Creating and Starting a VM Instance

This document explains how to create a virtual machine instance using a boot disk image, a boot disk snapshot, or a container image. When creating a VM instance from a boot disk image, you can use either a regular image or a Shielded VM image. Shielded VM images offer security features like UEFI-compliant firmware, Secure Boot, and vTPM-protected Measured Boot. Compute Engine automatically starts the VM instance after you create it.

You can create multiple disks for your VM instance during the creation process. You can also add more disks to the instance after it is created.

This document explains basic ways to create an instance. For more specific or complicated instance configurations, see the following resources:

Before you begin

If you want to use the command-line examples in this guide:
1. Install or update to the latest version of the gcloud command-line tool.
2. Set a default region and zone.
If you want to use the API examples in this guide, set up API access.

Creating an instance from an image

This section explains how to create an instance from an image of a specific operating system. A boot disk image contains the bootloader, boot filesystem, and an operating system that runs on the instance.

For advanced users, you can create a custom image to use in place of the public images offered by Compute Engine.

You can create an instance with an image in the Google Cloud Platform Console, the gcloud command-line tool, or the API.

Creating an instance from a public image

Public images are provided and maintained by Google, open-source communities, and third-party vendors. By default, all projects have access to these images and can use them to create instances with common operating system images.

To create an instance, specify the image family for the operating system that you need. Compute Engine offers multiple Linux distributions, some of which are available as both regular and Shielded VM images. If you choose local SSD storage for your instance, you can't use the integrity monitoring features of Shielded VM, and you can't use the vTPM for shielding data. For a list of the available image families, see public images.

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

Console

Go to the VM instances page.
Go to the VM instances page
Select your project and click Continue.
Click the Create instance button.
Specify a Name for your instance.
Optionally, change the Zone for this instance.

Note: The list of zones is randomized within each region to encourage use across multiple zones.
Select a Machine configuration for your instance.
In the Boot disk section, click Change to configure your boot disk.
Create a boot disk no larger than 2 TB to account for the limitations of MBR partitions.
In the OS images tab, choose an image.
Select Show images with Shielded VM features to see only Shielded VM images.
Click Select.
To permit HTTP or HTTPS traffic to the VM instance, select Allow HTTP traffic or Allow HTTPS traffic.

The GCP Console adds a network tag to your instance and creates the corresponding ingress firewall rule that allows all incoming traffic on tcp:80 (HTTP) or tcp:443 (HTTPS). The network tag associates the firewall rule with the instance. For more information, see Firewall Rules Overview in the Virtual Private Cloud documentation.
To add secondary non-boot disks to your VM instance:
1. Click on the Management, security, disks, networking, sole tenancy section.
2. Click on the Disks tab.
3. Under Additional disks click Add new disk.
4. Specify a disk Name, Type, Source type, Mode, and Deletion rule.
5. Click Done.
6. Add additional disks as needed.
Optionally, change the instance's Shielded VM settings, if you chose an image that supports Shielded VM:
1. Click on the Security tab in the Management, security, disks, networking, sole tenancy section.
2. If you want to disable Secure Boot, uncheck Turn on Secure Boot. Secure Boot helps protect your VM instances against boot-level and kernel-level malware and rootkits. For more information, see Secure Boot.
3. If you want to disable the virtual trusted platform module (vTPM), uncheck Turn on vTPM. The vTPM enables Measured Boot, which validates the VM pre-boot and boot integrity. For more information, see Virtual Trusted Platform Module (vTPM).
  
  Important: Disabling the vTPM also disables integrity monitoring, because integrity monitoring relies on data gathered by Measured Boot.
4. If you want to disable integrity monitoring, uncheck Turn on Integrity Monitoring. Integrity monitoring lets you monitor the boot integrity of your Shielded VM instances using Stackdriver. For more information, see Integrity monitoring.
Click the Create button to create and start the instance.

gcloud

Before you create an instance, select an operating system image to use for the boot disk of your instance. Use the gcloud compute images list command without any flags to see the full list of non-Shielded VM public images with their image IDs, image families, and image projects:

gcloud compute images list

Use the gcloud compute images list command with the following flags to see the full list of Shielded VM public images:

gcloud compute images list --project gce-uefi-images --no-standard-images

After you select an image, create an instance using the gcloud compute instances create command.

