- NAME
-
- gcloud compute instances bulk create - create multiple Compute Engine virtual machines
- SYNOPSIS
-
-
gcloud compute instances bulk create
(--name-pattern
=NAME_PATTERN
|--predefined-names
=[INSTANCE_NAME
,…]) (--region
=REGION
|--zone
=ZONE
) [--accelerator
=[count
=COUNT
],[type
=TYPE
]] [--no-address
] [--async
] [--no-boot-disk-auto-delete
] [--boot-disk-device-name
=BOOT_DISK_DEVICE_NAME
] [--boot-disk-interface
=BOOT_DISK_INTERFACE
] [--boot-disk-provisioned-iops
=BOOT_DISK_PROVISIONED_IOPS
] [--boot-disk-provisioned-throughput
=BOOT_DISK_PROVISIONED_THROUGHPUT
] [--boot-disk-size
=BOOT_DISK_SIZE
] [--boot-disk-type
=BOOT_DISK_TYPE
] [--can-ip-forward
] [--count
=COUNT
] [--create-disk
=[PROPERTY
=VALUE
,…]] [--description
=DESCRIPTION
] [--discard-local-ssds-at-termination-timestamp
=DISCARD_LOCAL_SSDS_AT_TERMINATION_TIMESTAMP
] [--disk
=[boot
=BOOT
],[device-name
=DEVICE-NAME
],[name
=NAME
],[scope
=SCOPE
]] [--[no-]enable-nested-virtualization
] [--[no-]enable-uefi-networking
] [--erase-windows-vss-signature
] [--instance-termination-action
=INSTANCE_TERMINATION_ACTION
] [--labels
=[KEY
=VALUE
,…]] [--local-ssd
=[device-name
=DEVICE-NAME
],[interface
=INTERFACE
],[size
=SIZE
]] [--local-ssd-recovery-timeout
=LOCAL_SSD_RECOVERY_TIMEOUT
] [--location-policy
=[ZONE
=POLICY
,…]] [--machine-type
=MACHINE_TYPE
] [--max-count-per-zone
=[ZONE
=MAX_COUNT_PER_ZONE
,…]] [--max-run-duration
=MAX_RUN_DURATION
] [--metadata
=KEY
=VALUE
,[KEY
=VALUE
,…]] [--metadata-from-file
=KEY
=LOCAL_FILE_PATH
,[…]] [--min-count
=MIN_COUNT
] [--min-cpu-platform
=PLATFORM
] [--min-node-cpu
=MIN_NODE_CPU
] [--network
=NETWORK
] [--network-interface
=[PROPERTY
=VALUE
,…]] [--network-performance-configs
=[PROPERTY
=VALUE
,…]] [--network-tier
=NETWORK_TIER
] [--performance-monitoring-unit
=PERFORMANCE_MONITORING_UNIT
] [--post-key-revocation-action-type
=POLICY
] [--preemptible
] [--provisioning-model
=PROVISIONING_MODEL
] [--resource-manager-tags
=[KEY
=VALUE
,…]] [--resource-policies
=[RESOURCE_POLICY
,…]] [--no-restart-on-failure
] [--shielded-integrity-monitoring
] [--shielded-secure-boot
] [--shielded-vtpm
] [--source-instance-template
=SOURCE_INSTANCE_TEMPLATE
] [--stack-type
=STACK_TYPE
] [--subnet
=SUBNET
] [--tags
=TAG
,[TAG
,…]] [--target-distribution-shape
=SHAPE
] [--termination-time
=TERMINATION_TIME
] [--threads-per-core
=THREADS_PER_CORE
] [--turbo-mode
=TURBO_MODE
] [--visible-core-count
=VISIBLE_CORE_COUNT
] [--boot-disk-kms-key
=BOOT_DISK_KMS_KEY
:--boot-disk-kms-keyring
=BOOT_DISK_KMS_KEYRING
--boot-disk-kms-location
=BOOT_DISK_KMS_LOCATION
--boot-disk-kms-project
=BOOT_DISK_KMS_PROJECT
] [--confidential-compute
|--confidential-compute-type
=CONFIDENTIAL_COMPUTE_TYPE
] [--custom-cpu
=CUSTOM_CPU
--custom-memory
=CUSTOM_MEMORY
:--custom-extensions
--custom-vm-type
=CUSTOM_VM_TYPE
] [--image-project
=IMAGE_PROJECT
--image
=IMAGE
|--image-family
=IMAGE_FAMILY
|--source-snapshot
=SOURCE_SNAPSHOT
] [--maintenance-policy
=MAINTENANCE_POLICY
|--on-host-maintenance
=MAINTENANCE_POLICY
] [--public-dns
|--no-public-dns
] [--reservation
=RESERVATION
--reservation-affinity
=RESERVATION_AFFINITY
; default="any"] [--scopes
=[SCOPE
,…] |--no-scopes
] [--service-account
=SERVICE_ACCOUNT
|--no-service-account
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
gcloud compute instances bulk create
facilitates the creation of multiple Compute Engine virtual machines with a single command. They offer a number of advantages compared to the single instance creation command. This includes the ability to automatically pick a zone in which to create instances based on resource availability, the ability to specify that the request be atomic or best-effort, and a faster rate of instance creation. - EXAMPLES
-
To create instances called 'example-instance-1', 'example-instance-2', and
'example-instance-3' in the 'us-central1-a' zone, run:
gcloud compute instances bulk create --predefined-names=example-instance-1,example-instance-2,example-instance-3 --zone=us-central1-a
- REQUIRED FLAGS
-
-
Exactly one of these must be specified:
--name-pattern
=NAME_PATTERN
-
Name pattern for generating instance names. Specify a pattern with a single
sequence of hash (#) characters that will be replaced with generated sequential
numbers of instances. E.g. name pattern of 'instance-###' will generate instance
names 'instance-001', 'instance-002', and so on, until the number of virtual
machines specified using
--count
is reached. If instances matching name pattern exist, the new instances will be assigned names to avoid clashing with the existing ones. E.g. if there existsinstance-123
, the new instances will start atinstance-124
and increment from there. --predefined-names
=[INSTANCE_NAME
,…]-
List of predefined names for the Compute Engine virtual machines being created.
