Deployment Manager enables you to manage your infrastructure using declarative configurations.

In this codelab, you will use Deployment Manager to configure network firewall rules and launch a Google Compute Engine instance. You will configure a startup-script that will launch a web server and generate a web page containing instance metadata.

For complete information about Deployment Manager, see:

What you'll learn

What you'll need

To complete this lab, you need:

Create a project

Open the Cloud Platform Console. Click Select a project, and then click the + icon to create a project.

In the New Project dialog, for Project name, type DeplManagerProject. Click Create.

Enable API

In the Product & Services menu, click API Manager, and then click Enable API.

In the search field, type deploy

Click Google Cloud Deployment Manager V2 API, and then click Enable.

In the navigation pane, under API Manager, click Dashboard, and then click Enable API.

In the search field, type compute

Click Google Compute Engine API, and then click Enable.

You will now be able to use the Deployment Manager and launch Compute Engine instances.

Download the code

Click the Activate Google Cloud Shell button at the top of the Cloud Platform Console.

In the Cloud Shell session, execute the following command to clone the git repository that contains several Deployment Manager examples including the starter deployment configuration for this lab.

git clone

Switch to the jinja directory for the metadata_from_file deployment configuration by executing the following command:

cd deploymentmanager-samples/examples/v2/metadata_from_file/jinja

In the Cloud Shell session, launch the code editor and navigate to the deploymentmanager-samples/examples/v2/metadata_from_file folder.

In this lab, you will review and extend the deployment configuration in the metadata_from_file folder.

Review and update the deployment configuration file

In the Code Editor, open and review the deployment configuration file jinja/config.yaml.

The configuration file imports instance.jinja template and

- path: instance.jinja
- path: ../

In the resources section, the configuration file uses the instance.jinja template to launch a Google Compute Engine instance. The configuration file passes two properties as parameters to the template: metadata-from-file with startup-script that should run when the instance is launched and zone in which the instance should be launched.

- name: my-instance
  type: instance.jinja
    zone: ZONE_TO_RUN

Replace the text ZONE_TO_RUN with the following value:


Review instance template

Open and review the jinja/instance.jinja template. The template creates a Compute Engine instance with properties, a persistent disk, and external IP address (specified through accessConfig type ONE_TO_ONE_NAT).

Create firewall rule to allow HTTP access

In the jinja/instance.jinja template's resources section, copy and paste the following code to add a firewall rule that allows HTTP access on port 80 of instances running in the project's default network.

- name: tcp-firewall-rule
  type: compute.v1.firewall
    sourceRanges: [""]
    - IPProtocol: TCP
      ports: ["80"]

The completed resources section is as follows:

- name: tcp-firewall-rule
  type: compute.v1.firewall
    sourceRanges: [""]
    - IPProtocol: TCP
      ports: ["80"]
- name: {{ BASE_NAME }}
  type: compute.v1.instance

Declare template output

At the end of the jinja/instance.jinja template, copy and paste the following code to specify the external IP address of the instance as a template output.

- name: vm_ip
  value: $(ref.{{ BASE_NAME }}.networkInterfaces[0].accessConfigs[0].natIP)

The completed outputs section is as follows:

    - network: {{ COMPUTE_URL_BASE }}projects/{{ env['project'] }}/global/networks/default
      - name: External NAT
        type: ONE_TO_ONE_NAT
- name: vm_ip
  value: $(ref.{{ BASE_NAME }}.networkInterfaces[0].accessConfigs[0].natIP)

Create startup script

Update in the metadata_from_file folder. Replace the original content with the following code:

#! /bin/bash
apt-get update
apt-get install -y apache2

HTML_START="<html><body><h1>VM Metadata From Startup Script</h1><pre>"

VM_METADATA=$(curl "" -H "Metadata-Flavor: Google")

# Encode HTML characters
VM_METADATA=$(echo "$VM_METADATA"|sed 's/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g; s/"/\&quot;/g; s/'"'"'/\&#39;/g')


echo "$FILE_CONTENTS" > /var/www/html/index.html

The script sets up an Apache web server, retrieves the instance's metadata from the metadata server, and writes the metadata to a file. For more information about metadata, see Storing and Retrieving Instance Metadata.

Deploy the configuration

Switch to the Cloud Platform Console tab. In the Cloud Shell session, execute the following command:

gcloud deployment-manager deployments create mydepl --config config.yaml

The command creates a deployment called mydepl.

Verify the deployment

In the Cloud Platform Console, in the Products & Services menu, click Deployment Manager.

Click mydepl to view the details of the deployment.

Under the my-instance section, click each of the resources created by the instance.jinja template and review the details.

Click Overview - mydepl. The Deployment Properties section displays the overall deployment configuration.

View the Config property. The Config pane displays the contents of the deployment configuration YAML file.

View the Expanded Config property. The Expanded config pane displays the final configuration based on the deployment configuration file and the imported templates. Scroll towards end of the expanded configuration. Note that the Compute Engine instance was created in the us-west1-a zone based on the zone property passed into the template.

View the Layout property. The Layout pane displays all the outputs for the complete deployment configuration including outputs defined in nested templates. The finalValue property contains the value for each output.

Copy the external IP address displayed in the finalValue property for vm_ip. In a new browser tab, paste the IP address. If you see the standard Apache web server welcome page, reload the page. The VM Metadata From Startup Script page will be displayed with the metadata for the Compute Engine instance. Recall that this page was created by the startup script that executed during the launch process of the instance.

Delete the resources

To delete your deployment, execute the following command:

 gcloud deployment-manager deployments delete mydepl

Type y to continue.

Deleting a deployment permanently deletes all resources in the deployment.

Delete the project

In the Product & Services menu, click IAM & Admin.

Click Settings, then click the Delete.

In the Shut down project dialog, read the notes and then, type the project ID.

Click Shut down.

Close the Cloud Platform Console.

Congratulations! You have now learned how to create a deployment using Deployment Manager!