Google Cloud (GCP) AutoScale

This guide will walk you through configuring autoscaling for Kasm Workspaces on Google Cloud (GCP). Autoscaling in Kasm Workspaces automatically provisions and destroys agents based on user demand, ensuring optimized resource utilization and cost efficiency.

Overview

Prerequisites

  • Access to Google Cloud (GCP): Ensure you have admin access to your Google Cloud (GCP) environment

  • Kasm Workspaces Installed: A basic setup of Kasm Workspaces must already exist

  • Understand Key Concepts:

    • Zones: Logical groupings of Kasm services for geographical or organizational segmentation

    • Pools: Logical groupings of Kasm Docker Agents and Server Pools for load balancing

  • Plan Your Configuration:

    • Understand your deployment zone requirements

    • Have access to your Google Cloud (GCP) details; target regions, networks, etc.

    • Create template images for your autoscale agents, if you require customisations baked into the images

Setup your GCP environment

  • Create service account: Go to “IAM” -> “Service Accounts” and create a new service account for use with Kasm AutoScaling. Also, make sure to give it the Compute Admin role.

    ../../../_images/gcp_service_account.png

    Create Service Account in GCP

  • Create Key: Click on the created service account, and go to “Keys”. Click “Add Key” -> Select key type as JSON -> “Create”. This will generate a JSON file for you to download that contains all the authentication information required to configure AutoScaling on Kasm.

    ../../../_images/gcp_create_key.png

    Create Key in GCP

Configure VM Provider Details on Kasm

../../../_images/vm_google.webp

GCP VM Provider

GCP VM Provider Settings

Name

Description

Name

An identifying name for this provider configuration e.g. Google Cloud (GCP) Docker Agent Autoscale Provider

GCP Credentials

The JSON formatted credentials for the service account used to authenticate with GCP: Ref

Max Instances

The maximum number of GCP compute instances to provision regardless of the need for additional resources.

Project ID

The Google Cloud Project ID (e.g pensive-voice-547511)

Region

The region to provision the new compute instances. (e.g us-east4)

Zone

The zone the new compute instance will be provisioned in (e.g us-east4-b)

Machine Type

The Machine type for the GCP compute instances. (e.g e2-standard-2)

Machine Image

The Machine Image to use for the new compute instance. (e.g projects/ubuntu-os-cloud/global/images/ubuntu-2004-focal-v20211212)

Boot Volume GB

The size (in GB) of the boot volume to assign the compute instance.

Disk Type

The disk type for the new instance. (e.g pd-ssd, pd-standard, etc.)

Customer Managed Encryption Key (CMEK)

The optional path to the Customer Managaged Encryption Key (CMEK) (e.g projects/pensive-voice-547511/locations/global/keyRings/my-keyring/cryptoKeys/my-key

Network

The path of the Network to attach the new instance. (e.g projects/pensive-voice-547511/global/networks/default)

Sub Network

The path of the Sub Network to attach the new instance.(e.g projects/pensive-voice-547511/regions/us-east4/subnetworks/default)

Public IP

If checked, a public IP will be assigned to the new instances

Network Tags (JSON)

A JSON list of the Network Tags to assign the new instance. (e.g ["https-server", "foo", "bar"])

Custom Labels (JSON)

A JSON dictionary of Custom Labels to assign the new instance (e.g {"foo": "bar", "bin":"baz"})

Metadata (JSON)

A JSON list of metadata objects to add to the instance. (e.g [{"key": "ssh-keys", "value":"user1:ssh-rsa <key contents> user1"}]) Reference

Service Account (JSON)

A JSON dictionary representing for a service account to attach to the instance. (e.g {"email": "service-account@example.com", "scopes":["https://www.googleapis.com/auth/cloud-platform"]}) Reference

Guest Accelerators (JSON)

A JSON list representing the guest accelerators (e. GPUs) to attach to the instance. (e.g [{"acceleratorType":"projects/<project-id>/zones/<zone>/acceleratorTypes/nvidia-tesla-t4","acceleratorCount":1}]) Reference

GCP Config Override (JSON)

A JSON dictionary that can be used to customize attributes of the VM request. The only attributes that cannot be overridden are name and labels (e.g {"shieldedInstanceConfig":{"enableIntegrityMonitoring":true,"enableSecureBoot":true,"enableVtpm":true}} Reference

VM Installed OS Type

The family of the OS installed on the VM (e.g. linux or windows).

Startup Script Type

The type of startup script to execute, this determines the key used when creating the GCP startup script metadata. Windows Startup Scripts Linux Startup Scripts

Startup Script

When instances are provisioned, this script is executed and is responsible for installing and configuring the Kasm Agent. Bash is supported on Linux instances and Powershell for Windows instance. Example scripts can be found on our Github repo

  • Submit the Provider Config

Test Autoscaling

  • If you have configured non-zero Standby/Minimum Available Session values agents should start provisioning immediately, otherwise…

  • Provision a Workspace

    • Go to Workspaces > Registry

    • Make multiple workspaces available

  • Go to the Workspaces dashboard and launch sufficient workspace sessions to exceed your resource standby thresholds

  • Monitor the provisioning of new agents in the Docker Agents section

  • Verify new VM instances in Google Cloud (GCP)

  • Check Downscaling

    • Terminate sessions to reduce resource usage

    • Confirm that Kasm removes agents after the back-off period