If
--count
is specified alongside this flag, provided count must equal the amount of names provided to this flag. If--count
is not specified, the number of virtual machines created will equal the number of names provided.
-
Exactly one of these must be specified:
--region
=REGION
- Region in which to create the Compute Engine virtual machines. Compute Engine will select a zone in which to create all virtual machines.
--zone
=ZONE
-
Zone in which to create the Compute Engine virtual machines.
A list of zones can be fetched by running:
gcloud compute zones list
To unset the property, run:
gcloud config unset compute/zone
Alternatively, the zone can be stored in the environment variable CLOUDSDK_COMPUTE_ZONE.
-
Exactly one of these must be specified:
- OPTIONAL FLAGS
-
--accelerator
=[count
=COUNT
],[type
=TYPE
]-
Attaches accelerators (e.g. GPUs) to the instances.
type
- The specific type (e.g. nvidia-tesla-t4 for NVIDIA T4) of accelerator to attach to the instances. Use 'gcloud compute accelerator-types list' to learn about all available accelerator types.
count
- Number of accelerators to attach to each instance. The default value is 1.
--no-address
- If provided, the instances are not assigned external IP addresses. To pull container images, you must configure private Google access if using Container Registry or configure Cloud NAT for instances to access container images directly. For more information, see:
--async
- Return immediately, without waiting for the operation in progress to complete.
--boot-disk-auto-delete
-
Automatically delete boot disks when their instances are deleted. Enabled by
default, use
--no-boot-disk-auto-delete
to disable. --boot-disk-device-name
=BOOT_DISK_DEVICE_NAME
- The name the guest operating system will see for the boot disk. This option can only be specified if a new boot disk is being created (as opposed to mounting an existing persistent disk).
--boot-disk-interface
=BOOT_DISK_INTERFACE
-
Indicates the interface to use for the boot disk. The value must be one of the
following:
- SCSI
- NVME
--boot-disk-provisioned-iops
=BOOT_DISK_PROVISIONED_IOPS
- Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000.
--boot-disk-provisioned-throughput
=BOOT_DISK_PROVISIONED_THROUGHPUT
- Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle.
--boot-disk-size
=BOOT_DISK_SIZE
-
The size of the boot disk. This option can only be specified if a new boot disk
is being created (as opposed to mounting an existing persistent disk). The value
must be a whole number followed by a size unit of
for kilobyte,KB
for megabyte,MB
for gigabyte, orGB
for terabyte. For example,TB
will produce a 10 gigabyte disk. Disk size must be a multiple of 1 GB. Default size unit is10GB
.GB
--boot-disk-type
=BOOT_DISK_TYPE
-
The type of the boot disk. This option can only be specified if a new boot disk
is being created (as opposed to mounting an existing persistent disk). To get a
list of available disk types, run
$ gcloud compute disk-types list
. --can-ip-forward
- If provided, allows the instances to send and receive packets with non-matching destination or source IP addresses.
--count
=COUNT
-
Number of Compute Engine virtual machines to create. If specified, and
--predefined-names
is specified, count must equal the amount of names provided to--predefined-names
. If not specified, the number of virtual machines created will equal the number of names provided to--predefined-names
. --create-disk
=[PROPERTY
=VALUE
,…]-
Creates and attaches persistent disks to the instances.
name
- Specifies the name of the disk. This option cannot be specified if more than one instance is being created.
description
- Optional textual description for the disk being created.
mode
-
Specifies the mode of the disk. Supported options are
for read-only andro
for read-write. If omitted,rw
is used as a default.rw
image
-
Specifies the name of the image that the disk will be initialized with. A new
disk will be created based on the given image. To view a list of public images
and projects, run
$ gcloud compute images list
. It is best practice to use image when a specific version of an image is needed. If both image and image-family flags are omitted a blank disk will be created. image-family
- The image family for the operating system that the boot disk will be initialized with. Compute Engine offers multiple Linux distributions, some of which are available as both regular and Shielded VM images. When a family is specified instead of an image, the latest non-deprecated image associated with that family is used. It is best practice to use --image-family when the latest version of an image is needed.
image-project
-
The Google Cloud project against which all image and image family references
will be resolved. It is best practice to define image-project. A full list of
available image projects can be generated by running
gcloud compute images list
.- If specifying one of our public images, image-project must be provided.
