本指南可帮助您了解如何创建、管理和删除部署组。
部署组是按有向无环图排列的部署集合。您可以使用部署组将相关部署作为单个逻辑资源进行管理。您可以按拓扑顺序应用部署,也可以按反向拓扑顺序删除部署。
准备工作
- 确保已启用 Infra Manager,并且已安装并初始化 Google Cloud CLI。
- 确保您具有 Config Admin (
roles/config.admin) Identity and Access Management 角色。 确保您的项目具有现有部署,或者创建部署。如需创建用于创建部署组的测试部署,请运行以下命令:
gcloud infra-manager deployments apply projects/PROJECT_ID/locations/LOCATION/deployments/NEW_DEPLOYMENT_ID \ --service-account=SERVICE_ACCOUNT \ --git-source-repo="https://github.com/terraform-google-modules/terraform-google-network" \ --git-source-directory="examples/simple_project_with_regional_network" \ --git-source-ref="v6.0.1" \ --input-values=network_name=test-network,project_id=PROJECT_ID \ --import-existing-resources替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:您需要创建的部署的位置
,以便创建部署组。 Google Cloud 例如,
us-central1。 - NEW_DEPLOYMENT_ID:部署的 ID。您需要现有部署才能创建部署组。
请在以下部分中将
EXISTING_DEPLOYMENT_ID替换为NEW_DEPLOYMENT_ID。 - SERVICE_ACCOUNT:您用于创建部署的 服务帐号的 ID。
创建部署组
部署组是 Infra Manager 作为单个逻辑单元管理的部署集合。
创建部署组时,您添加到该组的每个部署都是一个部署单元。
如需创建部署组,请按如下方式使用 REST API:
向
deploymentGroups端点发送POST请求:curl \ -X POST \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/?deployment_group_id=DEPLOYMENT_GROUP_ID" \ --data '{ "deploymentUnits": [ { "id": "DEPLOYMENT_UNIT_ID_1", "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/EXISTING_DEPLOYMENT_ID" }, { "id": "DEPLOYMENT_UNIT_ID_2", "dependencies": ["DEPENDENT_UNIT_ID"] } ] }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要创建的部署组的 ID。
- DEPLOYMENT_UNIT_ID_1:要添加到部署组的部署单元的 ID。
- EXISTING_DEPLOYMENT_ID:您用于创建部署组的部署单元的现有部署的 ID 。
- DEPLOYMENT_UNIT_ID_2:要添加到部署组的第二个 部署单元的 ID。您可以为要添加到部署组的每个部署单元添加定义。
- 可选:DEPENDENT_UNIT_ID:作为依赖项的部署单元的 ID。必须在定义单元之前 预配此依赖项,并在定义单元之后取消预配此依赖项。
向
deploymentGroup端点发送GET请求:curl \ -X GET \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID"替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:新部署组的 ID 。
预配部署组
如需应用部署组中引用的部署,您必须预配该组。预配会按 deploymentUnits 结构定义的顺序应用部署。如果您在此过程中需要创建或更新部署,可以在预配请求的 deploymentSpecs 对象中提供其定义。
如需预配部署组,请按如下方式使用 REST API:
向
provision端点发送POST请求:curl \ -X POST \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID:provision" \ --data '{ "deploymentSpecs": { "DEPLOYMENT_UNIT_ID_2": { "deploymentId": "DEPLOYMENT_ID_2", "deployment": { "terraformBlueprint": { "gitSource": { "directory": "examples/simple_project_with_regional_network", "ref": "v6.0.1", "repo": "https://github.com/terraform-google-modules/terraform-google-network" }, "inputValues": { "network_name": { "inputValue": "test-network" } }, "externalValues": { "project_id": { "deploymentSource": { "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/EXISTING_DEPLOYMENT_ID", "outputName": "project_id" } } } }, "serviceAccount": "SERVICE_ACCOUNT", "importExistingResources": true } } } }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:新部署组的 ID。
- DEPLOYMENT_UNIT_ID_2:要添加到部署组的第二个 部署单元的 ID。您可以为要添加到部署组的每个部署单元添加定义。
- DEPLOYMENT_ID_2:要添加到部署组的第二个 部署单元的字符串 ID。
- EXISTING_DEPLOYMENT_ID:现有部署的 ID。
- SERVICE_ACCOUNT:您用于预配部署组的 服务帐号的字符串 ID。