To use the latest version of an operating system image, specify the --image-family and --image-project flags. For example, debian-9 is an image family that returns the most recent version of the Debian 9 image that is not deprecated and debian-cloud is the image project.

Create an instance with the latest image from an image family:

gcloud compute instances create [INSTANCE_NAME] \
--image-family [IMAGE_FAMILY] \
--image-project [IMAGE_PROJECT]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE_FAMILY] is one of the available image families.
[IMAGE_PROJECT] is the image project to which that image family belongs.

Example response:

Created [https://www.googleapis.com/compute/v1/projects/myproject/zones/[ZONE]/instances/[INSTANCE_NAME]].
NAME            ZONE   MACHINE_TYPE  INTERNAL_IP   EXTERNAL_IP    STATUS
[INSTANCE_NAME] [ZONE] n1-standard-1 10.105.155.92 173.255.114.53 RUNNING

If you need to use a specific image version instead of the latest version, specify the --image and --image-project flags. For example, to create an instance that uses the debian-9-stretch-v20170619 Debian image, specify --image debian-9-stretch-v20170619 and --image-project debian-cloud.

Create an instance with a specific version of an image:

gcloud compute instances create [INSTANCE_NAME] \
    --image [IMAGE_ID] \
    --image-project [IMAGE_PROJECT]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE_ID] is a specific image.
[IMAGE_PROJECT] is the image project to which that image belongs.

You can add up to 128 secondary non-boot disks while you are creating your instance. Specify the --create-disk flag for each secondary disk you create. To create secondary disks from a public or stock image, specify the image and image-project properties in the --create-disk flag. To create a blank disk, do not include these properties. Optionally, include properties for the disk size and type.

gcloud compute instances create [INSTANCE_NAME] \
  --image-family [IMAGE_FAMILY] \
  --image-project [IMAGE_PROJECT] \
  --create-disk image=[DISK_IMAGE],image-project=[DISK_IMAGE_PROJECT],size=[SIZE_GB],type=[DISK_TYPE]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE_FAMILY] is one of the available image families.
[IMAGE_PROJECT] is the image project to which the image belongs.
[DISK_IMAGE] is the source image for the secondary disk. For a list of available images, run gcloud compute images list. For blanks disks, do not specify a disk image or image project.
[DISK_IMAGE_PROJECT] is the image project to which the disk image belongs. For blanks disks, do not specify a disk image or image project.
[SIZE_GB] is the size of the secondary disk.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

If you chose an image that supports Shielded VM, you can optionally change the instance's Shielded VM settings using one of the following flags:

--no-shielded-vm-secure-boot: Disable Secure Boot. Secure Boot helps protect your VM instances against boot-level and kernel-level malware and rootkits. For more information, see Secure Boot.
--no-shielded-vm-vtpm: Disable the virtual trusted platform module (vTPM). The vTPM enables Measured Boot, which validates the VM pre-boot and boot integrity. For more information, see Virtual Trusted Platform Module (vTPM).

Important: Disabling the vTPM also disables integrity monitoring, because integrity monitoring relies on data gathered by Measured Boot.
--no-shielded-vm-integrity-monitoring: Disable integrity monitoring. Integrity monitoring lets you monitor the boot integrity of your Shielded VM instances using Stackdriver. For more information, see Integrity monitoring.

The following example creates an Ubuntu Shielded VM instance with Secure Boot disabled:

gcloud beta compute instances create my-instance \
  --image-family ubuntu-1804-uefi --image-project gce-uefi-images \
  --no-shielded-vm-secure-boot

API

To start an instance in the API, send a request and specify the following properties:

Source image
Network interface
Machine type
If your VPC network is a custom mode VPC network, you must also specify the subnet where you want the instance to be created.
If you chose an image that supports Shielded VM, you can optionally change the instance's Shielded VM settings by using the following boolean request body items:
- enableSecureBoot: Enable or disable Secure Boot. Secure Boot helps protect your VM instances against boot-level and kernel-level malware and rootkits. For more information, see Secure Boot.
- enableVtpm: Enable or disable the virtual trusted platform module (vTPM). The vTPM enables Measured Boot, which validates the VM pre-boot and boot integrity. For more information, see Virtual Trusted Platform Module (vTPM).
  
  Important: Disabling the vTPM also disables integrity monitoring, because integrity monitoring relies on data gathered by Measured Boot.
- enableIntegrityMonitoring: Enable or disable integrity monitoring. Integrity monitoring lets you monitor and verify the runtime boot integrity of your Shielded VM instances using Stackdriver reports. For more information, see Integrity monitoring.

