Skip to content
RunWhen

GCP Generation Rule Examples

Below is an example of how to configure Generation Rules and templates for Google Cloud Platform (GCP) resources—in this case, Google Kubernetes Engine (GKE) Clusters. The final result automatically generates an SLX, SLI, and Runbook for each matched cluster.

Example Directory Layout

gke-cluster-health
└── .runwhen
    ├── generation-rules
    │   └── gke-cluster-health.yaml
    └── templates
        ├── gke-cluster-health-slx.yaml
        ├── gke-cluster-health-sli.yaml
        └── gke-cluster-health-taskset.yaml

Generation Rule

apiVersion: runwhen.com/v1
kind: GenerationRules
spec:
  platform: gcp
  generationRules:
    - resourceTypes:
        - gcp_container_clusters
      matchRules:
        - type: pattern
          pattern: ".+"
          properties: [ name ]
          mode: substring
      slxs:
        - baseName: gke-cluster-health
          qualifiers: [ "project" ]
          baseTemplateName: gke-cluster-health
          levelOfDetail: basic
          outputItems:
            - type: slx
            - type: sli
            - type: runbook
              templateName: gke-cluster-health-taskset.yaml

Explanation

  1. resourceTypes: Targets GCP GKE clusters (gcp_container_clusters).
  2. matchRules: Matches any cluster name containing at least one character.
  3. slxs: Generates an SLX, SLI, and Runbook for every matched cluster. The templates are all prefixed by gke-cluster-health.

SLI Template Example

apiVersion: runwhen.com/v1
kind: ServiceLevelIndicator
metadata:
  name: {{slx_name}}
  labels:
    {% include "common-labels.yaml" %}
  annotations:
    {% include "common-annotations.yaml" %}
spec:
  displayUnitsLong: OK
  displayUnitsShort: ok
  locations:
    - {{default_location}}
  description: Runs tasks validate GKE Cluster health
  codeBundle:
    {% if repo_url %}
    repoUrl: {{repo_url}}
    {% else %}
    repoUrl: https://github.com/runwhen-contrib/rw-cli-codecollection.git
    {% endif %}
    {% if ref %}
    ref: {{ref}}
    {% else %}
    ref: main
    {% endif %}
    pathToRobot: codebundles/gke-cluster-health/sli.robot
  intervalStrategy: intermezzo
  intervalSeconds: 600
  configProvided:
    - name: GCP_PROJECT_ID
      value: {{match_resource.resource.project_id}}
  secretsProvided:
    - name: gcp_credentials_json
      workspaceKey: {{custom.gcp_ops_suite_sa}}
  alerts:
    warning:
      operator: <
      threshold: '1'
      for: '20m'
    ticket:
      operator: <
      threshold: '1'
      for: '30m'
    page:
      operator: '=='
      threshold: '0'
      for: ''

Explanation

  • intervalSeconds: Runs every 600 seconds (10 minutes).
  • configProvided: Passes the GCP Project ID from the matched cluster.
  • secretsProvided: References gcp_credentials_json from your workspace for authentication.
  • alerts: Sets up thresholds for warning, ticket, and page conditions.

SLX Template Example

apiVersion: runwhen.com/v1
kind: ServiceLevelX
metadata:
  name: {{slx_name}}
  labels:
    {% include "common-labels.yaml" %}
  annotations:
    {% include "common-annotations.yaml" %}
spec:
  imageURL: https://storage.googleapis.com/runwhen-nonprod-shared-images/icons/gcp/google_kubernetes_engine/google_kubernetes_engine.svg
  alias: GKE Cluster Health for Project {{match_resource.resource.project_id}}
  asMeasuredBy: Active GCP recommendations, overutilized or failed resources, and unsafe or non functioning configurations.
  configProvided:
  - name: SLX_PLACEHOLDER
    value: SLX_PLACEHOLDER
  owners:
  - {{workspace.owner_email}}
  statement: GKE Clusters should be running in a healthy state.
  additionalContext:
    project: "{{match_resource.resource.project_id}}"

Explanation

  • alias: Provides a descriptive name referencing the project.
  • asMeasuredBy: Explains that the SLX is looking for issues in the GKE cluster.
  • additionalContext: Logs the project ID for debugging.

Runbook Template Example

apiVersion: runwhen.com/v1
kind: Runbook
metadata:
  name: {{slx_name}}
  labels:
    {% include "common-labels.yaml" %}
  annotations:
    {% include "common-annotations.yaml" %}
spec:
  location: {{default_location}}
  description: Runs tasks validate GKE Cluster health
  codeBundle:
    {% if repo_url %}
    repoUrl: {{repo_url}}
    {% else %}
    repoUrl: https://github.com/runwhen-contrib/rw-cli-codecollection.git
    {% endif %}
    {% if ref %}
    ref: {{ref}}
    {% else %}
    ref: main
    {% endif %}
    pathToRobot: codebundles/gke-cluster-health/runbook.robot
  configProvided:
    - name: GCP_PROJECT_ID
      value: {{match_resource.resource.project_id}}
  secretsProvided:
    - name: gcp_credentials_json
      workspaceKey: {{custom.gcp_ops_suite_sa}}

Explanation

  • pathToRobot: Points to the runbook code for checking GKE cluster health.
  • configProvided: Again passes the GCP Project ID.
  • secretsProvided: The same GCP credentials used by the SLI.

Summary

With these configurations:

  1. A single Generation Rule matches GCP GKE Clusters.
  2. It emits an SLX, SLI, and Runbook for each matched cluster.
  3. The templates reference the GCP Project ID and rely on provided GCP credentials.

This approach can be extended to other GCP resource types by adjusting resourceTypes, matchRules, and the code bundles used in your templates.