Overview of creating Compute Engine instances (original) (raw)
Compute Engine lets you create and runinstances on Google infrastructure. This document provides an overview of the various configuration parameters that are available to you during a Compute Engine instance creation. If you are creating an instance for the first time, then this document provides a starting point for understanding the process.
The terms Compute Engine instance, compute instance or_instance_ are synonymous. Based on themachine typethat you specify, an instance can be either a bare metal instance or a virtual machine (VM) instance, as follows:
- If the name of its machine type ends in
-metal, an instance is abare metal instance, which does not have a hypervisor installed. - Otherwise, an instance is a VM instance. The terms_virtual machine instance_, VM instance, and VM are synonymous.
Synonymous terms are used interchangeably across the documentation and Google Cloud interfaces such as theGoogle Cloud console, thegcloud command-line tool, and the REST API.
Before you begin
- Review the basics aboutCompute Engine instances.
- If you haven't already, then set up authentication.Authentication is the process by which your identity is verified for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:
Select the tab for how you plan to use the samples on this page:
Ways to create and configure instances
You can create instances in multiple ways, each with its own method of configuration, as follows:
- **Create your instance by manually specifying a custom configuration.**Choose this option if you're creating an instance from the scratch and are facing any of the following scenarios:
- You know the specific configuration that is required for your workload.
- You want to create an instance with a complicated configuration.
- You want to create an instance by using the Google Cloud CLI or REST.
If you choose this method, then also review the list of allconfiguration options available during instance creation.
- **Create a workload-optimized instance.**In this method, you select your workload type while creating your instance and Google automatically populates a preset configuration that suits your workload. Choose this option if you're starting out with Compute Engine and don't know which configuration best suits your intended workload. This option is available only in the Google Cloud console.
- **Create your instance by using an instance template.**An instance template is a resource that defines configuration settings for instances. Choose this option if you have a defined configuration template and want to create a lot of VMs with the same configuration.
- **Create your instance by making copies of a machine image.**A machine image contains most of the information and data needed for cloning an instance. Choose this option if you want to make multiple copies of an existing source instance.
After you create your compute instance, Compute Engine automatically starts the instance.
Configuration options available during instance creation
When you create a Compute Engine instance, you specify the configuration that you want for your instance. Compute Engine uses this configuration to create your instance. The following table lists the various parameters that you configure during Compute Engine instance creation:
| Parameter | What you can configure |
|---|---|
| Machine configuration | Hardware: You specify amachine family, series, and type, which determines the number of vCPUs, memory, and the CPU platform that Compute Engine allocates for your instance. If the machine type is available on multiple CPU platforms, you can choose the earliest CPU platform to use when creating the instance. For the machine type, you can choose either a predefined machine type or create a [custom machine type](/compute/docs/machine-resource#custom-types) for some machine series. Location: You can choose theregion and zone where you want to create your instance. Instance name: Specify aname for the instance that is unique within your project and the selected zone. You can also configure more specific and advanced machine configuration settings such as: Simultaneous multi-threading (SMT) The number of visible cores For C4 instances only: whether the instance runs in all-core-max turbo mode. |
| Operating system (OS) and storage | Boot disk and OS: Every instance comes with a boot disk for which you can specify a disk name, size, anddisk type. You also select theOS image to install on the boot disk in one of the following ways: If you want to use a preconfigured OS image to create your instance, then use apublic image. Public images have all the drivers that are necessary to run the instance in Google Cloud. Compute Engine offers many preconfigured public OS images that have compatible Linux or Windows operating systems. If you are creating an instance for an application, you can use a custom image or a shared image to which you added additional drivers and software that support your application. You can also use asnapshot or an existing disk as the source for creating the OS image on the boot disk. Additional disks: You can create and attach one or more non-boot disks to the new instance in the following ways: You can choose to create and attach new, blank disks. You can choose to create and attach new disks from an existing source image or an existing disk. You can choose to attach existing disks. For some machine types, Local SSD disks are automatically attached during instance creation. For a few other machine types, you can choose to attach Local SSD disks during instance creation. For Local SSD disks, you can optionally configure the Local SSD recovery timeout, and which interface to use - NVMe or SCSI Disk configuration: Whether you're configuring a boot disk or an additional data