Creating, deleting, and deprecating custom images


You can create custom images from source disks, images, snapshots, or images stored in Cloud Storage and use these images to create virtual machine (VM) instances. Custom images are ideal for situations where you have created and modified a persistent boot disk or specific image to a certain state and need to save that state for creating VMs.

Alternatively, you can use the virtual disk import tool to import boot disk images to Compute Engine from your existing systems and add them to your custom images list.

Before you begin

Create a custom image

This section describes how to create a custom image on a Linux VM. For information about creating a Windows image, see Creating a Windows image.

Select an image storage location

When creating a custom image, you can specify the image's Cloud Storage location, excluding dual-region locations. By specifying the image storage location, you can meet your regulatory and compliance requirements for data locality as well as your high availability needs by ensuring redundancy across regions. To create, modify, and delete images stored in Cloud Storage, you must have roles/compute.storageAdmin.

The storage location feature is optional. If you don't select a location, Compute Engine stores your image in the multi-region closest to the image source. For example, when you create an image from a source disk that is located in us-central1 and if you don't specify a location for the custom image, then Compute Engine stores the image in the us multi-region.

If the image is not available in a region where you are creating a VM, Compute Engine caches the image in that region the first time you create a VM.

To see the location where an image is stored, use the images describe command from gcloud compute:

gcloud compute images describe IMAGE_NAME \
    --project=PROJECT_ID

Replace the following:

  • IMAGE_NAME: the name of your image.

  • PROJECT_ID: the project ID to which the image belongs.

All of your existing images prior to this feature launch remain where they are, the only change is that you can view the image location of all your images. If you have an existing image you want to move, you must recreate it in the desired location.

Prepare your VM for an image

You can create an image from a disk even while it is attached to a running VM. However, your image is more reliable if you put the VM in a state that is easier for the image to capture. Use one of the following processes to prepare your boot disk for the image:

  • Stop the VM so that it can shut down and stop writing any data to the persistent disk.

  • If you can't stop your VM before you create the image, minimize the amount of writes to the disk and sync your file system. To minimize writing to your persistent disk, follow these steps:

    1. Pause apps or operating system processes that write data to that persistent disk.
    2. Run an app flush to disk if necessary. For example, MySQL has a FLUSH statement. Other apps might have similar processes.
    3. Stop your apps from writing to your persistent disk.
    4. Run sudo sync.

After you prepare the VM, create the image.

Create the image

You can create disk images from the following sources:

  • A persistent disk, even while that disk is attached to a VM
  • A snapshot of a persistent disk
  • Another image in your project
  • An image that is shared from another project
  • A compressed RAW image in Cloud Storage

You can create a disk image once every 10 minutes. If you want to issue a burst of requests to create a disk image, you can issue at most 6 requests in 60 minutes. For more information, see Snapshot frequency limits.

Console

  1. In the Google Cloud Console, go to the Create an image page.

    Go to Create an image

  2. Specify the Name of your image.

  3. Specify the Source from which you want to create an image. This can be a persistent disk, a snapshot, another image, or a disk.raw file in Cloud Storage.

  4. If you are creating an image from a disk attached to a running VM, check Keep instance running to confirm that you want to create the image while the VM is running. You can prepare your VM before creating the image.

  5. In the Based on source disk location (default) drop-down list, specify the location to store the image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

  6. Optional: specify the properties for your image.

    • Family: the image family this new image belongs to.
    • Description: a description for your custom image.
    • Label: a label to group together resources.
  7. Specify the encryption key. You can choose between a Google-managed key, a Cloud Key Management Service (Cloud KMS) key or a customer- supplied encryption (CSEK) key. If no encryption key is specified, images are encrypted using a Google-managed key.

  8. Click Create to create the image.

gcloud

In the gcloud command-line tool, use the gcloud compute images create command to create a custom image.

