Google's primary support objective is to resolve production incidents as quickly as possible. We do this by understanding your configuration, analyzing logs and metrics, and collaborating with partners to solve incidents quickly.
Google Cloud offers a variety of support packages to accommodate your support needs. All Google Cloud Support packages include support for Google Kubernetes Engine (GKE) Enterprise edition and Google Distributed Cloud. If you have an existing Google Cloud Support package, then you already have support for Google Kubernetes Engine (GKE) Enterprise edition and Google Distributed Cloud.
For more information, see the Google Cloud Support documentation.
Requirements for Google Distributed Cloud Support
To effectively troubleshoot business-critical incidents, you must:
- Check that the environment is current with the published end-of-support timeframes (see Version Support Policy below).
- Enable Cloud Logging and Cloud Monitoring for system components (for more details, see the Support tools section).
- When you open a support case, provide a configuration snapshot using the
gkectl diagnose snapshot
command.
Support tools
To troubleshoot business-critical incidents effectively, Google Cloud Support relies on three pieces of information:
- Your environment's configuration
- Logs from your admin and user clusters
- Metrics from your admin and user clusters
Configuration
When you open a support case, you are asked to run the
gkectl diagnose snapshot --seed-config
command and attach the resulting
tarball to the support case. gkectl diagnose snapshot --seed-config
captures
information about Kubernetes and your nodes.
The tool is highly configurable and includes several predefined scenarios. You can also pass a YAML file with a customized set of information to gather. To learn more, refer to Diagnosing Clusters.
You can add an excludeWords
field to your configuration file to omit
sensitive or confidential information. Be sure to carefully review the
information captured by the tool. Highly confidential or sensitive information
should not be attached to your support case.
Logs
When you create a new cluster, Cloud Logging agents are enabled by default and scoped only to system-level components. This replicates system-level logs into the Google Cloud project associated with the cluster. System-level logs are from Kubernetes pods running in one of five namespaces:
- kube-system
- gke-system
- gke-connect
- istio-system
- config-management-system
- knative-serving
Logs can be queried from the Cloud Logging console.
For more details, see Logging and Monitoring.
Metrics
In addition to logs, metrics are also captured by the Cloud Monitoring agent. This replicates system-level metrics into the Google Cloud project associated with the cluster. System-level metrics are from Kubernetes pods running in the same namespaces listed in Logs.
For more details, see Logging and Monitoring.
Google Cloud CLI and remote cluster access
If you open a support case, Cloud Customer Care may ask you for remote read-only access to your clusters to help diagnose and resolve issues more effectively. For the support team to have sufficient access to troubleshoot your cluster issue remotely:
Ensure that you've installed and updated to the latest version of the Google Cloud CLI. The Google Cloud CLI must be at version 401.0.0 or higher to give Cloud Customer Care the needed permissions. We recommend that you update Google Cloud CLI regularly to pick up added permissions and other enhancements. To install the latest components of the gcloud CLI, use the
gcloud components update
command.Ensure the target cluster is registered and you have the project ID, membership name, and kubeconfig file.
To get user cluster kubeconfig, see How to re-create user cluster kubeconfig.
Your membership name is the same as the cluster name. To get the admin or user cluster name, you can use:
gkectl list admin --kubeconfig ADMIN_CLUSTER_KUBECONFIG gkectl list clusters --kubeconfig ADMIN_CLUSTER_KUBECONFIG
To grant access to the cluster, you run a gcloud CLI command that generates and displays a set of Kubernetes role-based access control (RBAC) policies and applies them to the target cluster. See Review the RBAC policies in advance.
For more information about giving Cloud Customer Care remote read-only access to your clusters, see Google Cloud Support for your registered clusters.
How we troubleshoot your environment
Here is an example of a typical support incident:
Someone—for example, the cluster administrator—opens a support case in the Google Cloud console or the Google Cloud Support Center.
In the console, go to the Support overview page.
In the Support information section, click Get help.
In the Select your product field, enter the following:
Google Distributed Cloud Virtual - vSphere (Anthos on VMWare)
Click the item in the Matching products list, and then click Select.
Enter the required information and attach the output of
gkectl diagnose snapshot
to the case.
The support case is routed to a Technical Support Engineer specializing in Google Distributed Cloud (software only) for VMware.
The support engineer examines the contents of the snapshot to gain context of the environment.
The support engineer examines the logs and metrics in the Google Cloud project, entering the support case ID as the business justification, which is logged internally.
The support engineer responds to the case with an assessment and recommendation. The support engineer and the user continue troubleshooting until they come to a resolution.
Collaborative Support Partners
Google maintains collaborative support relationships with select partners to deliver a more seamless support experience. With these relationships, Google is able to collaborate closely with that partner on behalf of our shared customers.
To benefit from Collaborative Support, you must maintain support agreements with both Google and the partner in question.
Google has a collaborative support relationship in place with the partners specified on the Collaborative Support Partners page.
Data about support issues may be shared with Collaborative Support Partners, as described in Google's Technical Support Services Guidelines.
What does Google support?
Generally, the Cloud Support team supports all software components shipped as part of Google Distributed Cloud (software only) for VMware. The following table details this further:
Google Cloud Support | Collaborative Support | Not Supported |
---|---|---|
Kubernetes and the container runtime |
VMware vSphere (vCenter Server and ESXi) |
VMware products beyond vSphere |
Canonical Ubuntu for guest/node OS |
F5 BIG-IP load balancers |
Customer code (see Developer Support below) |
vCenter controller |
Hardware and hyper-converged infrastructure solutions as listed in the Collaborative Support Partners page |
Customer choice of host OS |
F5 controller |
Physical server, storage, and network |
|
Calico and related network policies |
External DNS, DHCP, and identity systems |
|
Ingress controller |
Calico Enterprise Edition |
|
Prometheus and Grafana |
||
Stackdriver Monitoring, Stackdriver Logging, and Stackdriver agents |
||
Identity federation with OIDC compliant providers |
||
Hub, Connect, and the Connect Agent |
||
Knative serving / Knative |
||
Bundled LoadBalancer (Seesaw) |
Version Support Policy
Support for Google Distributed Cloud follows the GKE Enterprise Support Policy. Google supports each Google Distributed Cloud minor version for the later of:
- 12 months after the initial release of the minor version.
- The release of the third subsequent minor version.
Supported features
This document lists the features for Google Distributed Cloud for supported releases. The table is not intended to be an exhaustive list, but it highlights some of the benefits of upgrading your clusters to the latest supported version.
Features are listed by their product launch stage, either as Preview or General Availability. Features listed as Preview are covered by the Pre-GA Offerings Terms of the Google Cloud Terms of Service. Preview offerings are intended for use in test environments only and might have limited support. Changes to pre-GA products and features might not be compatible with other pre-GA versions. General Availability features are open to all customers, and are fully supported. For more information, see Product launch stages.
For information about supported GKE Enterprise components and their compatibility, see GKE Enterprise version and upgrade support.
Shared Responsibility Model
Running a business-critical production application on Google Distributed Cloud requires multiple parties to carry different responsibilities. These responsibilities are described at GKE Enterprise shared responsibility.
Developer Support
Google doesn't provide support specifically for your application workloads. However, we do provide best-effort developer support to ensure your developers can run applications on clusters created using Google Distributed Cloud. We believe that engaging earlier during development can prevent critical incidents later in the deployment.
This best-effort Developer Support is available to customers with any paid support package and is treated as a P3 priority for an issue blocking a launch, or a P4 priority for general consultation. In this classification, priority level 0 is the highest priority.