如需向 operations 端点发送
GET请求,请按如下方式使用 REST API:curl \ -X GET \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/operations/OPERATION_ID"替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - OPERATION_ID:您要查询的操作 ID。例如,
operation-1000000000000-64d67ecd2868c-caa044f9-6b48677e
Infra Manager 使用长时间运行的操作 (LRO) 来显示预配进度。成功的响应表示预配已完成:
{ "name": "projects/PROJECT_ID/locations/LOCATION/operations/OP_ID", "metadata": { "@type": "type.googleapis.com/google.cloud.config.v1.OperationMetadata", "createTime": "2026-02-24T01:27:57.045161236Z", "target": "projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID", "verb": "update", "requestedCancellation": false, "apiVersion": "v1", "provisionDeploymentGroupMetadata": { "step": "PROVISIONING_DEPLOYMENT_UNITS", "deploymentUnitProgresses": [ { "unitId": "DEPLOYMENT_UNIT_ID_1", "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/EXISTING_DEPLOYMENT_ID", "state": "APPLYING_DEPLOYMENT", "intent": "UPDATE_DEPLOYMENT", "deploymentOperationSummary": { "build": "56c739c7-cf42-457c-a889-0e0c139cf7b3", "logs": "gs://path/to/log", "content": "gs://path/to/content", "artifacts": "gs://path/to/artifacts" } }, { "unitId": "DEPLOYMENT_UNIT_ID_2", "state": "QUEUED", "intent": "CREATE_DEPLOYMENT" } ] } } }其中:
- OP_ID:操作 ID。由 Infra Manager 生成。
- EXISTING_DEPLOYMENT_ID:Infra Manager 将在
DEPLOYMENT_UNIT_ID_1之前预配的部署的 ID。
列出部署组的修订版本
Infra Manager 会在 provision
或 deprovision 操作完成后创建部署组修订版本。
如需列出部署组修订版本,请按如下方式使用 REST API:
向
revisions端点发送GET请求:curl \ -X GET \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID/revisions"替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要列出修订版本的部署组 的 ID。
更新部署组
如需更新部署组,请更改部署组定义。 您可以选择性地将更新后的定义预配到部署组。
如需更新部署组,请按如下方式使用 REST API:
向
deploymentGroups端点发送PATCH请求:curl \ -X PATCH \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID" \ --data '{ "deploymentUnits": [ { "id": "DEPLOYMENT_UNIT_ID_3" } ] }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要更新的部署组 的 ID。
- DEPLOYMENT_UNIT_ID_3:要更新的部署的 ID 。
可选:预配更新后的部署组。 向
provision端点发送POST请求:curl \ -X POST \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID:provision" \ --data '{ "deploymentSpecs": { "DEPLOYMENT_UNIT_ID_3": { "deploymentId": "EXISTING_DEPLOYMENT_ID", "deployment": { "terraformBlueprint": { "gitSource": { "directory": "examples/simple_project_with_regional_network", "ref": "v6.0.1", "repo": "https://github.com/terraform-google-modules/terraform-google-network" }, "inputValues": { "network_name": { "inputValue": "test-network" }, "project_id": { "inputValue": "PROJECT_ID" } } }, "serviceAccount": "SERVICE_ACCOUNT", "importExistingResources": true } } } }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要更新的部署组 的 ID。
- DEPLOYMENT_UNIT_ID_3:要添加到部署组的第三个 部署单元的 ID。
- EXISTING_DEPLOYMENT_ID:现有 部署的 ID。
- SERVICE_ACCOUNT:您用于更新部署组的 服务帐号的字符串 ID。
预配部署组时,系统会根据上次成功修订版本对部署组中的部署应用更改。
如果您从部署组定义中移除部署,然后进行预配,则移除的部署及其资源将被删除。
成功的响应表示预配已完成。
