search

GoogleCloudPlatform / pubsec-declarative-toolkit

The GCP PubSec Declarative Toolkit is a collection of declarative solutions to help you on your Journey to Google Cloud. Solutions are designed using Config Connector and deployed using Config Controller.
Apache License 2.0
30 stars 26 forks source link

Increase quota for N2_CPUS for hub-env prior to deployment or switch to e2-standard-2 for management vm and keep n2-standard-4 for both fortigate VMs to come in under default 8 vCPU quota for N2 #625

Open obriensystems opened 8 months ago

obriensystems commented 8 months ago

part of #446 details coming https://console.cloud.google.com/kubernetes/object/compute.cnrm.cloud.google.com/computeinstances/northamerica-northeast1/krmapihost-kcc-oi4/networking/hub-fgt-secondary-instance?apiVersion=v1beta1&project=kcc-boot-ls-8704&orgonly=true&supportedpurview=organizationId

Screenshot 2023-10-27 at 13 48 38 
status:
  conditions:
  - lastTransitionTime: "2023-10-24T14:23:37Z"
    message: "Update call failed: error applying desired state: summary: Error waiting
      for instance to create: Quota 'N2_CPUS' exceeded.  Limit: 8.0 in region northamerica-northeast1.\n\tmetric
      name = compute.googleapis.com/n2_cpus\n\tlimit name = N2-CPUS-per-project-region\n\tlimit
      = 8\n\tdimensions = map[region:northamerica-northeast1]\n"
Screenshot 2023-10-27 at 13 50 09 
Thank you for submitting Case # (ID:6978a02638da4bb5bb) to Google Cloud Platform support for the following quota:
Change N2 CPUs - northamerica-northeast1 from 8 to 16
Your request is being processed and you should receive an email confirmation for your request. Should you need further assistance, you can respond to that email. You can also track the status of this reques

usually these come in easier

Screenshot 2023-10-27 at 13 51 54 Screenshot 2023-10-27 at 13 52 59 Screenshot 2023-10-27 at 13 53 18
obriensystems commented 8 months ago

Reduced machine size temporarily to n2-standard-2 (6 cores for 3 vms) wont work because of the nic count

  Warning  UpdateFailed  6s                    computeinstance-controller  Update call failed: error applying desired state: summary: Error creating instance: googleapi: Error 400: Invalid value for field 'resource.networkInterfaces': ''. Too many network interfaces. The maximum number of network interfaces allowed for this machine type is 2., invalid

trying
  machineType: e2-standard-2
for management and n2-standard-2 for fg vms

root_@cloudshell:~/pdt-ls/obriensystems/pubsec-declarative-toolkit/solutions/project (kcc-boot-ls-8704)$ kubectl get gcp -n networking | grep computeinstance
computeinstancegroup.compute.cnrm.cloud.google.com/hub-fgt-primary-umig     3d6h   True    UpToDate   109s
computeinstancegroup.compute.cnrm.cloud.google.com/hub-fgt-secondary-umig   3d6h   True    UpToDate   7s
computeinstance.compute.cnrm.cloud.google.com/hub-fgt-primary-instance     3d6h   True    UpToDate   2m34s
computeinstance.compute.cnrm.cloud.google.com/hub-fgt-secondary-instance   3d6h   True    UpToDate   7s
computeinstance.compute.cnrm.cloud.google.com/hub-management-instance      3d6h   True    UpToDate   26s

gui has not caught up

Screenshot 2023-10-27 at 17 12 07 Screenshot 2023-10-27 at 17 12 42 Screenshot 2023-10-27 at 17 09 48

quota issue solved by using a different machine type for the management instance and hit refresh on the gce pane

Screenshot 2023-10-27 at 17 13 45
obriensystems commented 8 months ago 
Status:
  Conditions:
    Last Transition Time:  2023-10-27T21:07:26Z
    Message:               The resource is up to date
    Reason:                UpToDate
    Status:                True
    Type:                  Ready
  Cpu Platform:            Intel Cascade Lake
  Current Status:          RUNNING
  Instance Id:             5974440820601886829
  Label Fingerprint:       Z9VAAJ71T-w=
  Metadata Fingerprint:    GXJWD0MkUvs=
  Observed Generation:     7
  Self Link:               https://www.googleapis.com/compute/v1/projects/xxdmu-admin4-ls/zones/northamerica-northeast1-b/instances/fgt-secondary-instance
  Tags Fingerprint:        tvYV2XqMUG4=
Events:
  Type     Reason        Age                    From                        Message
  ----     ------        ----                   ----                        -------
  Warning  UpdateFailed  31m (x2153 over 3d6h)  computeinstance-controller  Update call failed: error applying desired state: summary: Error waiting for instance to create: Quota 'N2_CPUS' exceeded.  Limit: 8.0 in region northamerica-northeast1.
           metric name = compute.googleapis.com/n2_cpus
           limit name = N2-CPUS-per-project-region
           limit = 8
           dimensions = map[region:northamerica-northeast1]
  Normal   Updating  5m36s (x2190 over 3d6h)  computeinstance-controller  Update in progress
root_@cloudshell:~/pdt-ls/obriensystems/pubsec-declarative-toolkit/solutions/project (kcc-boot-ls-8704)$ ^C
root_@cloudshell:~/pdt-ls/obriensystems/pubsec-declarative-toolkit/solutions/project (kcc-boot-ls-8704)$ kubectl get gcp -n networking | grep computeinstance
computeinstancegroup.compute.cnrm.cloud.google.com/hub-fgt-primary-umig     3d6h   True    UpToDate   5m53s
computeinstancegroup.compute.cnrm.cloud.google.com/hub-fgt-secondary-umig   3d6h   True    UpToDate   4m11s
computeinstance.compute.cnrm.cloud.google.com/hub-fgt-primary-instance     3d6h   True    UpToDate   6m38s
computeinstance.compute.cnrm.cloud.google.com/hub-fgt-secondary-instance   3d6h   True    UpToDate   4m11s
computeinstance.compute.cnrm.cloud.google.com/hub-management-instance      3d6h   True    UpToDate   4m30s
fmichaelobrien commented 8 months ago

Closing once more testing on mgmt VM behaviour under the reduced instance