Create an image from a source disk:

The --force flag is an optional flag that lets you create the image from a running instance. By default, you cannot create images from running instances. Specify this flag only if you are sure that you want to create the image while the instance is running.

gcloud compute images create IMAGE_NAME \
    --source-disk=SOURCE_DISK \
    --source-disk-zone=ZONE \
    [--family=IMAGE_FAMILY] \
    [--storage-location=LOCATION] \
    [--force]

Replace the following:

  • IMAGE_NAME: a name for the new image
  • SOURCE_DISK: the disk from which you want to create the image
  • ZONE: the zone where the disk is located
  • IMAGE_FAMILY: Optional: a flag that specifies which image family this image belongs to
  • LOCATION: Optional: a flag that lets you designate the region or multi-region where your image is stored. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

Create an image from a source image:

gcloud compute images create IMAGE_NAME \
  --source-image=SOURCE_IMAGE \
  [--source-image-project=IMAGE_PROJECT] \
  [--family=IMAGE_FAMILY] \
  [--storage-location=LOCATION]

Replace the following:

  • IMAGE_NAME: a name for the new image.
  • SOURCE_IMAGE: the image from which you want to create the new image.
  • IMAGE_PROJECT: Optional: the project the source image is located in. Use this parameter if you want to copy an image from another project.
  • IMAGE_FAMILY: Optional: the image family this new image belongs to.
  • LOCATION: Optional: lets you designate the region or multi-region where your image is stored. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you do not make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

Create an image from a snapshot:

gcloud compute images create IMAGE_NAME \
    --source-snapshot=SOURCE_SNAPSHOT \
    [--storage-location=LOCATION]

Replace the following:

  • IMAGE_NAME: a name for the new image
  • SOURCE_SNAPSHOT: the snapshot from which you want to create the image
  • LOCATION: Optional: a flag that lets you designate the region or multi-region where your image is stored. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

View an image location:

Use the gcloud compute images describe command to view an image location.

gcloud compute images describe IMAGE_NAME

Replace IMAGE_NAME with the name of your image that you want to review.

API

Make a POST request to the images().insert method, a URL in the request body that points to the source object from which you want to create the image. Specify URLs to your resources using your own project ID and resource names.

Create an image from a persistent disk:

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images

{
  "name": "IMAGE_NAME",
  "sourceDisk": "/zones/ZONE/disks/SOURCE_DISK",
  ("storageLocations": "LOCATION",)
  ("forceCreate": "TRUE")
}

Replace the following:

  • PROJECT_ID: the project ID to which the image belongs.
  • IMAGE_NAME: a name for the new image that you want to create.
  • ZONE: the zone where the source disk is located.
  • SOURCE_DISK: the disk from which you want to create the image.
  • LOCATION: Optional: the storage location of your image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

The optional forceCreate parameter lets you create the image from a running VM. Specify TRUE only if you are sure that you want to create the image from a running VM. The forceCreate default setting is FALSE.

Create an image from another image:

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images

{
  "name": "IMAGE_NAME",
  "sourceImage": "/global/images/SOURCE_IMAGE",
  ("storageLocations": "LOCATION")
}

Replace the following:

  • PROJECT_ID: the project to which the image belongs.
  • IMAGE_NAME: a name for the new image that you want to create.
  • SOURCE_IMAGE: the image from which you want to create the image.
  • LOCATION: Optional: the storage location of your image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you do not make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

Create an image from a snapshot:

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images
{
  "name": "IMAGE_NAME",
  "sourceSnapshot": "(/SOURCE_PROJECT_ID)/global/snapshots/SOURCE_SNAPSHOT",
  ("storageLocations": "LOCATION")
}

Replace the following:

  • PROJECT_ID: the project to which the image belongs.
  • IMAGE_NAME: a name for the new image that you want to create.
  • SOURCE_PROJECT_ID: Optional: the project the snapshot is located in. You must have permission to access the snapshot resource in that project.
  • SOURCE_SNAPSHOT: the snapshot from which you want to create the image.
  • LOCATION: Optional: the storage location of your image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you do not make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

For more information about adding images, see the images reference.

Share the image

After creating a custom image, you can share it across projects. If you allow users from another project to use your custom images, then they can access these images by specifying the image project in their request.

Deprecate a custom image

Compute Engine lets you deprecate a custom image that you own by setting the deprecation status on the image. Each deprecation status causes a different response from the server, helping you transition users away from unsupported images in a manageable way. Use the Google Cloud Console, the gcloud command-line tool, or the Compute Engine API method to deprecate an image.

Deprecation states

The following deprecation states are supported:

  • ACTIVE: the image is active and can be used as normal. Image families point to the most recent and active image in a family.
  • DEPRECATED: the image is marked deprecated but can still be used to create a VM. New links to this image are allowed. Image families no longer point to this image even if it is the most recent image in the family.

