Creating a VM from a public Linux image
-
In the management console
, select the folder to create your VM in. -
In the list of services, select Compute Cloud.
-
Click Create virtual machine.
-
Under Basic parameters:
-
Enter a name and description for the VM. The naming requirements are as follows:
- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
Note
The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.
-
Select an availability zone to place your VM in.
-
-
Under Image/boot disk selection, select an image and a Linux-based OS version.
-
(Optional) Under Disks and file storages, select the Disks tab and configure a boot disk:
-
Select the disk type.
-
Specify the required disk size.
-
(Optional) To encrypt a boot disk, under Disks and file storages, configure encryption parameters for the disk:
- Select the Encrypted disk option.
- In the KMS Key field, select the key with which you want to encrypt the disk. To create a new key, click Create.
- In the Service account field, select the service account with the
kms.keys.encrypterDecrypter
role for the specified key. To create a service account, click Create.
The encryption feature in Compute Cloud is currently at the Preview stage. To access it, open the resource creation page and click Request access under Encryption or contact support
.If you deactivate the key used to encrypt a disk or snapshot, access to the data will be suspended until you reactivate the key.
Alert
If you destroy the key or its version used to encrypt a disk or snapshot, access to the data will be irrevocably lost. Learn more in Destroying key versions.
If you want to create a VM from an existing disk, under Disks and file storages, add a disk:
-
Click Add disk.
-
Enter the disk name.
-
Select the disk type.
-
Specify the required block size.
-
Specify the required disk size.
-
(Optional) To encrypt a disk, configure encryption parameters.
-
(Optional) Enable the Advanced option in the Delete with the VM field if you need to automatically delete the disk when deleting the VM it will be attached to.
-
In the Contents field, select
Disk
. -
Click Add.
-
-
(Optional) Under Disks and file storages, select the File storages tab and attach the file storage:
- Click Attach file storage.
- In the window that opens, specify the file storage.
- Enter the device name.
- Click Attach file storage.
-
Under Computing resources:
- Choose a platform.
- Specify the guaranteed share and the required number of vCPUs, as well as the amount of RAM.
- If required, make your VM preemptible.
- (Optional) Enable a software-accelerated network.
-
Under Network settings:
-
Enter a subnet ID or select a cloud network from the list.
If you do not have a network, click Create network to create one:- In the window that opens, enter the network name and specify the folder to host the network.
- (Optional) To automatically create subnets, select the Create subnets option.
- Click Create.
Each network must have at least one subnet. If there is no subnet, create one by selecting
-
In the Public IP field, choose a method for assigning an IP address:
Auto
: Assign a random IP address from the Yandex Cloud IP pool. With this, you can enable DDoS protection using the option below.List
: Select a public IP address from the list of previously reserved static addresses. For more information, see Converting a dynamic public IP address to static.No address
: Do not assign a public IP address.
-
In the Internal IPv4 address field, select the method for assigning internal addresses:
Auto
orManual
. -
(Optional) Create records for the VM in the DNS zone:
- Expand the DNS settings for internal addresses section and click Add record.
- Specify the zone, FQDN, and TTL for the record. When setting the FQDN, you can select
Detect automatically
for the zone.
You can add multiple records to internal DNS zones. For more information, see Cloud DNS integration with Compute Cloud. - To create another record, click Add record.
-
Select the appropriate security groups.
-
-
(Optional) To back up your VMs automatically using Cloud Backup, under Backups, select how your VM should connect to the service.
For more information, see Connecting Compute Cloud VMs to Cloud Backup.
-
Under Access, specify the information required to access the instance:
-
(Optional) Select or create a service account. With a service account, you can flexibly configure access rights for your resources.
-
Enter username in the Login field.
Alert
Do not use the
root
username or other names reserved by the OS. To perform operations that require superuser permissions, use thesudo
command. -
In the SSH key field, paste the contents of the public key file. You need to create a key pair for the SSH connection yourself.
-
If required, grant access to the serial console.
-
If you want to add several users with SSH keys to the VM at the same time, specify these users' data under Metadata.
In public Linux images provided by Yandex Cloud, the functionality of connecting over SSH using login and password is disabled by default.
-
-
(Optional) Under Placement, select a VM placement group.
-
Click Create VM.
The VM appears in the list. Once created, the VM is assigned an IP address and a host name (FQDN).
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
View the description of the CLI command to create a VM:
yc compute instance create --help
-
Prepare a key pair (public and private keys) for SSH access to the VM.
-
Select a Linux-based public image from Yandex Cloud Marketplace, e.g., CentOS 7.