After you decide on your resource properties, create a request body and make your API request. To learn more about constructing API requests and handling API responses, read the Creating API Requests and Handling Responses documentation.

Making the API request

If you use the API client library, you can start a new instance by directly calling the REST API or using the instances().insert method. Here is an example of each option:

REST

In the API, construct a POST request to the instances URI with the same request body. You can add up to 128 secondary non-boot disks at the time you create a VM instance by using the initializeParams property for each additional disk. Create additional disks with a public or a private image. To add blank disks, do not specify an image source. Optionally, you can include the diskSizeGb, diskType, and labels properties.

def addInstance(http, listOfHeaders):
  url = "https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances"

  body = {
    "name": "[INSTANCE_NAME]",
    "machineType": "machineTypes/[MACHINE_TYPE]",
    "networkInterfaces": [{
      "accessConfigs": [{
        "type": "ONE_TO_ONE_NAT",
        "name": "External NAT"
       }],
      "network": "global/networks/default"
    }],
    "disks": [{
       "autoDelete": "true",
       "boot": "true",
       "type": "PERSISTENT",
       "initializeParams": {
         "sourceImage": "projects/[IMAGE_PROJECT]/global/images/family/[IMAGE]",
         "labels": {
           "key": "[LABEL_KEY]",
           "value": "[LABEL_VALUE]",
         }
       }
     },
     {
       "initializeParams": {
          "diskSizeGb": "[SIZE_GB]",
          "sourceImage":"[IMAGE]"
       },
       {
       "initializeParams": {
          "diskSizeGb": "[SIZE_GB]"
       }
     }]

  bodyContentURLEncoded = urllib.urlencode(bodyContent)
  resp, content = http.request(uri=url, method="POST", body=dumps(bodyContent), headers=listOfHeaders)

  print resp
  print content

where:

[INSTANCE_NAME] is the name of the instance.
[PROJECT_ID] is your project ID.
[ZONE] is the zone for this instance.
[MACHINE_TYPE] is the machine type of the instance.
[IMAGE_PROJECT] is the image project that the image belongs to, such as debian-cloud, ubuntu-os-cloud, and so on.
[IMAGE] is one of the available public image families. For example, family/debian-9 uses the latest version of the Debian 9 image. Alternatively, you can use a specific image version such as debian-9-stretch-v20170619 without the family/ path. For blanks disks do not specify an image source.
[LABEL_KEY] and [LABEL_VALUE] are labels to apply to the disk. The labels field is optional.
[SIZE_GB] is the disk size.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

If you create an instance with blank secondary disks, format and mount those disks so that your guest operating system can use them.

Python Client Library

compute/api/create_instance.py

View on GitHub

def create_instance(compute, project, zone, name, bucket):
    # Get the latest Debian Jessie image.
    image_response = compute.images().getFromFamily(
        project='debian-cloud', family='debian-9').execute()
    source_disk_image = image_response['selfLink']

    # Configure the machine
    machine_type = "zones/%s/machineTypes/n1-standard-1" % zone
    startup_script = open(
        os.path.join(
            os.path.dirname(__file__), 'startup-script.sh'), 'r').read()
    image_url = "http://storage.googleapis.com/gce-demo-input/photo.jpg"
    image_caption = "Ready for dessert?"

    config = {
        'name': name,
        'machineType': machine_type,

        # Specify the boot disk and the image to use as a source.
        'disks': [
            {
                'boot': True,
                'autoDelete': True,
                'initializeParams': {
                    'sourceImage': source_disk_image,
                }
            }
        ],

        # Specify a network interface with NAT to access the public
        # internet.
        'networkInterfaces': [{
            'network': 'global/networks/default',
            'accessConfigs': [
                {'type': 'ONE_TO_ONE_NAT', 'name': 'External NAT'}
            ]
        }],

        # Allow the instance to access cloud storage and logging.
        'serviceAccounts': [{
            'email': 'default',
            'scopes': [
                'https://www.googleapis.com/auth/devstorage.read_write',
                'https://www.googleapis.com/auth/logging.write'
            ]
        }],

        # Metadata is readable from the instance and allows you to
        # pass configuration from deployment scripts to instances.
        'metadata': {
            'items': [{
                # Startup script is automatically executed by the
                # instance upon startup.
                'key': 'startup-script',
                'value': startup_script
            }, {
                'key': 'url',
                'value': image_url
            }, {
                'key': 'text',
                'value': image_caption
            }, {
                'key': 'bucket',
                'value': bucket
            }]
        }
    }

    return compute.instances().insert(
        project=project,
        zone=zone,
        body=config).execute()

Creating an instance from a custom image

A custom image belongs only to your project. To create an instance with a custom image, you must first have a custom image. To learn how to create a custom image, read Creating a Custom Image.