- If there are several of the same image-family value in multiple projects, image-project must be specified to clarify the image to be used.
- If not specified and either image or image-family is provided, the current default project is used.
size
-
The size of the disk. The value must be a whole number followed by a size unit
of
for kilobyte,KB
for megabyte,MB
for gigabyte, orGB
for terabyte. For example,TB
will produce a 10 gigabyte disk. Disk size must be a multiple of 1 GB. If not specified, the default image size will be used for the new disk.10GB
type
-
The type of the disk. To get a list of available disk types, run $ gcloud compute disk-types
list. The default disk type is
.pd-standard
device-name
-
An optional name to display the disk name in the guest operating system. If
omitted, a device name of the form
persistent-disk-N
is used. provisioned-iops
- Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Value must be between 10,000 and 120,000.
provisioned-throughput
- Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle.
disk-resource-policy
-
Resource policy to apply to the disk. Specify a full or partial URL. For
example:
-
https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1/resourcePolicies/my-resource-policy
-
projects/my-project/regions/us-central1/resourcePolicies/my-resource-policy
For more information, see the following docs:
-
auto-delete
-
If
, this persistent disk will be automatically deleted when the instance is deleted. However, if the disk is later detached from the instance, this option won't apply. The default value for this isyes
.yes
architecture
- Specifies the architecture or processor type that this disk can support. For available processor types on Compute Engine, see https://cloud.google.com/compute/docs/cpu-platforms.
storage-pool
- The name of the storage pool in which the new disk is created. The new disk and the storage pool must be in the same location.
interface
-
The interface to use with the disk. The value must be one of the following:
- SCSI
- NVME
boot
-
If
, indicates that this is a boot disk. The instance will use the first partition of the disk for its root file system. The default value for this isyes
.no
kms-key
-
Fully qualified Cloud KMS cryptokey name that will protect the disk.
This can either be the fully qualified path or the name.
The fully qualified Cloud KMS cryptokey name format is:
.projects/<kms-project>/locations/<kms-location>/keyRings/<kms-keyring>/ cryptoKeys/<key-name>
If the value is not fully qualified then kms-location, kms-keyring, and optionally kms-project are required.
See https://cloud.google.com/compute/docs/disks/customer-managed-encryption for more details.
kms-project
-
Project that contains the Cloud KMS cryptokey that will protect the disk.
If the project is not specified then the project where the disk is being created will be used.
If this flag is set then key-location, kms-keyring, and kms-key are required.
See https://cloud.google.com/compute/docs/disks/customer-managed-encryption for more details.
kms-location
-
Location of the Cloud KMS cryptokey to be used for protecting the disk.
All Cloud KMS cryptokeys are reside in a 'location'. To get a list of possible locations run 'gcloud kms locations list'. If this flag is set then kms-keyring and kms-key are required. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption for more details.
kms-keyring
-
The keyring which contains the Cloud KMS cryptokey that will protect the disk.
If this flag is set then kms-location and kms-key are required.
See https://cloud.google.com/compute/docs/disks/customer-managed-encryption for more details.
source-snapshot
- The source disk snapshot that will be used to create the disk. You can provide this as a full URL to the snapshot or just the snapshot name. For example, the following are valid values:
image-csek-required
-
Specifies the name of the CSK protected image that the disk will be initialized
with. A new disk will be created based on the given image. To view a list of
public images and projects, run
$ gcloud compute images list
. It is best practice to use image when a specific version of an image is needed. If both image and image-family flags are omitted a blank disk will be created. Must be specified withimage-csek-key-file
. image-csek-key-file
-
Path to a Customer-Supplied Encryption Key (CSEK) key file for the image. Must
be specified with
image-csek-required
. replica-zones
- Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone.
--description
=DESCRIPTION
- Specifies a textual description of the instances.
--discard-local-ssds-at-termination-timestamp
=DISCARD_LOCAL_SSDS_AT_TERMINATION_TIMESTAMP
-
Required to be set to
true
and only allowed for VMs that have one or more local SSDs, use --instance-termination-action=STOP, and use either --max-run-duration or --termination-time.This flag indicates the value that you want Compute Engine to use for the
--discard-local-ssd
flag in the automaticgcloud compute instances stop
command. This flag only supports thetrue
value, which discards local SSD data when automatically stopping this VM during itsterminationTimestamp
.For more information about the
--discard-local-ssd
flag, see https://cloud.google.com/compute/docs/disks/local-ssd#stop_instance. --disk
=[boot
=BOOT
],[device-name
=DEVICE-NAME
],[name
=NAME
],[scope
=SCOPE
]-
Attaches persistent disks to the instances. The disks specified must already
exist.
name
- The disk to attach to the instances.
