Getting support

Google's primary support objective is to resolve production incidents as quickly as possible. We do this by understanding your configuration, analyzing logs and metrics, and collaborating with partners to solve incidents quickly.

Google Cloud offers a variety of support packages to accommodate your support needs. All Google Cloud Support packages include support for Google Kubernetes Engine (GKE) Enterprise edition and Google Distributed Cloud. If you have an existing Google Cloud Support package, then you already have support for Google Kubernetes Engine (GKE) Enterprise edition and Google Distributed Cloud.

For more information, see the Google Cloud Support documentation.

Requirements for Google Distributed Cloud Support

To effectively troubleshoot business-critical incidents, you must:

  1. Check that the environment is current with the published end-of-support timeframes (see Version Support Policy below).
  2. Enable Cloud Logging and Cloud Monitoring for system components (for more details, see the Support tools section).
  3. When you open a support case, provide a configuration snapshot using the gkectl diagnose snapshot command.

Support tools

To troubleshoot business-critical incidents effectively, Google Cloud Support relies on three pieces of information:

  • Your environment's configuration
  • Logs from your admin and user clusters
  • Metrics from your admin and user clusters

Configuration

When you open a support case, you are asked to run the gkectl diagnose snapshot --seed-config command and attach the resulting tarball to the support case. gkectl diagnose snapshot --seed-config captures information about Kubernetes and your nodes.

The tool is highly configurable and includes several predefined scenarios. You can also pass a YAML file with a customized set of information to gather. To learn more, refer to Diagnosing Clusters.

You can add an excludeWords field to your configuration file to omit sensitive or confidential information. Be sure to carefully review the information captured by the tool. Highly confidential or sensitive information should not be attached to your support case.

Logs

When you create a new cluster, Cloud Logging agents are enabled by default and scoped only to system-level components. This replicates system-level logs into the Google Cloud project associated with the cluster. System-level logs are from Kubernetes pods running in one of five namespaces:

  • kube-system
  • gke-system
  • gke-connect
  • istio-system
  • config-management-system
  • knative-serving

Logs can be queried from the Cloud Logging console.

For more details, see Logging and Monitoring.

Metrics

In addition to logs, metrics are also captured by the Cloud Monitoring agent. This replicates system-level metrics into the Google Cloud project associated with the cluster. System-level metrics are from Kubernetes pods running in the same namespaces listed in Logs.

For more details, see Logging and Monitoring.

Google Cloud CLI and remote cluster access

If you open a support case, Cloud Customer Care may ask you for remote read-only access to your clusters to help diagnose and resolve issues more effectively. For the support team to have sufficient access to troubleshoot your cluster issue remotely:

  • Ensure that you've installed and updated to the latest version of the Google Cloud CLI. The Google Cloud CLI must be at version 401.0.0 or higher to give Cloud Customer Care the needed permissions. We recommend that you update Google Cloud CLI regularly to pick up added permissions and other enhancements. To install the latest components of the gcloud CLI, use the gcloud components update command.

  • Ensure the target cluster is registered and you have the project ID, membership name, and kubeconfig file.

        gkectl list admin --kubeconfig ADMIN_CLUSTER_KUBECONFIG
    
        gkectl list clusters --kubeconfig ADMIN_CLUSTER_KUBECONFIG
    
  • To grant access to the cluster, you run a gcloud CLI command that generates and displays a set of Kubernetes role-based access control (RBAC) policies and applies them to the target cluster. See Review the RBAC policies in advance.

For more information about giving Cloud Customer Care remote read-only access to your clusters, see Google Cloud Support for your registered clusters.

How we troubleshoot your environment

Here is an example of a typical support incident:

  1. Someone—for example, the cluster administrator—opens a support case in the Google Cloud console or the Google Cloud Support Center.

    1. In the console, go to the Support overview page.

      Go to Support overview

    2. In the Support information section, click Get help.

    3. In the Select your product field, enter the following:

      Google Distributed Cloud Virtual - vSphere (Anthos on VMWare)
      
    4. Click the item in the Matching products list, and then click Select.

    5. Enter the required information and attach the output of gkectl diagnose snapshot to the case.

  2. The support case is routed to a Technical Support Engineer specializing in Google Distributed Cloud (software only) for VMware.

  3. The support engineer examines the contents of the snapshot to gain context of the environment.

  4. The support engineer examines the logs and metrics in the Google Cloud project, entering the support case ID as the business justification, which is logged internally.

  5. The support engineer responds to the case with an assessment and recommendation. The support engineer and the user continue troubleshooting until they come to a resolution.

Collaborative Support Partners

Google maintains collaborative support relationships with select partners to deliver a more seamless support experience. With these relationships, Google is able to collaborate closely with that partner on behalf of our shared customers.

To benefit from Collaborative Support, you must maintain support agreements with both Google and the partner in question.

Google has a collaborative support relationship in place with the partners specified on the Collaborative Support Partners page.

Data about support issues may be shared with Collaborative Support Partners, as described in Google's Technical Support Services Guidelines.

What does Google support?

