Operating system details


This page provides general operating system (OS) details and feature support for the OS images that are available on Compute Engine.

Some OS images are customized specifically to run on Compute Engine and have notable differences from the standard images that come directly from the operating system vendors. These differences are also covered for each OS.

For information about how support and maintenance is provided for these OS images on Compute Engine, based on support package, license type, and image lifecycle stage, see Support and maintenance policy for OS images.

CentOS

CentOS Linux is a free operating system that is derived from Red Hat Enterprise Linux (RHEL). Google Cloud builds and supports the CentOS images available for Compute Engine. There is no license fee for using CentOS with Compute Engine.

CentOS Stream is a distribution that is continuously delivered and tracks just ahead of RHEL development. CentOS Stream is positioned as a midstream development platform between Fedora Linux and RHEL.

Automatic updates

By default, this operating system is configured to install security updates by using the RHEL yum-cron or dnf-automatic tool. The updates have the following behaviors:

  • The yum-cron or dnf-automatic does not upgrade VMs between major versions of the operating system.
  • The upgrade tool is configured to only apply updates marked by the vendor as security updates.
  • Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration

The CentOS and CentOS Stream images that are provided by Compute Engine, have the following differences in configuration from standard CentOS images:

Account configuration

  • There are no local users configured with passwords.

Bootloader configuration

  • To force faster boot times, the boot timeout in the grub configuration is set to 0.
  • The I/O scheduler is set to noop.

Network configuration

  • IPv6 is enabled.
  • The DHCP client is set to retry every 10 seconds instead of every 5 minutes. The client is also set to persistent mode instead of oneshot.
  • The SSH server configuration is set up as follows:
    • Password authentication is disabled.
    • To prevent SSH disconnections, ServerAliveInterval and ClientAliveInterval are set to 7 minutes.
    • Root login is disabled.
  • /etc/udev/rules.d/75-persistent-net-generator.rules is disabled.
  • To prevent MAC addresses from persisting, /etc/udev/rules.d/70-persistent-net.rules is removed.
  • By default, all traffic is allowed through the guest firewall because the VPC firewall rules overrides the guest firewall rules. The guest firewall rules remains enabled and can be configured through normal CentOS methods.
  • VMs based on Google-provided Linux images get their interface MTU from the attached VPC MTU. VMs based on custom images or older Linux images may have their MTU's hardcoded. In these cases, you have to change the setting yourself if you want to connect the interface to a network with an MTU other than 1460. For more information about network and interface MTU, see the maximum transmission unit overview.

Package system and repository configuration

  • Google Cloud repositories are enabled to install packages for the Compute Engine guest environment and the Google Cloud CLI.
  • Repositories are set to use the CentOS default mirror network.
    • For CentOS Stream 8, the PowerTools repository is enabled.
    • For CentOS 7, EPEL is enabled.
  • Automatic updates are configured as follows:
    • For CentOS 7, automatic updates are enabled by using yum-cron.
    • For CentOS Stream, automatic updates are enabled by using dnf automatic.
    • For all versions, the update_cmd property is set to security.However, by default CentOS does not offer security tagged repositories.
    • IPv6 endpoints are disabled in the yum or dnf config files for all versions.

Storage configuration

  • By default, images are 20 GB. This is the recommended minimum size.
  • The partition table is GPT, and there is an EFI partition to support booting on UEFI.
  • The floppy module is disabled because there is no floppy disk controller on Compute Engine .

Time configuration

  • The NTP server is set to use the Compute Engine metadata server.

General information

OS version Image project Image family Machine series Lifecycle stage EOL and image deprecation date
CentOS Stream 9 centos-cloud centos-stream-9 All except T2A GA TBD
CentOS Stream 8 centos-cloud centos-stream-8 All except T2A GA May 2024
CentOS 8 N/A N/A N/A EOL Dec 2021
CentOS 7 centos-cloud centos-7 All except T2A GA June 30, 2024
CentOS 6 N/A N/A N/A EOL November 30, 2020

Interfaces

OS version SCSI NVMe Google Virtual NIC (gVNIC) Multiple network interfaces
CentOS Stream 9
CentOS Stream 8
CentOS 8
CentOS 7
CentOS 6

Security features

OS version Shielded VM support Confidential VM support
CentOS Stream 9
CentOS Stream 8
CentOS 8
CentOS 7
CentOS 6

User space features

OS version Guest environment installed gcloud CLI installed OS Login supported Suspend and resume supported
CentOS Stream 9
CentOS Stream 8
CentOS 8
CentOS 7
CentOS 6

Networking features

OS version Tier_1 networking# 200 Gbps network bandwidth# Jumbo frames/MTU
CentOS Stream 9
CentOS Stream 8
CentOS 8 EOL EOL EOL
CentOS 7 *
CentOS 6 EOL EOL EOL

* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".

Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.

# Only available with certain machine series.

GPU support

N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.

OS version N1+GPU A2 (A100) G2 (L4)
CentOS Stream 9
CentOS Stream 8
CentOS 8 EOL EOL EOL
CentOS 7
CentOS 6 EOL EOL EOL

VM Manager

OS version OS Config agent installed OS inventory supported OS configuration supported OS patch supported
CentOS Stream 9
CentOS Stream 8
CentOS 8
CentOS 7
CentOS 6

Import

For operating system support information on migrating VMs using Migrate to Virtual Machines, see supported operating systems.

OS version Import disk Import virtual appliance Import machine image
CentOS Stream 9
CentOS Stream 8
CentOS 8
CentOS 7
CentOS 6

License

OS version License type License
CentOS Stream 9 Free https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-stream-9
CentOS Stream 8 Free https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-stream
CentOS 8 EOL EOL
CentOS 7 Free https://www.googleapis.com/compute/v1/projects/centos-cloud/global/licenses/centos-7
CentOS 6 EOL EOL

Container-Optimized OS (COS)

Container-Optimized OS from Google is an operating system image for your Compute Engine instances that is optimized for running Docker containers. Google Cloud builds and supports the Container-Optimized OS images available for Compute Engine. There is no license fee for using Container-Optimized OS with Compute Engine.

For more information about Container-Optimized OS, see the Container-Optimized OS overview or release notes.

Automatic updates

By default, this operating system is configured to install security updates by using Automatic updates. The updates have the following behaviors:

  • These automatic updates from the operating system vendor do not upgrade instances between major versions of the operating system.
  • Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration

Network configuration

  • VMs based on Google-provided Linux images get their interface MTU from the attached VPC MTU. VMs based on custom images or older Linux images may have their MTU's hardcoded. In these cases, you have to change the setting yourself if you want to connect the interface to a network with an MTU other than 1460. For more information about network and interface MTU, see the maximum transmission unit overview.

General information

OS version Image project x86 image family Arm image family Machine series Lifecycle stage EOL and image deprecation date
COS 105 LTS cos-cloud cos-105-lts cos-arm64-105-lts All except G2 GA March 2025
COS 101 LTS cos-cloud cos-101-lts cos-arm64-101-lts All except G2 GA September 2024
COS 97 LTS cos-cloud cos-97-lts N/A All except T2A, G2 GA March 2024
COS 93 LTS cos-cloud cos-93-lts N/A All except T2A, G2 GA October 2023
COS 89 LTS N/A N/A N/A N/A EOL March 2023

Interfaces

OS version SCSI NVMe Google Virtual NIC (gVNIC) Multiple network interfaces
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

Security features

OS version Shielded VM support Confidential VM support
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

User space features

OS version Guest environment installed gcloud CLI installed OS Login supported Suspend and resume supported
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

Networking features

OS version Tier_1 networking# 200 Gbps network bandwidth# Jumbo frames/MTU
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS *

* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".

Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.

# Only available with certain machine series.

GPU support

N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.

For G2 VMs, the current default driver for Container-Optimized OS, don't support L4 GPUs running on G2 machine types. You might be able to install a supported version, see G2 limitations.

OS version N1+GPU A2 (A100) G2 (L4)
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

VM Manager

OS version OS Config agent installed OS inventory supported OS configuration supported OS patch supported
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

Import

For operating system support information on migrating VMs using Migrate to Virtual Machines, see supported operating systems.

OS version Import disk Import virtual appliance Import machine image
COS 105 LTS
COS 101 LTS
COS 97 LTS
COS 93 LTS
COS 89 LTS

License

OS version License type License
COS 105 LTS Free https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
COS 101 LTS Free https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
COS 97 LTS Free https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
COS 93 LTS Free https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos
COS 89 LTS Free https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos

Debian

Debian is a free operating system offered by the Debian community. Google Cloud builds and supports the Debian images available for Compute Engine. There is no license fee for using Debian with Compute Engine.

