在本文档的上下文中,针对Google Cloud 占用空间的云优化策略侧重于如何在规划和设计优化策略时利用 Active Assist 产品组合。
定义愿景并了解推动因素
对于企业来说,界定他们想要用来确定云占用空间优化方法的问题非常重要。下面是常见问题:
安全
性能
费用优化
敏捷性
企业目标
当您开始设计 Active Assist 建议的自动化流水线时,应首先定义企业的目标并为每个目标分配优先级。然后,您可以将这些优先级映射到有关在 Google Cloud 组织中发布和扩缩 Active Assist 的路线图。
例如,企业可能希望使用 Active Assist 建议来确保安全性并优化费用。但是,企业最初可能会选择投资于构建由 Active Assist 生成的安全相关建议的自动化流水线。在后续阶段,随着企业使用 Active Assist 产品组合并具备更多经验,并在自动化流程中逐渐成熟,它将自动执行其他类型的建议,例如虚拟机合理容量和空闲虚拟机 Recommender。
设计策略
企业必须制定明确定义的流程,以查看和实施 Active Assist 生成的建议。我们建议采用分阶段的方法,将可衡量的自动化程度增加。企业在 Google Cloud 组织中采用 Active Assist 时,可以采用迭代方法如下:
在第一阶段,您使用 Recommendation Hub 查看 Google Cloud 控制台中的 Active Assist 建议。您可以使用基于控制台的方法来查看和实施建议。此方法有助于您熟悉 Active Assist 建议,同时评估其是否适合。此外,它还可帮助您确定要优先考虑的推荐类别。如下图所示,通过 Recommendation Hub,您可以查看适用于可用资源的每个类别的建议,并深入查看每个资源组的相关详细信息。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-04-22。"],[],[],null,["# Patterns for using Active Assist at scale\n=========================================\n\nThis document is the first part in a series that introduces architectural\npatterns that enterprises can use to optimize their cloud footprint at scale\nusing [Active Assist](/solutions/active-assist).\nThis document is intended for people in the following roles:\n\n- Enterprise architects\n- Engineering leads\n- People who work in security and create automation to optimize cloud security, performance, and manageability\n\nThis document discusses the following:\n\n- The benefits of using Active Assist in an organization.\n- The challenges that organizations might encounter when they adopt Active Assist at enterprise-scale.\n- How to design automation pipelines using Active Assist.\n\nThe series consists of the following parts:\n\n- Patterns for using Active Assist at scale (this document)\n- [Using serverless pipelines with Active Assist](/recommender/docs/using-serverless-pipelines-with-active-assist)\n- [Using the GKE Enterprise toolchain with Active Assist](/recommender/docs/using-anthos-toolchain-with-active-assist)\n\nActive Assist\n-------------\n\nActive Assist is a portfolio of tools that use data, intelligence, and machine\nlearning to reduce cloud complexity and administrative work, helping enterprises\nto optimize the security, performance, manageability, and cost of their cloud.\n\nMany enterprises have a mandate to ensure that [the principle of least privilege](https://wikipedia.org/wiki/Principle_of_least_privilege)\nis applied to their business applications and infrastructure. Enterprises also\nwant to minimize resource waste and maximize the performance of business applications\nwhile also reducing administrative work and cost. As a consequence, IT departments often\nface scrutiny and pressure to meet these requirements with speed and agility.\nActive Assist gives them tools that they can use to help meet these goals.\n\nCloud optimization for enterprises\n----------------------------------\n\nBecause workloads, infrastructure, security needs, and processes are unique to\neach enterprise, you must adapt cloud optimization strategies to meet your specific\nneeds.\n\nIn the context of this document, cloud optimization strategies for your\nGoogle Cloud footprint focus on how you can leverage the Active Assist portfolio\nwhen you plan and design optimization strategies.\n\n### Defining a vision and understanding drivers\n\nIt's important for enterprises to define the issues that they want to use to inform\ntheir approach for cloud footprint optimization. The following are common issues:\n\n- Security\n- Performance\n- Cost optimization\n- Agility\n\n### Enterprise goals\n\nWhen you begin to architect an automation pipeline for Active Assist recommendations,\nyou should start by defining the goals for your enterprise and assigning priorities\nto each objective. You can then map these priorities to a roadmap for rolling out\nand scaling Active Assist in your Google Cloud organization.\n\nFor example, an enterprise might want to use Active Assist recommendations for\nsecurity and cost optimization. However, the enterprise might initially choose\nto invest in building an automation pipeline for the security-related\nrecommendations that Active Assist generates. At a later stage, as the enterprise\ngains more experience in using the Active Assist portfolio and matures in their\nautomation journey, it might automate other types of\n[recommendations](/recommender/docs/recommenders),\nfor example, [VM rightsizing](/compute/docs/instances/apply-sizing-recommendations-for-instances) and\n[Idle VM Recommender](/compute/docs/instances/viewing-and-applying-idle-vm-recommendations).