Compute Engine

VM Management & Configuration

Compute Engine: VM Management & Configuration Google Cloud Compute Engine provides scalable virtual machines running in Google's data centers. VMs are called in…

Compute Engine: VM Management & Configuration

Google Cloud Compute Engine provides scalable virtual machines running in Google's data centers. VMs are called instances. You pick the machine type (CPU + RAM), boot disk OS, region, and zone.

Creating Instances

# Create a basic instance
gcloud compute instances create my-vm   --zone=us-central1-a   --machine-type=e2-medium   --image-family=debian-12   --image-project=debian-cloud   --boot-disk-size=20GB

# With startup script
gcloud compute instances create my-vm   --zone=us-central1-a   --machine-type=e2-medium   --image-family=ubuntu-2204-lts   --image-project=ubuntu-os-cloud   --metadata-from-file startup-script=startup.sh

# From a custom image
gcloud compute instances create my-vm   --image=my-custom-image   --image-project=my-project

# List instances
gcloud compute instances list
gcloud compute instances list --filter="zone:us-central1-a"

# Describe instance
gcloud compute instances describe my-vm --zone=us-central1-a

Machine Types

General-purpose (cost-effective):
  e2-micro       — 0.25 vCPU, 1 GB RAM (free tier eligible)
  e2-small       — 0.5 vCPU, 2 GB RAM
  e2-medium      — 1 vCPU, 4 GB RAM
  e2-standard-2  — 2 vCPU, 8 GB RAM
  e2-standard-4  — 4 vCPU, 16 GB RAM
  e2-standard-8  — 8 vCPU, 32 GB RAM

Compute-optimized:
  c2-standard-4  — 4 vCPU, 16 GB RAM (high freq, good for compute)
  c2-standard-8  — 8 vCPU, 32 GB RAM

Memory-optimized:
  m1-megamem-96  — 96 vCPU, 1.4 TB RAM

Custom machine types:
  e2-custom-4-8192   — 4 vCPU, 8 GB RAM (specify exactly what you need)

Spot VMs:
  --provisioning-model=SPOT    — up to 91% cheaper, can be preempted
  --instance-termination-action=STOP  (or DELETE)
  Good for: batch jobs, fault-tolerant workloads

SSH & Instance Management

# SSH into instance
gcloud compute ssh my-vm --zone=us-central1-a
gcloud compute ssh my-vm --zone=us-central1-a -- -L 8080:localhost:8080  # with port forward

# Copy files
gcloud compute scp local-file.txt my-vm:/home/user/ --zone=us-central1-a
gcloud compute scp my-vm:/remote/file.txt ./local/ --zone=us-central1-a

# Start/stop/reset
gcloud compute instances start my-vm --zone=us-central1-a
gcloud compute instances stop my-vm --zone=us-central1-a
gcloud compute instances reset my-vm --zone=us-central1-a   # hard reset

# Delete instance
gcloud compute instances delete my-vm --zone=us-central1-a

# Update machine type (must stop first)
gcloud compute instances stop my-vm --zone=us-central1-a
gcloud compute instances set-machine-type my-vm   --machine-type=e2-standard-4 --zone=us-central1-a
gcloud compute instances start my-vm --zone=us-central1-a

# Run command on instance
gcloud compute ssh my-vm --zone=us-central1-a --command="sudo apt-get update"

Instance Groups & Autoscaling

# Create instance template
gcloud compute instance-templates create web-template   --machine-type=e2-medium   --image-family=debian-12   --image-project=debian-cloud   --metadata-from-file startup-script=startup.sh   --tags=http-server

# Create managed instance group
gcloud compute instance-groups managed create web-group   --base-instance-name=web   --template=web-template   --size=2   --zone=us-central1-a

# Set autoscaling
gcloud compute instance-groups managed set-autoscaling web-group   --zone=us-central1-a   --min-num-replicas=2   --max-num-replicas=10   --target-cpu-utilization=0.6   --cool-down-period=90