boot
-
If
, indicates that this is a boot disk. The virtual machines will use the first partition of the disk for their root file systems. The default value for this isyes
.no
device-name
-
An optional name to display the disk name in the guest operating system. If
omitted, a device name of the form
persistent-disk-N
is used. scope
-
Can be
zonal
orregional
. If
, the disk is interpreted as a zonal disk in the same zone as the instance (default). Ifzonal
, the disk is interpreted as a regional disk in the same region as the instance. The default value for this isregional
.zonal
--[no-]enable-nested-virtualization
-
If set to true, enables nested virtualization for the instance. Use
--enable-nested-virtualization
to enable and--no-enable-nested-virtualization
to disable. --[no-]enable-uefi-networking
-
If set to true, enables UEFI networking for the instance creation. Use
--enable-uefi-networking
to enable and--no-enable-uefi-networking
to disable. --erase-windows-vss-signature
- Specifies whether the disk restored from source snapshots or source machine image should erase Windows specific VSS signature. See https://cloud.google.com/sdk/gcloud/reference/compute/disks/snapshot#--guest-flush
--instance-termination-action
=INSTANCE_TERMINATION_ACTION
-
Specifies the termination action that will be taken upon VM preemption
(--provisioning-model=SPOT) or automatic instance termination
(--max-run-duration or --termination-time).
INSTANCE_TERMINATION_ACTION
must be one of:DELETE
- Permanently delete the VM.
STOP
- Default only for Spot VMs. Stop the VM without preserving memory. The VM can be restarted later.
--labels
=[KEY
=VALUE
,…]-
List of label KEY=VALUE pairs to add.
Keys must start with a lowercase character and contain only hyphens (
-
), underscores (_
), lowercase characters, and numbers. Values must contain only hyphens (-
), underscores (_
), lowercase characters, and numbers. --local-ssd
=[device-name
=DEVICE-NAME
],[interface
=INTERFACE
],[size
=SIZE
]-
Attaches a local SSD to the instances.
device-name
-
Optional. A name that indicates the disk name the guest operating system will
see. Can only be specified if
interface
isSCSI
. If omitted, a device name of the form
will be used.local-ssd-N
interface
-
Optional. The kind of disk interface exposed to the VM for this SSD. Valid
values are
andSCSI
. SCSI is the default and is supported by more guest operating systems. NVME might provide higher performance.NVME
size
-
Optional. The only valid value is
. Specify the375GB
flag multiple times if you need multiple--local-ssd
local SSD partitions. You can specify a maximum of 24 local SSDs for a maximum of375GB
attached to an instance.9TB
--local-ssd-recovery-timeout
=LOCAL_SSD_RECOVERY_TIMEOUT
- Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour.
--location-policy
=[ZONE
=POLICY
,…]-
Policy for which zones to include or exclude during bulk instance creation
within a region. Policy is defined as a list of key-value pairs, with the key
being the zone name, and value being the applied policy. Available policies are
allow
anddeny
. Default for zones if left unspecified isallow
.Example:
gcloud compute instances bulk create --name-pattern=example-### --count=5 --region=us-east1 --location-policy=us-east1-b=allow,us-east1-c=deny
--machine-type
=MACHINE_TYPE
- Specifies the machine type used for the instances. To get a list of available machine types, run 'gcloud compute machine-types list'. If unspecified, the default type is n1-standard-1.
--max-count-per-zone
=[ZONE
=MAX_COUNT_PER_ZONE
,…]-
Maximum number of instances per zone specified as key-value pairs. The zone name
is the key and the max count per zone is the value in that zone.
Example:
gcloud compute instances bulk create --name-pattern=example-### --count=5 --region=us-east1 --max-count-per-zone=us-east1-b=2,us-east-1-c=1
--max-run-duration
=MAX_RUN_DURATION
-
Limits how long this VM instance can run, specified as a duration relative to
the last time when the VM began running. Format the duration, MAX_RUN_DURATION,
as the number of days, hours, minutes, and seconds followed by d, h, m, and s
respectively. For example, specify
30m
for a duration of 30 minutes or specify1d2h3m4s
for a duration of 1 day, 2 hours, 3 minutes, and 4 seconds. Alternatively, to specify a timestamp, use --termination-time instead.If neither --max-run-duration nor --termination-time is specified (default), the VM instance runs until prompted by a user action or system event. If either is specified, the VM instance is scheduled to be automatically terminated at the VM's termination timestamp (
terminationTimestamp
) using the action specified by --instance-termination-action.Note: The
terminationTimestamp
is removed whenever the VM is stopped or suspended and redefined whenever the VM is rerun. For --max-run-duration specifically, theterminationTimestamp
is the sum of MAX_RUN_DURATION and the time when the VM last entered theRUNNING
state, which changes whenever the VM is rerun. --metadata
=KEY
=VALUE
,[KEY
=VALUE
,…]-
Metadata to be made available to the guest operating system running on the
instances. Each metadata entry is a key/value pair separated by an equals sign.
