You can run your Windows applications on Compute Engine and take advantage of many benefits available to virtual machine instances such as reliable storage options, the speed of the Google network, and Autoscaling.
Compute Engine provides several tools to help bring your Windows applications and services to the cloud:
- Use Windows Server images to create instances with a basic Windows environment upon which you can build your applications. For Windows Server 2019, 2016, and 2012 R2 images, you can select from either the Windows Server with Desktop Experience or Windows Server core configurations.
- Use SQL Server images to start instances that have Windows Server with SQL Server preinstalled. Pay for both Windows Server and SQL Server licenses only when you use them. Windows Server images receive per-second billing and SQL Server images receive per-minute billing.
- Run .NET applications on your Compute Engine instances.
- Deploy Active Directory to your instances and bring your domain services to the cloud.
- Run IIS web servers to host your web content on Windows instances.
- If you have existing licenses for SQL Server or other applications that run in a Windows environment, use your existing Microsoft application licenses through the Microsoft license mobility program.
If you are new to Compute Engine, follow the Windows quickstart to learn how to create Windows virtual machine instances using the Cloud Console. Create an instance with a Windows Server operating system, use Windows PowerShell to install Internet Information Services (IIS), and host a simple web page.
Windows Server is a server operating system from Microsoft. You can create instances with Windows Server images to run applications that are specific to Windows. Compute Engine offers several versions of Windows Server.
Optionally, Compute Engine offers SQL Server images if you need VM instances that have Windows Server with SQL Server preinstalled.
Pricing for Windows Server images
When you create a Windows Server instance, you pay by the second for the use of the Windows Server license. The cost for the license depends on the number of vCPUs in the machine type of the instance.
Windows Server images are premium resources that incur additional fees. For more information about the price of Windows Server images, see Windows Server pricing.
Licensing for Windows Server and SQL Server images
Instances that run Windows Server images on Compute Engine
can activate and renew their licenses only if they have a network connection
kms.windows.googlecloud.com. If your Windows Server instances are unable to
kms.windows.googlecloud.com, they stop functioning within 30 days.
Your VPC network must provide access to
IP address used by
kms.windows.googlecloud.com. The next hop for
220.127.116.11/32 must be the default internet gateway. You can configure
your instances to access
kms.windows.googlecloud.com using one of the
If you prefer not to assign your instance an external IP, you can allow access to
18.104.22.168/32by using Private Google Access.
For more information about each of these methods, see Configuring Windows Server license activation.
You can bring your existing Windows Server licenses to Compute Engine by bringing your own license with sole-tenant nodes or bringing your existing Microsoft application licenses to your Windows Server instances to run specific applications. However, you must continue to manage those licenses yourself.
Bring existing Windows client licenses to Compute Engine by bringing your own license with sole-tenant nodes and importing your image as a virtual disk. Similar to bringing your license with Windows Server, you must continue to manage license and compliance yourself. For more information about Windows client support, see Windows client.
Microsoft SQL Server is a database system that runs on Windows Server. You can use SQL Server on Compute Engine as part of the backend for your applications, as a flexible development and test environment, or in addition to your on-premises systems for backup and disaster recovery.
Compute Engine provides images with Microsoft SQL Server preinstalled on Windows Server. For these SQL Server images, Compute Engine manages the license for both Windows Server and SQL Server, and includes the cost in your monthly bill. Create instances with SQL Server and scale out to large multi-node configurations when you need them.
Compute Engine stores your data on durable persistent disks with automatic redundancy and automatic encryption at rest. Use these persistent disks to store your SQL Server data without having to worry about the durability or security of your data. For additional performance, create your instances with a local SSD as a cache that provides additional IOPS and performance for SQL Server queries.
You can create Compute Engine VM instances that run SQL Server in the following ways:
- Creating an instance using a SQL Server image. These images include one of several SQL Server editions that run on Windows Server. You can use these images to run SQL Server on Compute Engine without obtaining your own separate license from Microsoft.
- Migrating your existing SQL Server licenses to a Windows Server instance on Compute Engine and manage those licenses yourself.
- Installing SQL Server on a Compute Engine Linux VM.
For a full list of the available images that include SQL Server preinstalled, see the Feature support by operating system.
Pricing for SQL Server images
When you create an instance that includes SQL Server, you pay by the second for the SQL Server license in addition to the Compute Engine instance resources and the Windows Server license. The cost of your SQL Server instances includes the following items:
- The cost of the SQL Server license.
- The cost for the Windows Server license.
- The cost of the machine type for the instance.
- The cost for resources that are attached to your instance. For example, persistent disks, Local SSDs, and network resources.
For full details on the pricing for Windows Server images that include SQL Server preinstalled, see the SQL Server pricing page.
Machine type requirements for SQL Server images
SQL Server Standard
You can run SQL Server Standard on instances with any machine type, but shared-core machine types will not run optimally. Google recommends that you use instances with at least one vCPU to run SQL Server Standard.
SQL Server Enterprise
Instances that run SQL Server Enterprise must have at least 4 vCPUs. For optimal performance, Google recommends that you run SQL Server Enterprise on instances with larger memory capacities. Depending on your workload, you should use high-memory machine types with 8 vCPUs or more. These machine types maximize the ratio of memory to each vCPU that is available on Compute Engine, which is optimal for SQL Server Enterprise instances.
Additionally, you can use SQL Server Enterprise on Compute Engine to create SQL Server Availability Groups.