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

Console

Go to the VM instances page.
Go to the VM Instances page
Select your project and click Continue.
Click the Create instance button.
Specify a Name for your instance.
Optionally, change the Zone for this instance.

Note: The list of zones is randomized within each region to encourage use across multiple zones.
Select a Machine configuration for your instance.
In the Boot disk section, click Change to configure your boot disk.
Create a boot disk no larger than 2 TB to account for the limitations of MBR partitions.
Select the Custom Images tab.
Make sure your project is selected in the dropdown menu.
Choose the image you want and click the Select button.
To permit HTTP or HTTPS traffic to the VM instance, select Allow HTTP traffic or Allow HTTPS traffic.

The GCP Console adds a network tag to your instance and creates the corresponding ingress firewall rule that allows all incoming traffic on tcp:80 (HTTP) or tcp:443 (HTTPS). The network tag associates the firewall rule with the instance. For more information, see Firewall Rules Overview in the Virtual Private Cloud documentation.
To add secondary non-boot disks to your VM instance:
1. Click Management, security, disks, networking, sole tenancy.
2. Select the Disks tab.
3. Under Additional disks click Add new disk.
4. Specify a disk Name, Type, Source type, Mode, and Deletion rule.
5. Click Done.
6. Add additional disks as needed.
Click the Create button to create and start the instance.

gcloud

Use the gcloud compute instances create command-line tool to create an instance with a custom image:

gcloud compute instances create [INSTANCE_NAME] \
--image [IMAGE_NAME] \
--image-family [IMAGE_FAMILY]

where:

[INSTANCE_NAME] is the instance name.
[IMAGE_NAME] is the name of the image.
[IMAGE] is an optional field. Use a private or public image. If no image is specified, the disk will be blank.

If you created your custom images as part of an image family, specify that image family instead of the image name. By doing so, the instance automatically uses the most recent, non-deprecated image in the image family.

gcloud compute instances create [INSTANCE_NAME] \
  --image-family [IMAGE_FAMILY] \
  --image-project [IMAGE_PROJECT] \
  --create-disk image=[DISK_IMAGE],image-project=[DISK_IMAGE_PROJECT],size=[SIZE_GB],type=[DISK_TYPE]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE_FAMILY] is one of the available image families.
[IMAGE_PROJECT] is the image project to which the image belongs.
[DISK_IMAGE] is the source image for the secondary disk. For a list of available images, run gcloud compute images list. For blanks disks, do not specify a disk image or image project.
[DISK_IMAGE_PROJECT] is the image project to which the disk image belongs. For blanks disks, do not specify a disk image or image project.
[SIZE_GB] is the size of the secondary disk.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

API

The process for creating an instance with a custom image in the API is the same as if you were creating an instance with a publicly-available image. In the sourceImage URI, provide your own project ID and the image name.

You can create up to 128 secondary non-boot disks at the time you create a VM instance by using the initializeParams property for each additional disk. Create additional disks with a public or private image. To add a blank disk, define the initializeParams entry with no sourceImage value.

...
"initializeParams" :{
   "sourceImage": "global/images/[IMAGE_NAME]"
},
{
"initializeParams": {
   "diskSizeGb": "[SIZE_GB]",
   "sourceImage": "[IMAGE]",
   "diskType": "[DISK_TYPE]"
 },
 {
 "initializeParams": {
 "diskSizeGb": "[SIZE_GB]",
 "diskType": "[DISK_TYPE]"
 }
}...]

where:

[PROJECT_ID] is your project ID.
[IMAGE_NAME] is the specific image such as debian-9-stretch-v20170619. Alternatively, you can specify an image family. For example, family/debian-9 returns the latest version of the Debian 9 image.
[IMAGE] is the source image for the secondary disk. For blanks disks do not specify an image source.
[SIZE_GB] is the disk size.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

Creating an instance with an image shared with you

If another user has shared an image with you, you can use the image to create a new instance.