Each metadata key must be unique and have a max of 128 bytes in length. Each
value must have a max of 256 KB in length. Multiple arguments can be passed to
this flag, e.g.,
. The combined total size for all metadata entries is 512 KB.--metadata key-1=value-1,key-2=value-2,key-3=value-3
In images that have Compute Engine tools installed on them, such as the official images, the following metadata keys have special meanings:
startup-script
-
Specifies a script that will be executed by the instances once they start
running. For convenience,
can be used to pull the value from a file.--metadata-from-file
startup-script-url
-
Same as
except that the script contents are pulled from a publicly-accessible location on the web. For startup scripts on Windows instances, the following metadata keys have special meanings:startup-script
,windows-startup-script-url
,windows-startup-script-cmd
,windows-startup-script-bat
,windows-startup-script-ps1
,sysprep-specialize-script-url
,sysprep-specialize-script-cmd
, andsysprep-specialize-script-bat
. For more information, see Running startup scripts.sysprep-specialize-script-ps1
--metadata-from-file
=KEY
=LOCAL_FILE_PATH
,[…]-
Same as
except that the value for the entry will be read from a local file. This is useful for values that are too large such as--metadata
contents.startup-script
--min-count
=MIN_COUNT
-
The minimum number of Compute Engine virtual machines that must be successfully
created for the operation to be considered a success. If the operation
successfully creates as many virtual machines as specified here they will be
persisted, otherwise the operation rolls back and deletes all created virtual
machines. If not specified, this value is equal to
--count
. --min-cpu-platform
=PLATFORM
-
When specified, the VM will be scheduled on host with specified CPU architecture
or a newer one. To list available CPU platforms in given zone, run:
gcloud compute zones describe ZONE --format="value(availableCpuPlatforms)"
Default setting is "AUTOMATIC".
CPU platform selection is available only in selected zones.
You can find more information on-line: https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform
--min-node-cpu
=MIN_NODE_CPU
- Minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
--network
=NETWORK
-
Specifies the network that the VM instances are a part of. If
--subnet
is also specified, subnet must be a subnetwork of the network specified by this--network
flag. If neither is specified, the default network is used. --network-interface
=[PROPERTY
=VALUE
,…]-
Adds a network interface to the instance. Mutually exclusive with any of these
flags:
--network
,--network-tier
,--no-address
,--subnet
,--stack-type
. This flag can be repeated to specify multiple network interfaces.network
- Specifies the network that the interface will be part of. If subnet is also specified it must be subnetwork of this network. If neither is specified, this defaults to the "default" network.
network-tier
-
Specifies the network tier of the interface.
must be one of:NETWORK_TIER
PREMIUM
,STANDARD
. The default value isPREMIUM
. subnet
- Specifies the subnet that the interface will be part of. If network key is also specified this must be a subnetwork of the specified network.
nic-type
-
Specifies the Network Interface Controller (NIC) type for the interface.
must be one of:NIC_TYPE
GVNIC
,VIRTIO_NET
. no-address
- If specified the interface will have no external IP. If not specified instances will get ephemeral IPs.
queue-count
- Specifies the networking queue count for this interface. Both Rx and Tx queues will be set to this number. If it's not specified, a default queue count will be assigned. See https://cloud.google.com/compute/docs/network-bandwidth#rx-tx for more details.
stack-type
-
Specifies whether IPv6 is enabled on the interface.
must be one of:STACK_TYPE
IPV4_ONLY
,IPV4_IPV6
,IPV6_ONLY
. The default value isIPV4_ONLY
.
--network-performance-configs
=[PROPERTY
=VALUE
,…]-
Configures network performance settings for the instance. If this flag is not
specified, the instance will be created with its default network performance
configuration.
total-egress-bandwidth-tier
- Total egress bandwidth is the available outbound bandwidth from a VM, regardless of whether the traffic is going to internal IP or external IP destinations. The following tier values are allowed: [DEFAULT,TIER_1]
--network-tier
=NETWORK_TIER
-
Specifies the network tier that will be used to configure the instance.
must be one of:NETWORK_TIER
PREMIUM
,STANDARD
. The default value isPREMIUM
. --performance-monitoring-unit
=PERFORMANCE_MONITORING_UNIT
-
The type of performance monitoring counters (PMCs) to enable in the instance.
PERFORMANCE_MONITORING_UNIT
must be one of:architectural
- This enables architecturally defined non-last level cache (LLC) events.
enhanced
- This enables most documented core/L2 and LLC events.
standard
- This enables most documented core/L2 events.
--post-key-revocation-action-type
=POLICY
-
Specifies the behavior of the instance when the KMS key of one of its attached
disks is revoked. The default is noop.
POLICY
must be one of:noop
- No operation is performed.
shutdown
- The instance is shut down when the KMS key of one of its attached disks is revoked.
--preemptible
- If provided, instances will be preemptible and time-limited. Instances might be preempted to free up resources for standard VM instances, and will only be able to run for a limited amount of time. Preemptible instances can not be restarted and will not migrate.
--provisioning-model
=PROVISIONING_MODEL
-
Specifies provisioning model, which determines price, obtainability, and runtime
for the VM instance.
