Overview of creating Compute Engine instances

Compute Engine lets you create and run instances on Google infrastructure. This document provides an overview of the various configuration parameters that are available to you during a Compute Engine instance creation. If you are creating an instance for the first time, then this document provides a starting point for understanding the process.

The terms Compute Engine instance, compute instance or instance are synonymous. Based on the machine type that you specify, an instance can be either a bare metal instance or a virtual machine (VM) instance, as follows:

If the name of its machine type ends in -metal, an instance is a bare metal instance, which does not have a hypervisor installed.
Otherwise, an instance is a VM instance. The terms virtual machine instance, VM instance, and VM are synonymous.

Synonymous terms are used interchangeably across the documentation and Google Cloud interfaces such as the Google Cloud console, the gcloud command-line tool, and the REST API.

Before you begin

Review the basics about Compute Engine instances.
If you haven't already, then set up authentication. Authentication is the process by which your identity is verified for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:

Select the tab for how you plan to use the samples on this page:
Console

When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.
gcloud
1. After installing the Google Cloud CLI, initialize it by running the following command:
  gcloud init
  If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
  
  Note: If you installed the gcloud CLI previously, make sure you have the latest version by running gcloud components update.
2. Set a default region and zone.
REST

To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.
For more information, see Authenticate for using REST in the Google Cloud authentication documentation.

Ways to create and configure instances

You can create instances in multiple ways, each with its own method of configuration, as follows:

Create your instance by manually specifying a custom configuration. Choose this option if you're creating an instance from the scratch and are facing any of the following scenarios:
- You know the specific configuration that is required for your workload.
- You want to create an instance with a complicated configuration.
- You want to create an instance by using the Google Cloud CLI or REST.
If you choose this method, then also review the list of all configuration options available during instance creation.
Create a workload-optimized instance. In this method, you select your workload type while creating your instance and Google automatically populates a preset configuration that suits your workload. Choose this option if you're starting out with Compute Engine and don't know which configuration best suits your intended workload. This option is available only in the Google Cloud console.
Create your instance by using an instance template. An instance template is a resource that defines configuration settings for instances. Choose this option if you have a defined configuration template and want to create a lot of VMs with the same configuration.
Create your instance by making copies of a machine image. A machine image contains most of the information and data needed for cloning an instance. Choose this option if you want to make multiple copies of an existing source instance.

After you create your compute instance, Compute Engine automatically starts the instance.

Configuration options available during instance creation

When you create a Compute Engine instance, you specify the configuration that you want for your instance. Compute Engine uses this configuration to create your instance. The following table lists the various parameters that you configure during Compute Engine instance creation:

Parameter	What you can configure
Machine configuration	Hardware: You specify a machine family, series, and type, which determines the number of vCPUs, memory, and the CPU platform that Compute Engine allocates for your instance. If the machine type is available on multiple CPU platforms, you can choose the earliest CPU platform to use when creating the instance. For the machine type, you can choose either a predefined machine type or create a [custom machine type](/compute/docs/machine-resource#custom-types) for some machine series. Location: You can choose the region and zone where you want to create your instance. Instance name: Specify a name for the instance that is unique within your project and the selected zone. You can also configure more specific and advanced machine configuration settings such as: Simultaneous multi-threading (SMT) The number of visible cores For C4 instances only: whether the instance runs in all-core-max turbo mode.
Operating system (OS) and storage	Boot disk and OS: Every instance comes with a boot disk for which you can specify a disk name, size, and disk type. You also select the OS image to install on the boot disk in one of the following ways: If you want to use a preconfigured OS image to create your instance, then use a public image. Public images have all the drivers that are necessary to run the instance in Google Cloud. Compute Engine offers many preconfigured public OS images that have compatible Linux or Windows operating systems. If you are creating an instance for an application, you can use a custom image or a shared image to which you added additional drivers and software that support your application. You can also use a snapshot or an existing disk as the source for creating the OS image on the boot disk. Additional disks: You can create and attach one or more non-boot disks to the new instance in the following ways: You can choose to create and attach new, blank disks. You can choose to create and attach new disks from an existing source image or an existing disk. You can choose to attach existing disks. For some machine types, Local SSD disks are automatically attached during instance creation. For a few other machine types, you can choose to attach Local SSD disks during instance creation. For Local SSD disks, you can optionally configure the Local SSD recovery timeout, and which interface to use - NVMe or SCSI Disk configuration: Whether you're configuring a boot disk or an additional data disk, you can specify the following configuration details: Disk name (and optionally a custom device name) Disk size Encryption For Google Cloud Hyperdisk and Extreme Persistent Disk volumes only: the IOPS and throughput performance limits For Hyperdisk Balanced and Hyperdisk Throughput volumes only: whether the disk is created using resources in a Hyperdisk Storage Pool The disk attachment mode (Read-only or Read-write) A label or tag for the disk You can also enable a setting that prevents your disk from being deleted if the attached instance is deleted. Container: You can run containers such as Docker or Kubernetes on any of the following images: Linux public VM images Windows Server public VM images A Container-Optimized OS image. You specify a container image name and other container configuration details. You can also specify mount directories to add `tmpfs` storage and additional disks to the container.
Data protection	Data backup: You can automate recurring backups of your disk and instance data and prepare for disaster recovery in the following ways: Use Backup and DR Service backup plans to back up your entire instance. Use snapshot schedules to automate your disk data backup. To learn how to choose the correct data protection option for your use case, see Data protection options. You can also configure a project-wide default backup setting. This setting specifies which backup method is preselected by default every time you create an instance in the Google Cloud console. To learn more, see Configure the default backup setting for the console Data replication: You can continuously replicate your disk data for disaster protection using cross-zone synchronous replication or cross-region asynchronous replication. Protect non-boot disks only: You can also enable an option that applies your snapshot schedules and data replication settings only to non-boot disks. Choosing this setting can help you reduce costs. However, this setting doesn't apply to backup plans.
Networking	Firewall rules: You can set up a firewall and configure the type of network traffic that you want to allow from the internet. You can also specify a network tag for the firewall rules. Custom hostname: You can specify that Google Cloud should use a custom name for the instance other than the internal DNS name. If you choose this option, then you must manually configure an internal DNS record for the custom hostname. IP forwarding: You can choose whether to configure IP forwarding for the new instance. Network performance: You can configure the instance to use per VM Tier_1 networking performance for higher network performance at additional cost. Network interfaces: By default, a new instance is configured with a single interface that uses the default auto mode Virtual Private Cloud (VPC) network. Alternatively, you can specify a custom mode VPC network and subnet that you created previously. You can also configure additional network interfaces and Dynamic NICs for the instance. For each network interface, you can configure the following properties: The network interface type The IP stack type (IPv4 only, IPv6 only, or dual-stack) The type of IP address for the internal and optional external IP addresses (ephemeral address or a reserved, static address) An alias IP range for the network interface The Network Service Tier that the network interface uses Whether a public DNS PTR record is associated with the external IP address for the network interface
Observability	Ops agent: You can choose to install Ops agent on your instance to collect logs and metrics and monitor instance activity. Virtual displays: You can enable virtual displays on your instance to run screen capturing or remote system management tools on your VM.
Security	Service account: You can attach a service account to your instance. Service accounts allow applications that run on an instance to make authorized Google Cloud API calls and access Google Cloud resources. You can also select the type and level of API access to grant the VM. Confidential computing: You can prevent your data from being accessed while you use an instance by using Confidential Computing to encrypt your data. Shielded VM features: You can make your instance more secure against boot- or kernel-level malware and rootkits by enabling Shielded VM features. VM access: You can control the users who have access to an instance by setting up IAM roles and permissions and SSH keys for authentication.
Advanced configuration	Tags and Labels: To assist with resource organization, you can add Tags and Labels to the instance. Deletion protection: You can protect your instances from being accidentally deleted. Reservations: You can configure your instance to consume any reserved zonal resource capacity to ensure better resource availability. Automation: You can specify a startup script that runs each time the instance starts or reboots. Metadata: You can set custom metadata for your instance to store unique information about the instance. Encryption: You can choose the encryption method and keys to use to protect disk data, memory contents, and metadata when the instance is suspended. This can be different from the encryption used to protect the disk data while the instance is running. You can also configure how the instance behaves if a specified Cloud KMS key is revoked. Provisioning model: You can choose among the standard, spot, flex-start (Preview), or reservation-bound provisioning model. For more information, see Compute Engine instances provisioning model. Sole-tenancy: You can opt for having dedicated physical servers for your instances and specify a sole-tenant node or node group to create the instance in. For general-purpose N series machine types, you can specify whether to enable CPU overcommit for instances running on sole tenant nodes.

What's next

Learn how to create and start a Compute Engine instance.
If you're creating an instance for the first time, then try one of the following tutorials for a basic configuration:
- Create a Linux VM instance in Compute Engine
- Create a Windows Server VM instance in Compute Engine
Learn about what happens to an instance after creation.

Overview of creating Compute Engine instances Stay organized with collections Save and categorize content based on your preferences.

Before you begin

Console

gcloud

REST

Ways to create and configure instances

Configuration options available during instance creation

What's next

Overview of creating Compute Engine instances