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

Console

Go to the VM instances page.
Go to the VM instances page
Select your project and click Continue.
Click the Create instance button.
Specify a Name for your instance.
Optionally, change the Zone for this instance.

Note: The list of zones is randomized within each region to encourage use across multiple zones.
Select a Machine configuration for your instance.
In the Boot disk section, click Change to configure your boot disk.

Create a boot disk no larger than 2 TB to account for the limitations of MBR partitions.
Select the Custom Images tab.
Select the image project from the dropdown.
Choose the image you want and click the Select button.
To permit HTTP or HTTPS traffic to the VM instance, select Allow HTTP traffic or Allow HTTPS traffic.

The GCP Console adds a network tag to your instance and creates the corresponding ingress firewall rule that allows all incoming traffic on tcp:80 (HTTP) or tcp:443 (HTTPS). The network tag associates the firewall rule with the instance. For more information, see Firewall Rules Overview in the Virtual Private Cloud documentation.
To add secondary non-boot disks to your VM instance:
1. Click Management, security, disks, networking, sole tenancy.
2. Select the Disks tab.
3. Under Additional disks click Add new disk.
4. Specify a disk Name, Type, Source type, Mode, and Deletion rule.
5. Click Done.
6. Add additional disks as needed.
Click the Create button to create and start the instance.

gcloud

Create an instance using the gcloud compute instances create command, and use the --image and --image-project flag to specify the image name and the project where the image resides:

gcloud compute instances create [INSTANCE_NAME] \
    --image [IMAGE] \
    --image-project [IMAGE_PROJECT]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE] is the name of the image.
[IMAGE_PROJECT] is the project to which the image belongs.

If the command is successful, gcloud responds with the properties of the new instance:

Created [https://www.googleapis.com/compute/v1/projects/myproject/zones/us-central1-b/instances/example-instance].
NAME                 ZONE           MACHINE_TYPE   PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP    STATUS
example-instance     us-central1-b  n1-standard-1               10.240.0.4   104.198.53.60  RUNNING

gcloud compute instances create [INSTANCE_NAME] \
--image-family [IMAGE_FAMILY] \
--image-project [IMAGE_PROJECT] \
--create-disk image=[DISK_IMAGE],image-project=[DISK_IMAGE_PROJECT],size=[SIZE_GB],type=[DISK_TYPE]

where:

[INSTANCE_NAME] is the name for the new instance.
[IMAGE_FAMILY] is one of the available image families.
[IMAGE_PROJECT] is the image project to which the image belongs.
[DISK_IMAGE] is the source image for the secondary disk. For a list of available images, run gcloud compute images list. For blanks disks, do not specify a disk image or image project.
[DISK_IMAGE_PROJECT] is the image project to which the disk image belongs. For blanks disks, do not specify a disk image or image project.
[SIZE_GB] is the size of the secondary disk.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

API

Follow the API instructions to create an instance from a public image but specify the image field in the request body. You can add up to 128 secondary non-boot disks by specifying the initializeParams field for every additional disk. To add blank disks, do not specify an image source. Optionally, you can specify the diskSizeGb, diskType, and labels properties.

...
image: "projects/[PROJECT_ID]/global/images/[IMAGE]

{
 "initializeParams": {
    "diskSizeGb": "[SIZE_GB]",
    "sourceImage": "[IMAGE]"
       }
   {
  "initializeParams": {
  "diskSizeGb": "[SIZE_GB]"
   }
 }...]

where:

[PROJECT_ID] is the project containing the image.
[IMAGE] is the source image.
[SIZE_GB] is the disk size.
[IMAGE] is the source image for the secondary disk. For blanks disks do not specify an image source.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

Creating an instance from a snapshot

If you backed up a boot persistent disk with a snapshot, you can use that snapshot to create a new instance.

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

Console

Go to the VM instances page.
Go to the VM instances page
Select your project and click Continue.
Click the Create instance button.
Specify a Name for your instance.
Optionally, change the Zone for this instance.

Note: The list of zones is randomized within each region to encourage use across multiple zones.
Select a Machine configuration for your instance.
In the Boot disk section, click Change to configure your boot disk.

Create a boot disk no larger than 2 TB to account for the limitations of MBR partitions.
Click the Snapshots tab and choose a snapshot from the list.
Click Select.
To permit HTTP or HTTPS traffic to the VM instance, select Allow HTTP traffic or Allow HTTPS traffic.