Generally, the Cloud Support team supports all software components shipped as part of Google Distributed Cloud (software only) for VMware. The following table details this further:

Google Cloud Support Collaborative Support Not Supported
Kubernetes and the container runtime
VMware vSphere (vCenter Server and ESXi)
VMware products beyond vSphere
Canonical Ubuntu for guest/node OS
F5 BIG-IP load balancers
Customer code (see Developer Support below)
vCenter controller
Hardware and hyper-converged infrastructure solutions as listed in the Collaborative Support Partners page
Customer choice of host OS
F5 controller

Physical server, storage, and network
Calico and related network policies

External DNS, DHCP, and identity systems
Ingress controller

Calico Enterprise Edition


Prometheus and Grafana
Stackdriver Monitoring, Stackdriver Logging, and Stackdriver agents
Identity federation with OIDC compliant providers
Hub, Connect, and the Connect Agent
Knative serving / Knative
Bundled LoadBalancer (Seesaw)

Version Support Policy

Support for Google Distributed Cloud follows the GKE Enterprise Support Policy. Google supports each Google Distributed Cloud minor version for the later of:

  • 12 months after the initial release of the minor version.
  • The release of the third subsequent minor version.
For the most recent minor release dates for GKE Enterprise and the earliest end-of-life dates, see GKE Enterprise support period.

Supported features

This document lists the features for Google Distributed Cloud for supported releases. The table is not intended to be an exhaustive list, but it highlights some of the benefits of upgrading your clusters to the latest supported version.

Features are listed by their product launch stage, either as Preview or General Availability. Features listed as Preview are covered by the Pre-GA Offerings Terms of the Google Cloud Terms of Service. Preview offerings are intended for use in test environments only and might have limited support. Changes to pre-GA products and features might not be compatible with other pre-GA versions. General Availability features are open to all customers, and are fully supported. For more information, see Product launch stages.

For information about supported GKE Enterprise components and their compatibility, see GKE Enterprise version and upgrade support.

Feature/capability 1.16 1.28 1.29 1.30 (latest)
Regional fleet membership GA GA GA
Version skew n+2 admin cluster - user cluster Preview GA GA
Version skew n+2 node pool - user cluster Preview GA GA
Max surge setting for node pool updates Preview Preview Preview
cgroup v2 for nodes Preview GA GA
DSR mode for Dataplane V2 Preview GA GA GA
BinAuthz for Controlplane V2 user clusters GA GA GA
Storage vMotion for SPBM clusters Preview Preview Preview
User-managed admin workstation Preview GA GA GA
StatefulSet CSI migration tool Preview Preview Preview GA
Seesaw to MetalLB migration Preview GA GA GA
Disable bundled ingress GA GA GA GA
Admin cluster prepared credentials Preview GA GA GA
Storage policy for a user cluster GA GA GA GA
Storage policy for an admin cluster Preview GA GA GA
Node auto repair GA GA GA GA
High availability admin cluster GA GA GA GA
VM-Host affinity GA GA GA GA
Generate configuration files from an existing cluster GA GA GA GA
Managed Service for Prometheus system metrics collection GA GA GA GA
Upgrade and rollback of nodepools GA GA GA GA
Update private registry credentials GA GA GA GA
Admin cluster backup and restore with gkectl Preview Preview Preview Preview
User cluster nodepool autoscaling GA GA GA GA
Cluster automatic node resizing GA GA GA GA
Multiple vSphere cluster support GA GA GA GA
Multiple vSphere data centers support GA GA GA GA
OpenID Connect (OIDC) support for authentication to clusters GA GA GA GA
CA certificate rotation GA GA GA GA
Workload Identity support GA GA GA GA
AIS with LDAP authentication support GA GA GA GA
Always-on secrets encryption without hardware security module (HSM) GA GA GA GA
Update vCenter CA certificates with gkectl GA GA GA GA
Egress NAT gateway GA GA GA GA
Admin cluster fleet registration GA GA GA GA
Windows node pool support GA GA GA GA
containerd runtime for Windows node pool GA GA GA GA
Container-optimized OS node pool support GA GA GA GA
CoreDNS as the cluster DNS provider GA GA GA GA
User cluster lifecycle in the Google Cloud console GA GA GA GA
Admin cluster node creation with Container-optimized OS GA GA GA GA
Multi-NIC capability for Pods GA GA GA GA
MetalLB load balancer option GA GA GA GA
gkectl update admin support for enabling and disabling Cloud Logging and Cloud Monitoring GA GA GA GA
Windows Dataplane V2 support GA GA GA GA
Summary API metrics GA GA GA GA
gkectl update credentials support for updating component access service account key GA GA GA GA
Prepared credentials for user cluster GA GA GA GA
Dry run upgrade of user cluster GA GA
Asynchronous upgrade of user cluster GA GA GA GA
Asynchronous upgrade of admin cluster GA GA
Sequential update of node pools GA GA GA GA
Create volume snapshot with vSphere CSI driver Preview Preview Preview Preview
Create user cluster with Controlplane V2 enabled GA GA GA GA
Storage migration with SPBM Preview GA GA
Migrate a datastore to a SPBM Preview Preview
Migrate a user cluster to Controlplane V2 Preview GA
Migrate to an HA admin cluster Preview GA
Migrate configuration settings for F5 BIG-IP Preview GA

Shared Responsibility Model

Running a business-critical production application on Google Distributed Cloud requires multiple parties to carry different responsibilities. These responsibilities are described at GKE Enterprise shared responsibility.

Developer Support

Google doesn't provide support specifically for your application workloads. However, we do provide best-effort developer support to ensure your developers can run applications on clusters created using Google Distributed Cloud. We believe that engaging earlier during development can prevent critical incidents later in the deployment.

This best-effort Developer Support is available to customers with any paid support package and is treated as a P3 priority for an issue blocking a launch, or a P4 priority for general consultation. In this classification, priority level 0 is the highest priority.