This page provides general operating system (OS) details and feature support for the OS images that are available on Compute Engine.
Some OS images are customized specifically to run on Compute Engine and have notable differences from the standard images that come directly from the operating system vendors. These differences are also covered for each OS.
For information about how support and maintenance is provided for these OS images on Compute Engine, based on support package, license type, and image lifecycle stage, see Support and maintenance policy for OS images.
CentOS
CentOS Linux is a free operating system that is derived from Red Hat Enterprise Linux (RHEL). Google Cloud builds and supports the CentOS images available for Compute Engine. There is no license fee for using CentOS with Compute Engine.
CentOS Stream is a distribution that is continuously delivered and tracks just ahead of RHEL development. CentOS Stream is positioned as a midstream development platform between Fedora Linux and RHEL.
Automatic updates
By default, this operating system is configured to install security updates by using the RHEL
yum-cron
or dnf-automatic
tool. The updates have the following behaviors:
- The
yum-cron
ordnf-automatic
does not upgrade VMs between major versions of the operating system. - The upgrade tool is configured to only apply updates marked by the vendor as security updates.
- Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration
The CentOS and CentOS Stream images that are provided by Compute Engine, have the following differences in configuration from standard CentOS images:
Account configuration
- There are no local users configured with passwords.
Bootloader configuration
- To force faster boot times, the boot timeout in the grub configuration is set to
0
. - The I/O scheduler is set to
noop
.
Network configuration
- IPv6 is enabled.
- The DHCP client is set to retry every 10 seconds instead of every 5 minutes. The client is also set to
persistent mode
instead ofoneshot
. - The SSH server configuration is set up as follows:
- Password authentication is disabled.
- To prevent SSH disconnections,
ServerAliveInterval
andClientAliveInterval
are set to 7 minutes. - Root login is disabled.
/etc/udev/rules.d/75-persistent-net-generator.rules
is disabled.- To prevent MAC addresses from persisting,
/etc/udev/rules.d/70-persistent-net.rules
is removed. - By default, all traffic is allowed through the guest firewall because the VPC firewall rules overrides the guest firewall rules. The guest firewall rules remains enabled and can be configured through normal CentOS methods.
- VMs based on Google-provided Linux images get their interface MTU
from the attached VPC MTU. VMs based on custom images or older
Linux images may have their MTU's hardcoded. In these cases, you have to change
the setting yourself if you want to connect the interface to a network with an
MTU other than
1460
. For more information about network and interface MTU, see the maximum transmission unit overview.
Package system and repository configuration
- Google Cloud repositories are enabled to install packages for the Compute Engine
guest environment
and the Google Cloud CLI.
- Repositories are set to use the CentOS default mirror network.
- For CentOS Stream 8, the PowerTools repository is enabled.
- For CentOS 7, EPEL is enabled.
- Automatic updates are configured as follows:
- For CentOS 7, automatic updates are enabled by using
yum-cron
. - For CentOS Stream, automatic updates are enabled by using
dnf automatic
. - For all versions, the
update_cmd
property is set tosecurity
.However, by default CentOS does not offer security tagged repositories. - IPv6 endpoints are disabled in the
yum
ordnf config
files for all versions.
- For CentOS 7, automatic updates are enabled by using
Storage configuration
- By default, images are 20 GB. This is the recommended minimum size.
- The partition table is
GPT
, and there is anEFI
partition to support booting onUEFI
. - The floppy module is disabled because there is no floppy disk controller on Compute Engine .
Time configuration
- The NTP server is set to use the Compute Engine metadata server.