The GCP Console adds a network tag to your instance and creates the corresponding ingress firewall rule that allows all incoming traffic on tcp:80 (HTTP) or tcp:443 (HTTPS). The network tag associates the firewall rule with the instance. For more information, see Firewall Rules Overview in the Virtual Private Cloud documentation.
To add secondary non-boot disks to your VM instance:
1. Click Management, security, disks, networking, sole tenancy.
2. Select the Disks tab.
3. Under Additional disks click Add new disk.
4. Specify a disk Name, Type, Source type, Mode, and Deletion rule.
5. Click Done.
6. Add additional disks as needed.
Click the Create button to create and start the instance.

gcloud

Using the gcloud command-line tool, you cannot use a snapshot to directly create an instance the same way that you can in the console. First, create a new standalone boot persistent disk from a snapshot. Then use that disk to create a new instance.

Create a standalone boot persistent disk from a snapshot using the gcloud compute disks create command.
```
gcloud compute disks create [DISK_NAME] --source-snapshot [SNAPSHOT_NAME]
```
Use the gcloud compute instances create command to create a new instance, and attach the disk with the --disk flag and the boot=yes property.
```
gcloud compute instances create [INSTANCE_NAME] --disk name=[DISK_NAME],boot=yes
```
You can add up to 128 secondary non-boot disks while you are creating your instance. Specify the --create-disk flag for each secondary disk you create. To create secondary disks from a public or stock image, specify the image and image-project properties in the --create-disk flag. To create a blank disk, do not include these properties. Optionally, include properties for the disk size and type.
```
gcloud compute instances create [INSTANCE_NAME] \
   --image-family [IMAGE_FAMILY] \
   --image-project [IMAGE_PROJECT] \
   --create-disk image=[DISK_IMAGE],image-project=[DISK_IMAGE_PROJECT],size=[SIZE_GB],type=[DISK_TYPE]
```
where:
- [INSTANCE_NAME] is the name for the new instance.
- [IMAGE_FAMILY] is one of the available image families.
- [IMAGE_PROJECT] is the image project to which the image belongs.
- [DISK_IMAGE] is the source image for the secondary disk. For a list of available images, run gcloud compute images list. For blanks disks, do not specify a disk image or image project.
- [DISK_IMAGE_PROJECT] is the image project to which the disk image belongs. For blanks disks, do not specify a disk image or image project.
- [SIZE_GB] is the size of the secondary disk.
- [DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

API

In the API, you cannot use a snapshot to directly create an instance the same way that you can in the console. First, create a new standalone boot persistent disk from a snapshot. Then use that disk to create a new instance.

Restrictions:

Only one persistent disk can be the boot persistent disk.
You must attach the boot persistent disk as the first disk for that instance.
If you specify the source property, you cannot also specify the initializeParams property. Providing a source indicates that the boot persistent disk exists already, but the initializeParams property indicates that Compute Engine should create a new boot persistent disk.

To create an instance from a snapshot:

Create a standalone boot persistent disk from a snapshot.

POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/disks

{
  "name": "[DISK_NAME]",
  "sourceSnapshot": "zones/[ZONE]/snapshots/[SNAPSHOT_NAME]"
}

Attach the disk when you create a new instance. In the request body include the properties to create a new instance. In the disks property, include the source field with a URL to the persistent disk that you want to attach. To add up to 128 secondary non-boot disks, use the initializeParams property for every disk. To add blank disks, do not include a source image. Optionally, you can specify the diskSizeGb, diskType, and labels properties.
```
POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances

{
  "name": "[INSTANCE_NAME]",
  "machineType": "machineTypes/[MACHINE_TYPE]"
  "networkInterfaces": [{
    "accessConfigs": [{
      "type": "ONE_TO_ONE_NAT",
      "name": "External NAT"
     }],
    "network": "global/networks/default"
  }],
  "disks": [{
     "source": "zones/[ZONE]/disks/[DISK_NAME]",
     "boot": true
   }],
   "initializeParams": [{
      "diskSizeGb": "[SIZE_GB]",
      "sourceImage": "[IMAGE]"
    }
   {
   "initializeParams": {
   "diskSizeGb": "[SIZE_GB]"
   }
}...]
```
where:
- [IMAGE] is the source image for the secondary disk. For blanks disks do not specify an image source.
- [SIZE_GB] is the disk size.
- [DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

Creating an instance from a container image

To deploy and launch a container on a Compute Engine instance, specify a container image name and optional configuration parameters when you create the instance. Compute Engine creates the instance using the latest version of the Container-Optimized OS public image, which has Docker installed. Then, Compute Engine launches the container when the VM starts. See Deploying Containers on VMs for more information.

