluster to Controlplane V2 Preview
Migrate to HA admin cluster Preview
Migrate the configuration for integrated F5 BIG-IP Preview

Shared Responsibility Model

Running a business-critical production application on Google Distributed Cloud requires multiple parties to carry different responsibilities. These responsibilities are described at GKE Enterprise shared responsibility.

Developer Support

Google does not provide support for application workloads running on Google Distributed Cloud. However, we do provide best-effort developer support to ensure your developers can easily run applications on Google Distributed Cloud. We believe that engaging earlier during development can prevent critical incidents later in the deployment.

This Developer Support is available to customers with a paid support package and is treated at a priority level 3 for an issue blocking a launch, or at priority level 4 for general consultation. In this classification, priority level 0 is the highest priority.