PROVISIONING_MODEL
must be one of:SPOT
- Spot VMs are spare capacity; Spot VMs are discounted to have much lower prices than standard VMs but have no guaranteed runtime. Spot VMs are the new version of preemptible VM instances, except Spot VMs do not have a 24-hour maximum runtime.
STANDARD
- Default. Standard provisioning model for VM instances, which has user-controlled runtime but no Spot discounts.
- Specifies a list of resource manager tags to apply to the instance.
--resource-policies
=[RESOURCE_POLICY
,…]- A list of resource policy names to be added to the instance. The policies must exist in the same region as the instance.
--restart-on-failure
-
The instances will be restarted if they are terminated by Compute Engine. This
does not affect terminations performed by the user. Enabled by default, use
--no-restart-on-failure
to disable. --shielded-integrity-monitoring
-
Enables monitoring and attestation of the boot integrity of the instance. The
attestation is performed against the integrity policy baseline. This baseline is
initially derived from the implicitly trusted boot image when the instance is
created. This baseline can be updated by using
gcloud compute instances update --shielded-learn-integrity-policy
. On Shielded VM instances, integrity monitoring is enabled by default. For information about how to modify Shielded VM options, see https://cloud.google.com/compute/docs/instances/modifying-shielded-vm. For information about monitoring integrity on Shielded VM instances, see https://cloud.google.com/compute/docs/instances/integrity-monitoring." --shielded-secure-boot
- The instance boots with secure boot enabled. On Shielded VM instances, Secure Boot is not enabled by default. For information about how to modify Shielded VM options, see https://cloud.google.com/compute/docs/instances/modifying-shielded-vm.
--shielded-vtpm
- The instance boots with the TPM (Trusted Platform Module) enabled. A TPM is a hardware module that can be used for different security operations such as remote attestation, encryption, and sealing of keys. On Shielded VM instances, vTPM is enabled by default. For information about how to modify Shielded VM options, see https://cloud.google.com/compute/docs/instances/modifying-shielded-vm.
--source-instance-template
=SOURCE_INSTANCE_TEMPLATE
- The name of the instance template that the instance will be created from. Users can override fields by specifying other flags.
--stack-type
=STACK_TYPE
-
Specifies whether IPv6 is enabled on the default network interface. If not
specified, IPV4_ONLY will be used.
STACK_TYPE
must be one of:IPV4_IPV6
- The network interface can have both IPv4 and IPv6 addresses
IPV4_ONLY
- The network interface will be assigned IPv4 addresses
IPV6_ONLY
- The network interface will be assigned IPv6 addresses
--subnet
=SUBNET
-
Specifies the subnet that the VM instances are a part of. If
--network
is also specified, subnet must be a subnetwork of the network specified by the--network
flag. -
Specifies a list of tags to apply to the instance. These tags allow network
firewall rules and routes to be applied to specified VM instances. See
gcloud compute firewall-rules create
(1) for more details.To read more about configuring network tags, read this guide: https://cloud.google.com/vpc/docs/add-remove-network-tags
To list instances with their respective status and tags, run:
gcloud compute instances list --format='table(name,status,tags.list())'
To list instances tagged with a specific tag,
tag1
, run:gcloud compute instances list --filter='tags:tag1'
--target-distribution-shape
=SHAPE
-
Specifies whether and how to distribute VMs across multiple zones in a region or
to enforce placement of VMs in a single zone. The default shape is
ANY_SINGLE_ZONE
.SHAPE
must be one of:ANY
- Allows creating VMs in multiple zones if one zone cannot accommodate all the requested VMs. The resulting distribution shapes can vary.
ANY_SINGLE_ZONE
- Enforces VM placement in one allowed zone. Use this to avoid cross-zone network egress or to reduce network latency. This is the default value.
BALANCED
- Allows distribution of VMs in zones where resources are available while distributing VMs as evenly as possible across selected zones to minimize the impact of zonal failures. Recommended for highly available serving or batch workloads.
--termination-time
=TERMINATION_TIME
-
Limits how long this VM instance can run, specified as a time. Format the time,
TERMINATION_TIME, as a RFC 3339 timestamp. For more information, see https://tools.ietf.org/html/rfc3339.
Alternatively, to specify a duration, use --max-run-duration instead.
If neither --termination-time nor --max-run-duration is specified (default), the VM instance runs until prompted by a user action or system event. If either is specified, the VM instance is scheduled to be automatically terminated at the VM's termination timestamp (
terminationTimestamp
) using the action specified by --instance-termination-action.Note: The
terminationTimestamp
is removed whenever the VM is stopped or suspended and redefined whenever the VM is rerun. For --termination-time specifically, theterminationTimestamp
remains the same whenever the VM is rerun, but any requests to rerun the VM fail if the specified timestamp is in the past. --threads-per-core
=THREADS_PER_CORE
-
The number of visible threads per physical core. To disable simultaneous
multithreading (SMT) set this to 1. Valid values are: 1 or 2.
For more information about configuring SMT, see: https://cloud.google.com/compute/docs/instances/configuring-simultaneous-multithreading.