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

Console

Go to the VM instances page.
Go to the VM instances page
Click Create instance.
Specify a Name for your instance.
In the Container section, select the Deploy a container image to this VM instance checkbox.
Specify the Container image to use.
- For example, you can specify gcr.io/cloud-marketplace/google/nginx1:1.12 to select an NGINX 1.12 container image from Cloud Launcher.
- If you use a container image from Docker Hub, always specify the full Docker image name. For example, specify the following image name to deploy an Apache container image: docker.io/httpd:2.4.
Optionally, click Advanced container options. For more information, see Configuring Options to Run Your Container.
Click Create to create the instance, boot the instance, and launch the container.

gcloud

Use the gcloud compute instances create-with-container command:

gcloud compute instances create-with-container [INSTANCE_NAME] \
     --container-image [CONTAINER_IMAGE]

where:

[INSTANCE_NAME] is the name for the new instance.
[CONTAINER_IMAGE] is the name of the container image.

For example, the following command creates a new VM instance named nginx-vm which will launch and run the container image, gcr.io/cloud-marketplace/google/nginx1:1.12.

gcloud compute instances create-with-container nginx-vm \
    --container-image gcr.io/cloud-marketplace/google/nginx1:1.12

When using a container image from Docker Hub, you must always specify a full Docker image name. For example, specify the following image name to deploy an Apache container image: docker.io/httpd:2.4.

Creating an instance with access to other Google Cloud Platform Services

If you plan to run an application on your virtual machine instance that needs access to other Google Cloud Platform services, create a service account before creating the instance, and then follow the instructions to set up an instance to run as a service account. A service account is a special account whose credentials you can use in your application code to access other Google Cloud Platform services.

For more information on service accounts, read the Service Accounts Overview.

Creating an instance in a specific subnet

Permissions required for this task

To perform this task, you must have the following permissions.

compute.instances.create on the project
compute.instances.updateShieldedVmConfig if you plan to create a Shielded VM instance and you want to be able to change any of the Shielded VM settings.
compute.networks.use on the project if using a legacy network
compute.subnetworks.use either on the whole project or on the chosen subnet (VPC networks)
compute.networks.useExternalIp on the project if you need to assign an external IP address (either ephemeral or static) to the instance using a legacy network
compute.subnetworks.useExternalIp either on the whole project or on the chosen subnet if you need to assign an external IP address (either ephemeral or static) to the instance using a VPC network
compute.address.use on the project if specifying a static address in the project
compute.instances.setMetadata if setting metadata
compute.instances.setTags on the instance if setting tags
compute.instances.setLabels on the instance if setting labels
compute.images.useReadOnly on the image if creating a new root persistent disk
compute.disks.create on the project if creating a new root persistent disk with this instance
compute.disks.useReadOnly on the disk if attaching an existing persistent disk in read-only mode
compute.disks.use on the disk if attaching an existing disk in read-write mode
compute.disks.setLabels on the disk if setting labels
compute.snapshots.create on the project to create a new snapshot if creating an instance from a snapshot
compute.snapshots.use on the snapshot if creating an instance from a snapshot

By default, Google Cloud Platform (GCP) creates an auto mode VPC network called default for each project. If you create an instance without specifying its network details, Compute Engine uses the default VPC network and the auto subnet that is in the same region as the instance.

To use a different network or a subnet that you manually created in an auto mode or custom mode VPC network, you must specify the subnet when you create the instance.

Console

Go to the VM instances page.
Go to the VM Instances page
Select your project and click Continue.
Click the Create instance button.
Specify a Name for your instance.
Optionally, change the Zone for this instance.

Note: The list of zones is randomized within each region to encourage use across multiple zones.
To permit HTTP or HTTPS traffic to the VM instance, select Allow HTTP traffic or Allow HTTPS traffic.