disk, you can specify the following configuration details: Disk name (and optionally a custom device name) Disk size Encryption For Google Cloud Hyperdisk and Extreme Persistent Disk volumes only: the IOPS and throughput performance limits For Hyperdisk Balanced and Hyperdisk Throughput volumes only: whether the disk is created using resources in a Hyperdisk Storage Pool The disk attachment mode (Read-only or Read-write) A label ortag for the disk You can also enable a setting that prevents your disk from being deleted if the attached instance is deleted. Container: You can run containers such as Docker or Kubernetes on any of the following images: Linux public VM images Windows Server public VM images A Container-Optimized OS image. You specify a container image name and other container configuration details. You can also specify mount directories to add `tmpfs` storage and additional disks to the container. |
| Data protection | Data backup: You can automate recurring backups of your disk and instance data and prepare for disaster recovery in the following ways: Use Backup and DR Service backup plans to back up your entire instance. Use snapshot schedules to automate your disk data backup. To learn how to choose the correct data protection option for your use case, see Data protection options. Data replication: You can continuously replicate your disk data for disaster protection using cross-zone synchronous replication orcross-region asynchronous replication. Protect non-boot disks only: You can also enable an option that applies your snapshot schedules and data replication settings only to non-boot disks. Choosing this setting can help you reduce costs. However, this setting doesn't apply to backup plans. |
| Networking | Firewall rules: You can set up afirewall and configure the type of network traffic that you want to allow from the internet. You can also specify anetwork tag for the firewall rules. Custom hostname: You can specify that Google Cloud should use a custom name for the instance other than the internal DNS name. If you choose this option, then you must manually configure an internal DNS record for the custom hostname. IP forwarding: You can choose whether toconfigure IP forwarding for the new instance. Network performance: You can configure the instance to use per VM Tier_1 networking performance for higher network performance at additional cost. Network interfaces: By default, a new instance is configured with a single interface that uses the default auto mode Virtual Private Cloud (VPC) network. Alternatively, you can specify acustom mode VPC network and subnet that you created previously. You can also configureadditional network interfaces and Dynamic NICs for the instance. For each network interface, you can configure the following properties: The network interface type The IP stack type (IPv4 only, IPv6 only, or dual-stack) The type of IP address for the internal and optional external IP addresses (ephemeral address or a reserved, static address) An alias IP range for the network interface The Network Service Tier that the network interface uses Whether a public DNSPTR record is associated with the external IP address for the network interface |
| Observability | Ops agent: You can choose to installOps agent on your instance to collect logs and metrics andmonitor instance activity. Virtual displays: You can enable virtual displays on your instance to run screen capturing or remote system management tools on your VM. |
| Security | Service account: You can attach a service account to your instance. Service accounts allow applications that run on an instance to make authorized Google Cloud API calls and access Google Cloud resources. You can also select the type and level of API access to grant the VM. Confidential computing: You can prevent your data from being accessed while you use an instance by using Confidential Computing to encrypt your data. Shielded VM features: You can make your instance more secure against boot- or kernel-level malware and rootkits by enabling Shielded VM features. VM access: You cancontrol the users who have access to an instance by setting upIAM roles and permissions andSSH keys for authentication. |
| Advanced configuration | Tags and Labels: To assist with resource organization, you can add Tags and Labels to the instance. Deletion protection: You can protect your instances from being accidentally deleted. Reservations: You can configure your instance to consume any reserved zonal resource capacity to ensure better resource availability. Automation: You can specify astartup script that runs each time the instance starts or reboots. Metadata: You can set custom metadata for your instance to store unique information about the instance. Encryption: You can choose the encryption method and keys to use to protect disk data, memory contents, and metadata when the instance is suspended. This can be different from the encryption used to protect the disk data while the instance is running. You can also configure how the instance behaves if a specified Cloud KMS key is revoked. Provisioning model: You can choose among the standard, spot, flex-start (Preview), or reservation-bound provisioning model. For more information, see Compute Engine instances provisioning model. Sole-tenancy: You can opt for having dedicated physical servers for your instances and specify asole-tenant node ornode group to create the instance in. For general-purpose N series machine types, you can specify whether to enable CPU overcommit for instances running on sole tenant nodes. |
What's next
- Learn how to create and start a Compute Engine instance.
- If you're creating an instance for the first time, then try one of the following tutorials for a basic configuration:
- Learn about what happens to an instance after creation.