Registering Cloud Platforms in DeepFlow

Created:2024-07-03 Last Modified:2024-09-06

This document was translated by ChatGPT

#1. Introduction

Registering cloud platforms on the DeepFlow web page and completing the integration with cloud platform APIs are prerequisites for the following DeepFlow functionalities:

  • Learning information about cloud server instances in public clouds to accept registration requests from DeepFlow Agents deployed within these cloud servers.
  • Learning information about resources and tags such as VPCs, load balancers, and RDS in public clouds, and automatically injecting cloud resource tags into observability data collected by DeepFlow Agents.

This chapter will provide a detailed guide on how to register cloud platform information on the DeepFlow web page to complete the integration with cloud platform APIs. Once registered, DeepFlow will automatically synchronize cloud resource information periodically through the APIs provided by the cloud platforms based on your configuration and build observability data tags for DeepFlow.

#2. Interaction Topology

Interaction Topology

Interaction Topology

#3. Supported Cloud Service Providers

DeepFlow currently supports API integration and cloud resource information synchronization with the following public clouds:

Cloud Service Provider (English) Cloud Service Provider (Chinese) Type Identifier in DeepFlow
AWS AWS aws
Aliyun 阿里云 aliyun
Baidu Cloud 百度云 baidu_bce
Huawei Cloud 华为云 huawei
Microsoft Azure 微软云
QingCloud 青云 qingcloud
Tencent Cloud 腾讯云 tencent
Volcengine 火山引擎 volcengine

#4. Aliyun

#4.1 Registration Steps

  1. Go to Resources - Resource Pool - Cloud Platform
  2. Click New Cloud Platform
  3. Fill in the relevant cloud platform information and click Confirm to get a record of the cloud platform

Register Cloud Platform (Aliyun)

Register Cloud Platform (Aliyun)

#4.2 Configuration Item Description

Configuration Item Content Example Remarks
Cloud Platform Name Example: my-aliyun The name of the cloud platform as seen in DeepFlow, customizable
AccessKey ID Example: LTAI4FiU3ad3txLUSRg8xGfn Create an AccessKey in the Aliyun console and fill in the ID here
AccessKey Secret Example: itsHzkPo22jbtNZ61QEz3gc5bsPnXP Create an AccessKey in the Aliyun console and fill in the Secret here
Region Whitelist Example: South China 3 (Guangzhou), North China 6 (Ulanqab) List of regions where Aliyun ECS resources are located, separated by ,

注意

The Region Whitelist must be filled in and must match the actual distribution of cloud server resources. If the Region Whitelist is empty (matching all regions) or too extensive, DeepFlow may query too many Aliyun regions, resulting in long query cycles. If the regions listed do not include the regions where your cloud servers are located, DeepFlow will not be able to learn the information of the cloud servers in those regions, and DeepFlow Agents will not be able to register.

Steps to Create an AccessKey in the Aliyun Console:

Create AccessKey in Aliyun Console

Create AccessKey in Aliyun Console

Steps to Query the Regions of Aliyun Resources:

Query Regions of Aliyun Resources

Query Regions of Aliyun Resources

#4.3 API Permission Description

DeepFlow will use the following APIs to learn resource information from Aliyun. If you need to restrict the resources that DeepFlow can learn, you can limit the resource permissions of the account used to generate the AccessKey in the Aliyun console:

API Integration Content Required
DescribeRegions Query region list Required
DescribeVpcs Query VPC list Required
DescribeVSwitches Query switch list Required
DescribeInstances Query cloud server instance list Required
DescribeNetworkInterfaces Query cloud server network interface list Required
DescribeNatGateways Query NAT gateway list Optional
DescribeSnatTableEntries Query NAT gateway SNAT rules Optional
DescribeForwardTableEntries Query NAT gateway DNAT rules Optional
DescribeLoadBalancers Query load balancers Optional
DescribeLoadBalancerAttribute Query load balancer listeners Optional
DescribeHealthStatus Query load balancer rules Optional

#5. Tencent Cloud

#5.1 Registration Steps

  1. Go to Resources - Resource Pool - Cloud Platform
  2. Click New Cloud Platform
  3. Fill in the relevant cloud platform information and click Confirm to get a record of the cloud platform

Register Cloud Platform (Tencent Cloud)

Register Cloud Platform (Tencent Cloud)

#5.2 Configuration Item Description

Configuration Item Content Example Remarks
Cloud Platform Name Example: tencent-1 The name of the cloud platform as seen in DeepFlow, customizable
AccessKey ID Example: AKIDztZ0C9dHuIQJwKMeZEixykjTBhz2L Fill in the SecretId generated after creating a new key in the API Key Management page under Access Management in the Tencent Cloud console (read-only permissions are sufficient)
AccessKey Secret Example: itsHzkPo22jbtNZ61QEz3gc5bsPnXP Fill in the SecretKey corresponding to the SecretId (read-only permissions are sufficient)
Region Whitelist Example: East China (Shanghai) List of regions where Tencent Cloud servers are located, multiple regions can be configured, regular expressions are not supported, regions are separated by ,

注意

The Region Whitelist must be filled in and must match the actual distribution of cloud server resources. If the Region Whitelist is empty (matching all regions) or too extensive, DeepFlow may query too many Tencent Cloud regions, resulting in long query cycles. If the regions listed do not include the regions where your cloud servers are located, DeepFlow will not be able to learn the information of the cloud servers in those regions, and DeepFlow Agents will not be able to register.

提示

The Tencent Cloud Region list includes: South China (Guangzhou), East China (Nanjing), North China (Beijing), Southwest China (Chengdu), Southwest China (Chongqing), Hong Kong, Macao, and Taiwan (Hong Kong, China), Northeast Asia (Seoul), Northeast Asia (Tokyo), Southeast Asia (Singapore), Southeast Asia (Bangkok), Southeast Asia (Jakarta), Western US (Silicon Valley), Europe (Frankfurt), South Asia (Mumbai), Eastern US (Virginia), South America (São Paulo), North America (Toronto)

Steps to Create a Key in the Tencent Cloud Console:

Create Key in Tencent Cloud Console

Create Key in Tencent Cloud Console

#5.3 API Permission Description

DeepFlow will use the following APIs to learn resource information from Tencent Cloud. If you need to restrict the resources that DeepFlow can learn, you can limit the resource permissions of the account used to generate the key in the Tencent Cloud console:

API Integration Content Required
DescribeRegions Query region list Required
DescribeZones Query availability zone list Required
DescribeVpcs Query VPC list Required
DescribeNatGateways Query NAT gateways and related information Required
DescribeNatGatewayDestinationIpPortTranslationNatRules Query NAT gateway rules Required
DescribeRouteTables Query route tables Required
DescribeSubnets Query subnet list Required
DescribeInstances Query instance list Required
DescribeNetworkInterfaces Query elastic network interface list Required
DescribeLoadBalancers Query load balancer list Required
DescribeListeners Query load balancer listener list Required
DescribeTargets Query backend services bound to load balancers Required
DescribeClassicalLBListeners Query classical load balancer listener list Required