General information
OS version | Image project | Image family | Machine series | Lifecycle stage | EOL and image deprecation date |
---|---|---|---|---|---|
CentOS Stream 9 | centos-cloud |
centos-stream-9 |
All except T2A | GA | TBD |
CentOS Stream 8 | centos-cloud |
centos-stream-8 |
All except T2A | GA | May 2024 |
CentOS 8 | N/A | N/A | N/A | EOL | Dec 2021 |
CentOS 7 | centos-cloud |
centos-7 |
All except T2A | GA | June 30, 2024 |
CentOS 6 | N/A | N/A | N/A | EOL | November 30, 2020 |
Interfaces
OS version | SCSI | NVMe | Google Virtual NIC (gVNIC) | Multiple network interfaces |
---|---|---|---|---|
CentOS Stream 9 | ||||
CentOS Stream 8 | ||||
CentOS 8 | ||||
CentOS 7 | ||||
CentOS 6 |
Security features
OS version | Shielded VM support | Confidential VM support |
---|---|---|
CentOS Stream 9 | ||
CentOS Stream 8 | ||
CentOS 8 | ||
CentOS 7 | ||
CentOS 6 |
User space features
OS version | Guest environment installed | gcloud CLI installed | OS Login supported | Suspend and resume supported |
---|---|---|---|---|
CentOS Stream 9 | ||||
CentOS Stream 8 | ||||
CentOS 8 | ||||
CentOS 7 | ||||
CentOS 6 |
Networking features
OS version | Tier_1 networking# | 200 Gbps network bandwidth# | Jumbo frames/MTU |
---|---|---|---|
CentOS Stream 9 | |||
CentOS Stream 8 | |||
CentOS 8 | EOL | EOL | EOL |
CentOS 7 | * | † | |
CentOS 6 | EOL | EOL | EOL |
* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".
† Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.
# Only available with certain machine series.
GPU support
N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.
OS version | N1+GPU | A2 (A100) | G2 (L4) |
---|---|---|---|
CentOS Stream 9 | |||
CentOS Stream 8 | |||
CentOS 8 | EOL | EOL | EOL |
CentOS 7 | |||
CentOS 6 | EOL | EOL | EOL |
VM Manager
OS version | OS Config agent installed | OS inventory supported | OS configuration supported | OS patch supported |
---|---|---|---|---|
CentOS Stream 9 | ||||
CentOS Stream 8 | ||||
CentOS 8 | ||||
CentOS 7 | ||||
CentOS 6 |
Import
For operating system support information on migrating VMs using Migrate to Virtual Machines, see supported operating systems.
OS version | Import disk | Import virtual appliance | Import machine image |
---|---|---|---|
CentOS Stream 9 | |||
CentOS Stream 8 | |||
CentOS 8 | |||
CentOS 7 | |||
CentOS 6 |
License
OS version | License type | License |
---|---|---|
CentOS Stream 9 | Free |
https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-stream-9
|
CentOS Stream 8 | Free |
https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-stream
|
CentOS 8 | EOL | EOL |
CentOS 7 | Free |
https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-7
|
CentOS 6 | EOL | EOL |
Container-Optimized OS (COS)
Container-Optimized OS from Google is an operating system image for your Compute Engine instances that is optimized for running Docker containers. Google Cloud builds and supports the Container-Optimized OS images available for Compute Engine. There is no license fee for using Container-Optimized OS with Compute Engine.
For more information about Container-Optimized OS, see the Container-Optimized OS overview or release notes.
Automatic updates
By default, this operating system is configured to install security updates by using Automatic updates. The updates have the following behaviors:
- These automatic updates from the operating system vendor do not upgrade instances between major versions of the operating system.
- Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration
Network configuration
- VMs based on Google-provided Linux images get their interface MTU
from the attached VPC MTU. VMs based on custom images or older
Linux images may have their MTU's hardcoded. In these cases, you have to change
the setting yourself if you want to connect the interface to a network with an
MTU other than
1460
. For more information about network and interface MTU, see the maximum transmission unit overview.