    If you create a VM with a deprecated image using the gcloud command-line tool, the request succeeds with a warning.

  • OBSOLETE: the image is marked obsolete and is no longer available for use. An error message is returned if you try to use this image in a request. Existing links to this image are still allowed.

  • DELETED: this image is deleted. An error message is returned if you try to use a deleted image.

You can revert a deprecation (make an image active again), by changing the deprecation state to ACTIVE.

Console

  1. In the Google Cloud Console, go to the Images page.

    Go to Images

  2. For the image you want to deprecate, click Actions.

  3. Select Deprecate.

  4. For state, select either Deprecated or Obsolete. For more information about states, see Deprecation states.

  5. Optional: Specify a replacement image.

  6. Click Deprecate Image.

gcloud

Use the gcloud compute images deprecate command to set the deprecation status of an image.

gcloud compute images deprecate IMAGE_NAME \
    --state STATE \
    --replacement REPLACEMENT

Replace the following:

  • IMAGE_NAME: the name of the image to deprecate
  • STATE: the deprecation state
  • REPLACEMENT: the image to replace the one that is deprecated

API

Make a POST request to the images().deprecate method. Specify the name of the image you want to deprecate.

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images/RESOURCE_ID/deprecate

{
  "state": "STATE",
  "replacement": "REPLACEMENT"
}

Replace the following:

  • PROJECT_ID: the project to which the image belongs.
  • RESOURCE_ID: the name of the image that you are deprecating.
  • STATE: the deprecation state of this resource.
  • REPLACEMENT: the image to replace the one that is deprecated.

Delete a custom image

You can only delete custom images that you, or someone who has access to the project, have added. Use the Google Cloud Console, gcloud command-line tool, or the Compute Engine API method to delete the image.

Console

  1. In the Google Cloud Console, go to the Images page.

    Go to Images

  2. Check the box to the left of the image you want to delete.

  3. Click Delete at the top of the page. Your image is deleted.

gcloud

Use the gcloud compute images delete command to delete an image:

gcloud compute images delete IMAGE_NAME

Replace IMAGE_NAME with the name of the image to delete.

API

Make a POST request to the images().delete method. Specify the name of the image you want to delete.

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images/RESOURCE_ID

Replace the following:

  • PROJECT_ID: the project to which the image belongs.
  • RESOURCE_ID: the name of the image that you want to delete.

Set image versions in an image family

Use image families to simplify image versioning. Add an image to an image family to set it as the most recent image version. If you determine that you must roll back the image family to a previous image version, deprecate the most recent image in the family.

For best practices when working with image families, see Image families best practices.

Optionally, you can specify the image's storage location by using the Google Cloud Console, the gcloud compute images create command with the --storage-location flag, or the images().insert method.

For example, create an image named image-v1 as part of an image family.

Console

  1. In the Google Cloud Console, go to the Create an image page.

    Go to Create an image

  2. Specify the Name of your image. For example, image-v1.

  3. Specify the Source from which you want to create an image. This can be a persistent disk, a snapshot, another image, or a disk.raw file in Cloud Storage.

  4. If you are creating an image from a disk attached to a running VM, check Keep instance running to confirm that you want to create the image while the VM is running. You can prepare your VM before creating the image.

  5. In the Based on source disk location (default) drop-down list, specify the location to store the image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you do not make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

  6. Specify the image Family for the new image. For example, add my-image-family to organize the image as part of an image family.

  7. Optional: specify other image properties:

    • Description: a description for your custom image.
    • Label: a label to group together resources.
  8. Specify the encryption key. You can choose between a Google-managed key, a Cloud Key Management Service (Cloud KMS) key or a customer- supplied encryption (CSEK) key. If no encryption key is specified, images are encrypted using a Google-managed key.

  9. Click Create to create the image.

gcloud

gcloud compute images create image-v1 \
    --source-disk disk-1 \
    --source-disk-zone us-central1-f \
    --family my-image-family

The image family points to image-v1. Add a second image to the family:

gcloud compute images create image-v2 \
    --source-disk disk-2 \
    --source-disk-zone us-central1-f \
    --family my-image-family

API

Make a POST request to the images().insert method. Specify the image family in the request body.