\n\nDesigning a strategy\n--------------------\n\nEnterprises must have a clearly defined process for how they want to review\nand actuate the recommendations that Active Assist generates. We recommend a\nphased approach that incorporates an increasing degree of automation in a\nmeasured manner. An iterative approach that enterprises can take when adopting\nActive Assist in their Google Cloud organization is as follows:\n\n- **Phase one** :\n - Review Active Assist recommendations in the [Google Cloud console](/cloud-console).\n - Export the recommendations to [BigQuery](/recommender/docs/bq-export/export-recommendations-to-bq).\n- **Phase two** :\n - Use Recommender APIs.\n- **Phase three** :\n - Integrate recommendations review into DevOps pipelines.\n\nThis approach lets you iteratively incorporate more automation into your\nActive Assist recommendations pipelines.\n\n### Phase one: Reviewing Active Assist recommendations in Google Cloud console\n\nIn the first phase, you review Active Assist recommendations in the\nGoogle Cloud console using\n[Recommendation Hub](/recommender/docs/recommendation-hub/identify-configuration-problems#:%7E:text=The%20Recommendation%20Hub%20is%20a,these%20in%20a%20central%20location.).\nYou use a console-based approach to review and implement recommendations. This\napproach helps you gain familiarity with Active Assist recommendations while\nassessing their suitability. It also helps you to decide which recommendation\ncategories you want to prioritize. As shown in the following image,\nRecommendation Hub lets you review recommendations for each\nresource category that recommendations are available for and drill into the relevant\ndetails for each resource within the group.\n\nEnterprise teams can export recommendations to BigQuery. Exporting\nrecommendations to BigQuery lets you review recommendations at\nscale across the organization. It also lets you run queries in specific areas\nof interest for your enterprise. You can also consider [building a dashboard](https://cloud.google.com/blog/topics/cost-management/manage-cloud-costs-with-new-oss-recommendations-dashboard) to\nhelp your team better view and manage your recommendations.\n\n### Phase two: Using the Recommender APIs\n\nIn the second phase, you combine automation with manual reviews and validations to\nimplement recommendations generated by Active Assist. This approach helps you to gain\nagility. It also lets you make the most of platform-generated recommendations at scale,\nwhile retaining tight control on how recommendations are implemented.\n\nYou learn how this approach can be realized in\n[Using Serverless pipelines with Active Assist](/architecture/using-serverless-pipelines-with-active-assist).\n\n### Phase three: Integration recommendations into DevOps pipelines\n\nIn the third phase, you bring the review of recommendations into your DevOps\npipeline. You inject recommendations management and analysis into the DevOps\npipeline, enabling a streamlined process for resource and recommendations management.\nThis approach also enables the development of an approvals process that your\nteams might already be using as part of the continuous integration and continuous\ndeployment (CI/CD) process. This step relies more\nheavily on automation and code-based analysis of recommendations than phase two.\n\nBecause this approach needs an initial investment of effort to develop the automation\nframework, we recommend that you don't implement this phase until you have a well-established\nDevOps strategy.\n\nYou can learn about how this approach works in the following tutorial:\n\n- [Using recommendations for Infrastructure as Code](/recommender/docs/tutorial-iac)\n\nWhen you have a defined strategy for the adoption of Active Assist, the next step\nis to execute and roll out your phased approach.\n\nWhat's next\n-----------\n\n- Learn about how to [use recommendations for Infrastructure as Code](/recommender/docs/tutorial-iac).\n- Read how Active Assist can [help you to optimize Google Cloud resources](https://cloud.google.com/blog/products/management-tools/optimize-google-cloud-resources-with-active-assist).\n- Learn about [modern CI/CD with GKE](/kubernetes-engine/docs/tutorials/modern-cicd-gke-user-guide).\n- See how you can [achieve least privilege access using Policy Intelligence](https://www.youtube.com/watch?v=LYUVnvRovIM&feature=youtu.be).\n- Read about [using IAM Recommender to bulk-apply least privilege principles](https://cloud.google.com/blog/products/identity-security/using-iam-recommender-to-bulk-apply-least-privilege-principles)."]]