Compute Engine

Networking, Storage & Cost Optimization

Compute Engine: Networking, Storage & Cost Optimization Firewall Rules # Allow HTTP/HTTPS traffic to instances with tag http-server gcloud compute firewall-rule…

Compute Engine: Networking, Storage & Cost Optimization

Firewall Rules

# Allow HTTP/HTTPS traffic to instances with tag http-server
gcloud compute firewall-rules create allow-http   --allow=tcp:80,tcp:443   --target-tags=http-server   --direction=INGRESS   --priority=1000

# Allow SSH from specific IP range
gcloud compute firewall-rules create allow-ssh-office   --allow=tcp:22   --source-ranges=203.0.113.0/24   --direction=INGRESS

# Allow internal traffic within VPC
gcloud compute firewall-rules create allow-internal   --allow=tcp:0-65535,udp:0-65535,icmp   --source-ranges=10.128.0.0/9  # default VPC range

# List firewall rules
gcloud compute firewall-rules list

# Add tag to instance (to match firewall rules)
gcloud compute instances add-tags my-vm   --tags=http-server --zone=us-central1-a

Persistent Disks

# Create disk
gcloud compute disks create my-disk   --size=100GB   --type=pd-ssd   --zone=us-central1-a
# Disk types: pd-standard, pd-ssd, pd-balanced, pd-extreme

# Attach disk to instance
gcloud compute instances attach-disk my-vm   --disk=my-disk   --zone=us-central1-a

# After attaching: format and mount inside VM
sudo mkfs.ext4 -m 0 -E lazy_itable_init=0 /dev/sdb
sudo mkdir -p /mnt/data
sudo mount -o discard,defaults /dev/sdb /mnt/data
# Add to /etc/fstab for persistence

# Detach disk
gcloud compute instances detach-disk my-vm   --disk=my-disk --zone=us-central1-a

# Create snapshot
gcloud compute disks snapshot my-disk   --snapshot-names=my-disk-snap-1   --zone=us-central1-a

# Create disk from snapshot
gcloud compute disks create restored-disk   --source-snapshot=my-disk-snap-1   --zone=us-central1-a

Static IPs & Load Balancing

# Reserve a static external IP
gcloud compute addresses create my-static-ip --region=us-central1

# Assign static IP to instance
gcloud compute instances add-access-config my-vm   --access-config-name="External NAT"   --address=34.x.x.x   --zone=us-central1-a

# HTTP(S) Load Balancer (high level)
# 1. Create backend service pointing to instance group
gcloud compute backend-services create web-backend   --protocol=HTTP --port-name=http --global

gcloud compute backend-services add-backend web-backend   --instance-group=web-group   --instance-group-zone=us-central1-a   --global

# 2. Create URL map
gcloud compute url-maps create web-map --default-service=web-backend

# 3. Create target HTTP proxy
gcloud compute target-http-proxies create web-proxy --url-map=web-map

# 4. Create forwarding rule
gcloud compute forwarding-rules create web-rule   --global --target-http-proxy=web-proxy --ports=80

Cost Optimization

Spot VMs: up to 91% discount for fault-tolerant batch jobs. Set --provisioning-model=SPOT.
Committed use discounts: 1 or 3 year commitment for 37-55% discount on specific machine types.
Sustained use discounts: automatic 30% discount for VMs running >25% of the month.
Rightsizing: Cloud Monitoring recommends smaller machine types based on actual CPU/memory use.
Shutdown idle VMs: use Cloud Scheduler + Cloud Functions to stop/start dev VMs on a schedule.
Preemptible vs Spot: Spot VMs are the successor — no max 24h limit, same pricing.
Use pd-balanced instead of pd-ssd for most workloads — 3x cheaper with similar performance.
Snapshot scheduling: automated disk snapshots with retention policies via resource policies.

Compute Engine notes for developers