General information
OS version | Image project | x86 image family | Arm image family | Machine series | Lifecycle stage | EOL and image deprecation date |
---|---|---|---|---|---|---|
COS 105 LTS | cos-cloud |
cos-105-lts |
cos-arm64-105-lts |
All except G2 | GA | March 2025 |
COS 101 LTS | cos-cloud |
cos-101-lts |
cos-arm64-101-lts |
All except G2 | GA | September 2024 |
COS 97 LTS | cos-cloud |
cos-97-lts |
N/A |
All except T2A, G2 | GA | March 2024 |
COS 93 LTS | cos-cloud |
cos-93-lts |
N/A |
All except T2A, G2 | GA | October 2023 |
COS 89 LTS | N/A | N/A | N/A | N/A | EOL | March 2023 |
Interfaces
OS version | SCSI | NVMe | Google Virtual NIC (gVNIC) | Multiple network interfaces |
---|---|---|---|---|
COS 105 LTS | ||||
COS 101 LTS | ||||
COS 97 LTS | ||||
COS 93 LTS | ||||
COS 89 LTS |
Security features
OS version | Shielded VM support | Confidential VM support |
---|---|---|
COS 105 LTS | ||
COS 101 LTS | ||
COS 97 LTS | ||
COS 93 LTS | ||
COS 89 LTS |
User space features
OS version | Guest environment installed | gcloud CLI installed | OS Login supported | Suspend and resume supported |
---|---|---|---|---|
COS 105 LTS | ||||
COS 101 LTS | ||||
COS 97 LTS | ||||
COS 93 LTS | ||||
COS 89 LTS |
Networking features
OS version | Tier_1 networking# | 200 Gbps network bandwidth# | Jumbo frames/MTU |
---|---|---|---|
COS 105 LTS | |||
COS 101 LTS | |||
COS 97 LTS | |||
COS 93 LTS | |||
COS 89 LTS | * | † |
* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".
† Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.
# Only available with certain machine series.
GPU support
N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.
For G2 VMs, the current default driver for Container-Optimized OS, don't support L4 GPUs running on G2 machine types. You might be able to install a supported version, see G2 limitations.
OS version | N1+GPU | A2 (A100) | G2 (L4) |
---|---|---|---|
COS 105 LTS | |||
COS 101 LTS | |||
COS 97 LTS | |||
COS 93 LTS | |||
COS 89 LTS |
VM Manager
OS version | OS Config agent installed | OS inventory supported | OS configuration supported | OS patch supported |
---|---|---|---|---|
COS 105 LTS | ||||
COS 101 LTS | ||||
COS 97 LTS | ||||
COS 93 LTS | ||||
COS 89 LTS |
Import
For operating system support information on migrating VMs using Migrate to Virtual Machines, see supported operating systems.
OS version | Import disk | Import virtual appliance | Import machine image |
---|---|---|---|
COS 105 LTS | |||
COS 101 LTS | |||
COS 97 LTS | |||
COS 93 LTS | |||
COS 89 LTS |
License
OS version | License type | License |
---|---|---|
COS 105 LTS | Free |
https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
|
COS 101 LTS | Free |
https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
|
COS 97 LTS | Free |
https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
|
COS 93 LTS | Free |
https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
|
COS 89 LTS | Free |
https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
|
Debian
Debian is a free operating system offered by the Debian community. Google Cloud builds and supports the Debian images available for Compute Engine. There is no license fee for using Debian with Compute Engine.
Automatic updates
By default, this operating system is configured to install security updates by using the Debian
UnattendedUpgrades
tool. The updates have the following behaviors:
- The
UnattendedUpgrades
tool does not upgrade VMs between major versions of the operating system. - The
UnattendedUpgrades
tool is configured to only automatically apply updates obtained from the Debian security repository. - Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration
The Debian image build configuration is available in an open source GitHub repository.
- Debian build tools come from the Debian Cloud team image project.
Debian images are always built with the latest Debian packages which reflect the most recent Debian point release.
The Debian images that are provided by Compute Engine, have the following differences in configuration from standard Debian images:
Account configuration
- There are no local users configured with passwords.
Bootloader configuration
- To force faster boot times, the boot timeout in the grub configuration is set to
0
. - The I/O scheduler is set to
noop
. - To allow SCSI block multi-queue usage,
scsi_mod.use_blk_mq
is enabled.