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images

{
  "name": "image-v2",
  "sourceDisk": "/zones/us-central1-f/disks/disk-2",
  "family":"my-image-family",

}

The image family points to image-v2 because it is the most recent image that you added to the image family.

gcloud

You can see which image a family points to by running the gcloud compute images describe-from-family command.

For example:

gcloud compute images describe-from-family my-image-family

family: my-image-family
id: '8904691942610171306'
kind: compute#image
name: image-v2
selfLink: https://compute.googleapis.com/compute/v1/projects/my-project/global/images/image-v2
sourceDisk: https://compute.googleapis.com/compute/v1/projects/my-project/zones/us-central1-f/disks/disk-v2
sourceDiskId: '1677449456001963379'
sourceType: RAW
status: READY

API

Make a GET request to the images().getFromFamily method. Specify the image family in the request body.

GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images/family

{
  "resourceId":"my-image-family",

}

If you determine that you must roll back the image family so that it no longer points to image-v2, deprecate image-v2 and the family will again point to image-v1.

gcloud compute images deprecate image-v2 \
    --state DEPRECATED \
    --replacement image-v1

Check to make sure that the image family is pointing to image-v1.

gcloud compute images describe-from-family my-image-family

family: my-image-family
id: '2741732787056801255'
kind: compute#image
name: image-v1
selfLink: https://compute.googleapis.com/compute/v1/projects/my-project/global/images/image-v1
sourceDisk: https://compute.googleapis.com/compute/v1/projects/my-project/zones/us-central1-f/disks/disk-v1
sourceDiskId: '1677449456001963379'
sourceType: RAW
status: READY

Enable guest operating system features on custom images

Use guest operating system (OS) features to configure the following networking, security, storage, and operating system options on custom images. These custom images can be used as boot disks.

  • Multi-IP subnets: configures interfaces with a netmask other than /32
  • UEFI compatibility: used for booting with UEFI firmware and the following Shielded VM features:
  • Multiqueue SCSI on local SSD devices as an alternative to NVMe:
    • For Linux images, you can enable multiqueue SCSI on local SSD devices on images with kernel versions 3.17 and later.
    • For Windows images, you can enable multiqueue SCSI on local SSD devices on images with driver version 1.2.0.1621 or later.
  • Windows support: tags Windows Server custom boot images as Windows images.

gcloud

Use the gcloud compute images create command with the --guest-os-features flag to create a new custom image from an existing custom image.

gcloud compute images create IMAGE_NAME \
    --source-image=SOURCE_IMAGE \
    [--source-image-project=IMAGE_PROJECT] \
    --guest-os-features="FEATURES,..." \
    [--storage-location=LOCATION]

Replace the following:

  • IMAGE_NAME: the name for the new image.
  • SOURCE_IMAGE: an image to base the new image on.
  • IMAGE_PROJECT: Optional: the project containing the source image. Use this parameter to copy an image from another project.
  • FEATURES: IDs, separated by commas, of the guest OS features to enable for the image. Set to one or more of the following values:
    • MULTI_IP_SUBNET
    • UEFI_COMPATIBLE
    • VIRTIO_SCSI_MULTIQUEUE
    • WINDOWS
  • LOCATION: Optional: region or multi-region in which to store the image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.

API

Use the images().insert method with the guestOsFeatures flag to create a new custom image from an existing custom image.


POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images

{
 "name": "IMAGE_NAME",
 "sourceImage": "(projects/IMAGE_PROJECT)/global/images/SOURCE_IMAGE",
 ("storageLocations": "LOCATION",)
 "guestOsFeatures": [
  {
   "type": "FEATURES"
  }
 ]
}

Replace the following:

  • PROJECT_ID: the ID of the project in which to create the new image.
  • IMAGE_NAME: a name for the new image.
  • IMAGE_PROJECT: Optional: the project containing the source image. Use this parameter to copy an image from another project.
  • SOURCE_IMAGE: the image to base the new image on.
  • LOCATION: Optional: a region or multi-region in which to store the image. For example, specify us to store the image in the us multi-region, or us-central1 to store it in the us-central1 region. If you don't make a selection, Compute Engine stores the image in the multi-region closest to your image's source location.
  • FEATURES: IDs, separated by commas, of guest OS features to enable for the image. Set to one or more of the following values:
    • MULTI_IP_SUBNET
    • UEFI_COMPATIBLE
    • VIRTIO_SCSI_MULTIQUEUE
    • WINDOWS

What's next