{ "name": "projects/PROJECT_ID/locations/LOCATION/operations/OP_ID", "metadata": { "@type": "type.googleapis.com/google.cloud.config.v1.OperationMetadata", "createTime": "2026-02-26T20:03:26.580085899Z", "target": "projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID", "verb": "update", "requestedCancellation": false, "apiVersion": "v1", "provisionDeploymentGroupMetadata": { "step": "PROVISIONING_DEPLOYMENT_UNITS", "deploymentUnitProgresses": [ { "unitId": "revisions/REVISION_ID/deploymentUnits/DEPLOYMENT_UNIT_ID_2", "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/DEPLOYMENT_ID_2", "state": "DELETING_DEPLOYMENT", "intent": "CLEAN_UP", "deploymentOperationSummary": { "deploymentStep": "VALIDATING_REPOSITORY" } }, { "unitId": "revisions/REVISION_ID/deploymentUnits/DEPLOYMENT_UNIT_ID_1", "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/NEW_DEPLOYMENT_NAME", "state": "QUEUED", "intent": "CLEAN_UP" }, { "unitId": "DEPLOYMENT_UNIT_ID_3", "state": "QUEUED", "intent": "RECREATE_DEPLOYMENT" } ] } }, "done": false }其中:
- OP_ID:表示操作 ID。由 Infra Manager 生成。
- REVISION_ID:表示修订版本 ID。由 Infra Manager 生成。
取消预配部署组
取消预配部署组以删除其引用的所有部署,以及属于上次成功修订版本(但此后已被删除)的所有部署。
如需取消预配部署组,请按如下方式使用 REST API:
向
deprovision端点发送POST请求:curl \ -X POST \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID:deprovision" \ --data '{ "deletePolicy": "DELETE", "force": true }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。
例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要取消预配的部署组的 ID。
成功的响应表示取消预配已完成。
{ "name": "projects/PROJECT_ID/locations/LOCATION/operations/OP_ID", "metadata": { "@type": "type.googleapis.com/google.cloud.config.v1.OperationMetadata", "createTime": "2026-02-26T20:12:46.929574561Z", "endTime": "2026-02-26T20:14:04.390333218Z", "target": "projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID", "verb": "update", "requestedCancellation": false, "apiVersion": "v1", "provisionDeploymentGroupMetadata": { "step": "SUCCEEDED", "deploymentUnitProgresses": [ { "unitId": "DEPLOYMENT_UNIT_ID", "deployment": "projects/PROJECT_ID/locations/LOCATION/deployments/DEPLOYMENT_NAME_3", "state": "SUCCEEDED", "deploymentOperationSummary": { "deploymentStep": "SUCCEEDED" } } ] } }, "done": true, "response": { "@type": "type.googleapis.com/google.cloud.config.v1.DeploymentGroup", "name": "projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID", "createTime": "2026-02-24T01:21:14.001716666Z", "updateTime": "2026-02-26T20:12:46.931142650Z", "state": "ACTIVE", "deploymentUnits": [ { "id": "DEPLOYMENT_UNIT_ID_3" } ], "provisioningState": "DEPROVISIONED" } }
删除部署组
取消预配部署组后,其元数据仍会保留。如需移除元数据,您必须删除部署组。
如需删除部署组,请按如下方式使用 REST API:
向
deploymentGroups端点发送DELETE请求。如果存在修订版本,请将force设置为true。curl \ -X DELETE \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://config.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/deploymentGroups/DEPLOYMENT_GROUP_ID" \ --data '{ "force": true }'替换以下内容:
- PROJECT_ID:您的 Google Cloud 项目的 ID。
- LOCATION:部署组的 Google Cloud 位置。例如,
us-central1。 - DEPLOYMENT_GROUP_ID:您要删除的部署组 的 ID。
后续步骤
- 详细了解 Infra Manager。
- 参阅 Infrastructure Manager API 参考文档。