The GCP Console adds a network tag to your instance and creates the corresponding ingress firewall rule that allows all incoming traffic on tcp:80 (HTTP) or tcp:443 (HTTPS). The network tag associates the firewall rule with the instance. For more information, see Firewall Rules Overview in the Virtual Private Cloud documentation.
Expand the Management, security, disks, networking, sole tenancy section.
Under Network interfaces in the Networking tab, specify the network details.
1. In the Network field, select the VPC network that contains the subnet you created.
2. In the Subnet field, select the subnet that the instance will use.
To add secondary non-boot disks to your VM instance:
1. Click Management, security, disks, networking, sole tenancy.
2. Select the Disks tab.
3. Under Additional disks click Add new disk.
4. Specify a disk Name, Type, Source type, Mode, and Deletion rule.
5. Click Done.
6. Add additional disks as needed.
Click the Create button to create and start the instance.

gcloud

Using the gcloud command-line tool, follow the same instructions to create an instance from an image or a snapshot, and add the --subnet [SUBNET_NAME] and --zone [ZONE_NAME] flags when you use the gcloud compute instances create command:

gcloud compute instances create [INSTANCE_NAME] --subnet [SUBNET_NAME] \
--zone [ZONE_NAME]

where:

[INSTANCE_NAME] is the name of the instance.
[SUBNET_NAME] is the name of the subnet. The network is inferred from the specified subnet.
[ZONE_NAME] is the name of the zone where the instance is created, such as europe-west1-b. The instance's region is inferred from the zone.

gcloud compute instances create [INSTANCE_NAME] \
--subnet [SUBNET_NAME] \
--zone [ZONE_NAME] \
--image-family [IMAGE_FAMILY] \
--image-project [IMAGE_PROJECT] \
--create-disk image=[DISK_IMAGE],image-project=[DISK_IMAGE_PROJECT],size=[SIZE_GB],type=[DISK_TYPE]

where:

[INSTANCE_NAME] is the name for the new instance.
[SUBNET_NAME] is the name of the subnet.
[ZONE_NAME] is the name of the zone where the instance is created, such as europe-west1-b.
[IMAGE_FAMILY] is one of the available image families.
[IMAGE_PROJECT] is the image project to which the image belongs.
[DISK_IMAGE] is the source image for the secondary disk. For a list of available images, run gcloud compute images list. For blanks disks, do not specify a disk image or image project.
[DISK_IMAGE_PROJECT] is the image project to which the disk image belongs. For blanks disks, do not specify a disk image or image project.
[SIZE_GB] is the size of the secondary disk.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

API

Follow the API instructions to create an instance from an image or a snapshot, but specify the subnet field in the request body. To add up to 128 secondary non-boot disks, use the initializeParams property for every disk you create. To add blank disks, do not add a source image. Optionally, you can specify the diskSizeGb, diskType, and labels properties.

...
"networkInterfaces": [
{
  "network": "global/networks/[NETWORK_NAME]",
  "subnetwork": "regions/[REGION]/subnetworks/[SUBNET_NAME]",
  "accessConfigs":
    {
      "name": "External NAT",
      "type": "ONE_TO_ONE_NAT"
    }
    {
      "initializeParams": {
         "diskSizeGb": "[SIZE_GB]",
         "sourceImage": "[IMAGE]"
    {
      "initializeParams": {
      "diskSizeGb": "[SIZE_GB]"
     }
 }...]

where:

[IMAGE] is the source image for the secondary disk. For blanks disks do not specify an image source.
[SIZE_GB] is the disk size.
[DISK_TYPE] is the type of persistent disk, either pd-standard or pd-ssd.

Format and mount the disks before using them.

What's next?

Check the instance's status to see when it is ready to use.
Learn how to use snapshots to back up your persistent disks.
Learn more about images.
Learn more about containers.
Create and attach a secondary storage disk to your instance to store your data separately from the boot disk.
Create and start Windows Server or SQL Server instances.
Refer to the gcloud compute instances create command.
Learn how to reserve resources in a specific zone.

Before you begin

Creating an instance from an image

Creating an instance from a public image

Permissions required for this task

Console

gcloud

API

Making the API request

Creating an instance from a custom image

Permissions required for this task

Console

gcloud

API

Creating an instance with an image shared with you

Permissions required for this task

Console

gcloud

API

Creating an instance from a snapshot

Permissions required for this task

Console

gcloud

API

Creating an instance from a container image

Permissions required for this task

Console

gcloud

Creating an instance with access to other Google Cloud Platform Services

Creating an instance in a specific subnet

Permissions required for this task

Console

gcloud

API

What's next?

Feedback verzenden over...