Automatic updates

By default, this operating system is configured to install security updates by using the Debian UnattendedUpgrades tool. The updates have the following behaviors:

  • The UnattendedUpgrades tool does not upgrade VMs between major versions of the operating system.
  • The UnattendedUpgrades tool is configured to only automatically apply updates obtained from the Debian security repository.
  • Some updates require reboots to take effect. These reboots do not happen automatically.
Image configuration

The Debian image build configuration is available in an open source GitHub repository.

  • Debian build tools come from the Debian Cloud team image project.

Debian images are always built with the latest Debian packages which reflect the most recent Debian point release.

The Debian images that are provided by Compute Engine, have the following differences in configuration from standard Debian images:

Account configuration

  • There are no local users configured with passwords.

Bootloader configuration

  • To force faster boot times, the boot timeout in the grub configuration is set to 0.
  • The I/O scheduler is set to noop.
  • To allow SCSI block multi-queue usage, scsi_mod.use_blk_mq is enabled.

Network configuration

  • IPv6 is enabled.
  • The SSH server configuration is set up as follows:
    • Password authentication is disabled.
    • Root login is disabled.
  • To prevent MAC addresses from persisting, /etc/udev/rules.d/70-persistent-net.rules is removed.
  • VMs based on Google-provided Linux images get their interface MTU from the attached VPC MTU. VMs based on custom images or older Linux images may have their MTU's hardcoded. In these cases, you have to change the setting yourself if you want to connect the interface to a network with an MTU other than 1460. For more information about network and interface MTU, see the maximum transmission unit overview.

Package system and repository configuration

  • Google Cloud repositories are enabled to install packages for the Compute Engine guest environment and the Google Cloud CLI. The guest environment packages and the Google Cloud CLI packages are installed and enabled by default.
  • The APT sources are set to use the Debian CDN.
  • The Unattended-upgrades package is installed and configured to download and install Debian security updates daily. This can be configured or disabled by changing the values in /etc/apt/apt.conf.d/50unattended-upgrades and /etc/apt/apt.conf.d/02periodic.
  • The cloud-initramfs-growroot package is removed and replaced with the Google supported gce-disk-expand package.
  • Debian 10+ includes the following:
    • The linux-image-cloud-amd64 kernel instead of the generic Debian kernel.
    • The haveged package to provide entropy.

Storage configuration

  • Images are 10 GB by default.
  • The partition table is GPT, and there is an EFI partition to support booting on UEFI. There is also an MBR boot block to support BIOS.
  • The floppy module is disabled because there is no floppy disk controller on Compute Engine.

Time configuration

  • The NTP server is set to use the Compute Engine metadata server.

General information

OS version Image project x86 image family Arm image family Machine series Lifecycle stage EOL and image deprecation date
Debian 12 debian-cloud debian-12 debian-12-arm64 All GA TBD
Debian 11 debian-cloud debian-11 debian-11-arm64 All GA June 2026
Debian 10 debian-cloud debian-10 N/A All except T2A, M3, C3, H3 LTS* June 2024
Debian 9 N/A N/A N/A N/A EOL June 2022

*Debian LTS: Debian is supporting this release with Debian LTS. Critical security updates are provided via the Debian LTS project for the duration of the LTS lifecycle.

Interfaces

OS version SCSI NVMe Google Virtual NIC (gVNIC) Multiple network interfaces
Debian 12
Debian 11
Debian 10
Debian 9 *

*This OS image supports NVMe but does not include all optimizations for NVMe.

Security features

OS version Shielded VM support Confidential VM support
Debian 12
Debian 11
Debian 10
Debian 9

User space features

OS version Guest environment installed gcloud CLI installed OS Login supported Suspend and resume supported
Debian 12
Debian 11
Debian 10
Debian 9

Networking features

OS version Tier_1 networking# 200 Gbps network bandwidth# Jumbo frames/MTU
Debian 12 *
Debian 11 *
Debian 10
Debian 9 EOL EOL EOL

* You can update the gVNIC driver to the latest version to enable network egress bandwidths of 200 Gbps. For more information, see the Requirements and limitations section of "Configure per VM Tier_1 networking performance".

Fully supported with VirtIO, but requires an updated driver to use with gVNIC. For more information, see Jumbo frames.

# Only available with certain machine series.

GPU support

N1+GPU denotes support for NVIDIA T4, V100, P100, P4, or K80 GPU running on a general-purpose N1 machine family.

OS version N1+GPU A2 (A100) G2 (L4)
Debian 12
Debian 11
Debian 10
Debian 9 EOL EOL EOL

VM Manager

OS version OS Config agent installed OS inventory supported OS configura