Licensing for images with SQL Server
If you need to run SQL Server on Compute Engine, create an instance with a Windows Server image that includes SQL Server preinstalled. These images handle licensing for both Windows Server and SQL Server and let you adopt a pay as you go model for your Windows Server and SQL Server licenses. The pay as you go model lets you pay for SQL Server only when you need it with per-second billing.
Alternatively, you can bring your existing Microsoft application licenses for SQL Server to your Windows Server instances on Compute Engine, but you must continue to manage those licenses yourself.
SQL Server images include several components by default. The default components depend on the edition of SQL Server that you selected.
SQL Server Enterprise, Standard, and Web editions:
- SQL Server
- Database Engine
- Full text search
- Analysis services
- Reporting services
- Data quality services
- Integration services
- Master data services
- SQL Server Management Studio (2012 and 2014 only)
- SQL Server Configuration Manager
- Business Intelligence Development Studio
- SQL Server Setup
- Client Tools Connectivity
- Client Tools SDK
- SQL Client Connectivity SDK
- Data-tier applications
- Back up and Restore
- Attach and Detach
- SQL Server Books online
SQL Server Express edition:
- SQL Server
- Database Engine
- Full text search
- Reporting services
If you need to add or remove components, you can
add features to your SQL Server installation.
SQL Server images always include the setup executable at
Using BitLocker with Shielded VM images
You can enable BitLocker for Windows boot disks that are part of Shielded VM images. Shielded VM images offer security features such as UEFI-compliant firmware, Secure Boot, vTPM-protected Measured Boot, and integrity monitoring. vTPM and integrity monitoring are enabled by default, and Google recommends enabling Secure Boot if possible.
If you choose to enable BitLocker on a Windows boot disk that is part of a Shielded VM image, we strongly recommend saving the recovery key to a safe location, because if you don't have the recovery key, you can't recover the data.
Take the following into account before enabling BitLocker on a Windows boot disk that is part of a Shielded VM image:
On Shielded VM boot disks, BitLocker uses the vTPM to store the encryption keys, and the vTPM is permanently associated with the VM on which it was created. This means that you can restore a snapshot of a Shielded VM boot disk to another persistent disk, but you can't decrypt it because the vTPM containing the BitLocker keys isn't available. If you have a recovery key, you can recover data by following the instructions in the BitLocker recovery guide. If you don't have a recovery key, the data on the disk is unrecoverable.
On Shielded VM data disks, persistent disk data is encrypted by default. Enabling BitLocker on top of persistent disk encryption doesn't affect throughput, but it might increase vCPU utilization slightly. Enabling BitLocker on data disks that are attached to the VM doesn't pose the same recovery challenges as for boot disks. This is because the BitLocker encryption keys for data disks aren't stored on the vTPM. If you have lost the ability to unlock the disk normally and have the recovery key, you can attach the disk to another unencrypted VM and recover it from there. If you don't have a recovery key, the data on the disk is unrecoverable.
Compute Engine Windows drivers
The following Compute Engine drivers are maintained for Windows images:
|Driver type||Package name|
Each driver is packaged using GooGet and published to Google Cloud repositories. All Google Cloud Windows images are preconfigured with the GooGet tool and Google Cloud repositories. If you need to install GooGet and set up repositories yourself, see Packaging and package distribution.
To install or upgrade a specific driver, run following command:
googet install DRIVER_PACKAGE_NAME
Navigating the end of support dates for Windows images
Periodically, as part of the Microsoft Lifecycle Policy, Microsoft might announce an end of support (EOS) date for a version of their operating system that you are using for VM instances on Compute Engine. On the EOS date for that version of the operating system:
- Google can no longer access updates.
- Google can no longer access security patches.
- Google retires the operating system image, and the image is no longer available to create VM instances.
If you are running VM instances on Compute Engine based on one of these operating system images, keep in mind that beginning on the EOS date:
VMs based on images that are beyond their EOS date continue to operate, and billing continues for premium images.
Future Google Cloud functionality might not perform as expected if you use an image that is beyond its EOS date.
Google can no longer provide support, updates, or security patches. Microsoft might provide additional support through its Extended Support Updates program. It is your responsibility to install and test all updates provided by Microsoft.
Google might request that you upgrade the image to a supported version before Google agrees to investigate support-related issues with that image.
Using an unsupported and unpatched version might create material security risks. If you are running VM instances based on an operating system image with an announced EOS date, Google recommends that before the EOS date, you:
Upgrade or migrate to a supported version of the Windows operating system.
If you anticipate needing to create VM instances after the EOS date, make copies of the images in your projects.
Remove any external IP address because publicly accessible instances might be vulnerable to unpatched security exploits. Instead, use the instance's internal IP address to host services and enable Private Google Access.
Consider configuring a Remote Desktop Gateway to restrict remote access to your instance.
If you continue to use an image after the EOS date for that image, Google recommends that you not update the guest environment because Google doesn't test new versions of the image against the EOS version. When Google releases additional image families, those newly released image families might not support the EOS versions of the images, so we recommend that you continue to use the image family that you are currently using.
The following table shows Microsoft operating systems that are no longer supported, their EOS dates, where to find Microsoft's EOS announcements, and links to content about upgrading or migrating:
|Operating system||EOS date||More information|
|Windows Server 2008 R2||January 14, 2020|
|Windows Server 2008||January 14, 2020|
|Windows Server 2003 R2||July 14, 2015|
|Windows Server 2003||July 14, 2015|