--turbo-mode
=TURBO_MODE
-
Turbo mode to use for the instance. Supported modes include:
- ALL_CORE_MAX
To achieve all-core-turbo frequency for more consistent CPU performance, set the field to ALL_CORE_MAX. The field is unset by default, which results in maximum performance single-core boosting.
--visible-core-count
=VISIBLE_CORE_COUNT
- The number of physical cores to expose to the instance's guest operating system. The number of virtual CPUs visible to the instance's guest operating system is this number of cores multiplied by the instance's count of visible threads per physical core.
-
Key resource - The Cloud KMS (Key Management Service) cryptokey that will be
used to protect the disk. The 'Compute Engine Service Agent' service account
must hold permission 'Cloud KMS CryptoKey Encrypter/Decrypter'. The arguments in
this group can be used to specify the attributes of this resource.
--boot-disk-kms-key
=BOOT_DISK_KMS_KEY
-
ID of the key or fully qualified identifier for the key.
To set the
kms-key
attribute:-
provide the argument
--boot-disk-kms-key
on the command line.
This flag argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--boot-disk-kms-keyring
=BOOT_DISK_KMS_KEYRING
-
The KMS keyring of the key.
To set the
kms-keyring
attribute:-
provide the argument
--boot-disk-kms-key
on the command line with a fully specified name; -
provide the argument
--boot-disk-kms-keyring
on the command line.
-
provide the argument
--boot-disk-kms-location
=BOOT_DISK_KMS_LOCATION
-
The Google Cloud location for the key.
To set the
kms-location
attribute:-
provide the argument
--boot-disk-kms-key
on the command line with a fully specified name; -
provide the argument
--boot-disk-kms-location
on the command line.
-
provide the argument
--boot-disk-kms-project
=BOOT_DISK_KMS_PROJECT
-
The Google Cloud project for the key.
To set the
kms-project
attribute:-
provide the argument
--boot-disk-kms-key
on the command line with a fully specified name; -
provide the argument
--boot-disk-kms-project
on the command line; -
set the property
core/project
.
-
provide the argument
-
At most one of these can be specified:
--confidential-compute
-
(DEPRECATED) The instance boots with Confidential Computing enabled.
Confidential Computing is based on Secure Encrypted Virtualization (SEV), an AMD
virtualization feature for running confidential instances.
The --confidential-compute flag will soon be deprecated. Please use
--confidential-compute-type=SEV
instead --confidential-compute-type
=CONFIDENTIAL_COMPUTE_TYPE
-
The instance boots with Confidential Computing enabled. Confidential Computing
can be based on Secure Encrypted Virtualization (SEV) or Secure Encrypted
Virtualization - Secure Nested Paging (SEV-SNP), both of which are AMD
virtualization features for running confidential instances. Trust Domain
eXtension based on Intel virtualization features for running confidential
instances is also supported.
CONFIDENTIAL_COMPUTE_TYPE
must be one of:SEV
- Secure Encrypted Virtualization
SEV_SNP
- Secure Encrypted Virtualization - Secure Nested Paging
TDX
- Trust Domain eXtension
-
Custom machine type extensions.
--custom-cpu
=CUSTOM_CPU
-
A whole number value specifying the number of cores that are needed in the
custom machine type.
For some machine types, shared-core values can also be used. For example, for E2 machine types, you can specify
micro
,small
, ormedium
.This flag argument must be specified if any of the other arguments in this group are specified.
--custom-memory
=CUSTOM_MEMORY
-
A whole number value indicating how much memory is desired in the custom machine
type. A size unit should be provided (eg. 3072MB or 9GB) - if no units are
specified, GB is assumed.
This flag argument must be specified if any of the other arguments in this group are specified.
--custom-extensions
- Use the extended custom machine type.
--custom-vm-type
=CUSTOM_VM_TYPE
-
Specifies a custom machine type. The default is
n1
. For more information about custom machine types, see: https://cloud.google.com/compute/docs/general-purpose-machines#custom_machine_types
--image-project
=IMAGE_PROJECT
-
The Google Cloud project against which all image and image family references
will be resolved. It is best practice to define image-project. A full list of
available projects can be generated by running
gcloud projects list
.- If specifying one of our public images, image-project must be provided.
- If there are several of the same image-family value in multiple projects, image-project must be specified to clarify the image to be used.
- If not specified and either image or image-family is provided, the current default project is used.
-
At most one of these can be specified:
--image
=IMAGE
-
Specifies the boot image for the instances. For each instance, a new boot disk
will be created from the given image. Each boot disk will have the same name as
the instance. To view a list of public images and projects, run
$ gcloud compute images list
. It is best practice to use--image
when a specific version of an image is needed.When using this option,
and--boot-disk-device-name
can be used to override the boot disk's device name and size, respectively.--boot-disk-size
--image-family
=IMAGE_FAMILY
-
The image family for the operating system that the boot disk will be initialized
with. Compute Engine offers multiple Linux distributions, some of which are
available as both regular and Shielded VM images. When a family is specified
instead of an image, the latest non-deprecated image associated with that family
is used. It is best practice to use
--image-family
when the latest version of an image is needed.By default,
is assumed for this flag.debian-12
--source-snapshot
=SOURCE_SNAPSHOT
- The name of the source disk snapshot that the instance boot disk will be created from. You can provide this as a full URL to the snapshot or just the snapshot name. For example, the following are valid values:
-
Maintenance Behavior.