Network configuration
- IPv6 is enabled.
- The SSH server configuration is set up as follows:
- Password authentication is disabled.
- Root login is disabled.
- To prevent MAC addresses from persisting,
/etc/udev/rules.d/70-persistent-net.rules
is removed. - VMs based on Google-provided Linux images get their interface MTU
from the attached VPC MTU. VMs based on custom images or older
Linux images may have their MTU's hardcoded. In these cases, you have to change
the setting yourself if you want to connect the interface to a network with an
MTU other than
1460
. For more information about network and interface MTU, see the maximum transmission unit overview.
Package system and repository configuration
- Google Cloud repositories are enabled to install packages for the Compute Engine guest environment and the Google Cloud CLI. The guest environment packages and the Google Cloud CLI packages are installed and enabled by default.
- The APT sources are set to use the Debian CDN.
- The
Unattended-upgrades
package is installed and configured to download and install Debian security updates daily. This can be configured or disabled by changing the values in/etc/apt/apt.conf.d/50unattended-upgrades
and/etc/apt/apt.conf.d/02periodic
. - The
cloud-initramfs-growroot
package is removed and replaced with the Google supportedgce-disk-expand
package. - Debian 10+ includes the following:
- The
linux-image-cloud-amd64
kernel instead of the generic Debian kernel. - The
haveged
package to provide entropy.
- The
Storage configuration
- Images are 10 GB by default.
- The partition table is
GPT
, and there is anEFI
partition to support booting onUEFI
. There is also an MBR boot block to support BIOS. - The floppy module is disabled because there is no floppy disk controller on Compute Engine.
Time configuration
- The NTP server is set to use the Compute Engine metadata server.
General information
OS version | Image project | x86 image family | Arm image family | Machine series | Lifecycle stage | EOL and image deprecation date |
---|---|---|---|---|---|---|
Debian 12 | debian-cloud |
debian-12 |
debian-12-arm64 |
All | GA | TBD |
Debian 11 | debian-cloud |
debian-11 |
debian-11-arm64 |
All | GA | June 2026 |
Debian 10 | debian-cloud |
debian-10 |
N/A | All except T2A, M3, C3, H3 | LTS* | June 2024 |
Debian 9 | N/A | N/A | N/A | N/A | EOL | June 2022 |
*Debian LTS: Debian is supporting this release with Debian LTS. Critical security updates are provided via the Debian LTS project for the duration of the LTS lifecycle.
Interfaces
OS version | SCSI | NVMe | Google Virtual NIC (gVNIC) | Multiple network interfaces |
---|---|---|---|---|
Debian 12 | ||||
Debian 11 | ||||
Debian 10 | ||||
Debian 9 | * |
*This OS image supports NVMe but does not include all optimizations for NVMe.
Security features
OS version | Shielded VM support | Confidential VM support |
---|---|---|
Debian 12 | ||
Debian 11 | ||
Debian 10 | ||
Debian 9 |
User space features
OS version | Guest environment installed | gcloud CLI installed | OS Login supported | Suspend and resume supported |
---|---|---|---|---|
Debian 12 | ||||
Debian 11 | ||||
Debian 10 | ||||
Debian 9 |
Networking features
OS version | Tier_1 networking# | 200 Gbps network bandwidth# | Jumbo frames/MTU |
---|---|---|---|
Debian 12 | * | † | |
Debian 11 | * | † | |
Debian 10 | † | ||
Debian 9 | EOL | EOL | EOL |
* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".
† Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.
# Only available with certain machine series.
GPU support
N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.
OS version | N1+GPU | A2 (A100) | G2 (L4) |
---|---|---|---|
Debian 12 | |||
Debian 11 | |||
Debian 10 | |||
Debian 9 | EOL | EOL | EOL |
VM Manager
OS version | OS Config agent installed | OS inventory supported | OS configura |
---|