At most one of these can be specified:
--maintenance-policy
=MAINTENANCE_POLICY
-
(DEPRECATED) Specifies the behavior of the VMs when their host machines undergo
maintenance. The default is MIGRATE. For more information, see https://cloud.google.com/compute/docs/instances/host-maintenance-options.
The --maintenance-policy flag is now deprecated. Please use
--on-host-maintenance
instead.MAINTENANCE_POLICY
must be one of:MIGRATE
- The instances should be migrated to a new host. This will temporarily impact the performance of instances during a migration event.
TERMINATE
- The instances should be terminated.
--on-host-maintenance
=MAINTENANCE_POLICY
-
Specifies the behavior of the VMs when their host machines undergo maintenance.
The default is MIGRATE. For more information, see https://cloud.google.com/compute/docs/instances/host-maintenance-options.
MAINTENANCE_POLICY
must be one of:MIGRATE
- The instances should be migrated to a new host. This will temporarily impact the performance of instances during a migration event.
TERMINATE
- The instances should be terminated.
-
At most one of these can be specified:
--public-dns
- Assigns a public DNS name to the instance.
--no-public-dns
- If provided, the instance will not be assigned a public DNS name.
-
Specifies the reservation for the instance.
--reservation
=RESERVATION
-
The name of the reservation, required when
--reservation-affinity=specific
. --reservation-affinity
=RESERVATION_AFFINITY
; default="any"-
The type of reservation for the instance.
RESERVATION_AFFINITY
must be one of:any
- Consume any available, matching reservation.
none
- Do not consume from any reserved capacity.
specific
- Must consume from a specific reservation.
-
At most one of these can be specified:
--scopes
=[SCOPE
,…]-
If not provided, the instance will be assigned the default scopes, described
below. However, if neither
--scopes
nor--no-scopes
are specified and the project has no default service account, then the instance will be created with no scopes. Note that the level of access that a service account has is determined by a combination of access scopes and IAM roles so you must configure both access scopes and IAM roles for the service account to work properly.SCOPE can be either the full URI of the scope or an alias.
Default
scopes are assigned to all instances. Available aliases are:Alias URI bigquery https://www.googleapis.com/auth/bigquery cloud-platform https://www.googleapis.com/auth/cloud-platform cloud-source-repos https://www.googleapis.com/auth/source.full_control cloud-source-repos-ro https://www.googleapis.com/auth/source.read_only compute-ro https://www.googleapis.com/auth/compute.readonly compute-rw https://www.googleapis.com/auth/compute datastore https://www.googleapis.com/auth/datastore default https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/logging.write https://www.googleapis.com/auth/monitoring.write https://www.googleapis.com/auth/pubsub https://www.googleapis.com/auth/service.management.readonly https://www.googleapis.com/auth/servicecontrol https://www.googleapis.com/auth/trace.append gke-default https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/logging.write https://www.googleapis.com/auth/monitoring https://www.googleapis.com/auth/service.management.readonly https://www.googleapis.com/auth/servicecontrol https://www.googleapis.com/auth/trace.append logging-write https://www.googleapis.com/auth/logging.write monitoring https://www.googleapis.com/auth/monitoring monitoring-read https://www.googleapis.com/auth/monitoring.read monitoring-write https://www.googleapis.com/auth/monitoring.write pubsub https://www.googleapis.com/auth/pubsub service-control https://www.googleapis.com/auth/servicecontrol service-management https://www.googleapis.com/auth/service.management.readonly sql (deprecated) https://www.googleapis.com/auth/sqlservice sql-admin https://www.googleapis.com/auth/sqlservice.admin storage-full https://www.googleapis.com/auth/devstorage.full_control storage-ro https://www.googleapis.com/auth/devstorage.read_only storage-rw https://www.googleapis.com/auth/devstorage.read_write taskqueue https://www.googleapis.com/auth/taskqueue trace https://www.googleapis.com/auth/trace.append userinfo-email https://www.googleapis.com/auth/userinfo.email sql
alias do not provide SQL instance management capabilities and have been deprecated. Please, use https://www.googleapis.com/auth/sqlservice.admin orsql-admin
to manage your Google SQL Service instances. --no-scopes
- Create instance without scopes
-
At most one of these can be specified:
--service-account
=SERVICE_ACCOUNT
-
A service account is an identity attached to the instance. Its access tokens can
be accessed through the instance metadata server and are used to authenticate
applications on the instance. The account can be set using an email address
corresponding to the required service account.
If not provided, the instance will use the project's default service account.
--no-service-account
- Create instance without service account
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
These variants are also available:
gcloud alpha compute instances bulk create
gcloud beta compute instances bulk create
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-12 UTC.