To get a list of available images using the YC CLI, run this command:
yc compute image list --folder-id standard-images
Result:
+----------------------+-------------------------------------+--------------------------+----------------------+--------+ | ID | NAME | FAMILY | PRODUCT IDS | STATUS | +----------------------+-------------------------------------+--------------------------+----------------------+--------+ ... | fdvk34al8k5n******** | centos-7-1549279494 | centos-7 | dqni65lfhvv2******** | READY | | fdv7ooobjfl3******** | windows-2016-gvlk-1548913814 | windows-2016-gvlk | dqnnc72gj2is******** | READY | | fdv4f5kv5cvf******** | ubuntu-1604-lts-1549457823 | ubuntu-1604-lts | dqnnb6dc7640******** | READY | ... +----------------------+-------------------------------------+--------------------------+----------------------+--------+
-
Select a subnet:
yc vpc subnet list
Result:
+----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+ | ID | NAME | NETWORK ID | ROUTE TABLE ID | ZONE | RANGE | +----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+ | b0c6n43f9lgh******** | default-ru-central1-d | enpe3m3fa00u******** | | ru-central1-d | [10.130.0.0/24] | | e2l2da8a20b3******** | default-ru-central1-b | enpe3m3fa00u******** | | ru-central1-b | [10.129.0.0/24] | | e9bnlm18l70a******** | default-ru-central1-a | enpe3m3fa00u******** | | ru-central1-a | [10.128.0.0/24] | +----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+
-
Create a VM in the default folder:
yc compute instance create \ --name first-instance \ --zone ru-central1-a \ --network-interface subnet-name=default-ru-central1-a,nat-ip-version=ipv4 \ --create-boot-disk image-folder-id=standard-images,image-family=centos-7 \ --ssh-key ~/.ssh/id_ed25519.pub
Where:
-
--name
: VM name. The naming requirements are as follows:- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
Note
The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.
-
--zone
: Availability zone that corresponds to the selected subnet. -
subnet-name
: Name of the selected subnet. -
nat-ip-version=ipv4
: Public IP address. To create a VM without a public IP address, disable this parameter. -
image-family
: Image family, such ascentos-7
. This option allows you to install the latest version of the OS from the specified family. -
--ssh-key
: Public SSH key path. The VM will automatically create a user namedyc-user
for this key.When creating a VM from a Yandex Cloud Marketplace public image, make sure to provide an SSH key to the VM. By default, SSH access with a username and password is disabled for such images.
If you want to add several users with SSH keys to the VM at the same time, specify these users' data using the
--metadata-from-file
parameter. -
When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.
You can make a public IP address static. For more information, see Making a VM's public IP address static.
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
In the configuration file, describe the parameters of the resources you want to create:
resource "yandex_compute_disk" "boot-disk" { name = "<disk_name>" type = "<disk_type>" zone = "<availability_zone>" size = "<disk_size>" image_id = "<image_ID>" } resource "yandex_compute_instance" "vm-1" { name = "linux-vm" allow_stopping_for_update = true platform_id = "standard-v3" zone = "<availability_zone>" resources { cores = "<number_of_vCPU_cores>" memory = "<GB_of_RAM>" } boot_disk { disk_id = yandex_compute_disk.boot-disk.id } network_interface { subnet_id = "${yandex_vpc_subnet.subnet-1.id}" nat = true } metadata = { ssh-keys = "<username>:<SSH_key_contents>" } } resource "yandex_vpc_network" "network-1" { name = "network1" } resource "yandex_vpc_subnet" "subnet-1" { name = "subnet1" zone = "<availability_zone>" v4_cidr_blocks = ["192.168.10.0/24"] network_id = "${yandex_vpc_network.network-1.id}" }
Where:
-
yandex_compute_disk
: Boot disk description:-
name
: Disk name. -
type
: Disk type. -
zone
: Availability zone to host the disk. -
size
: Disk size in GB. -
image_id
: ID of the image to create the VM from. You can get the image ID from the list of public images.You can also view image IDs in the management console
when creating a VM or on the image page in Cloud Marketplace, under Product IDs.
-
-
yandex_compute_instance
: Description of the VM:-
name
: VM name. -
allow_stopping_for_update
: Allow a VM instance to stop to make changes. Settrue
if you plan to change the network settings, computing resources, disks, or file storage for your VM using Terraform. The default value isfalse
. -
platform_id
: Platform. -
zone
: Availability zone to host the VM. -
resources
: Number of vCPU cores and the amount of RAM available to the VM. The values must match the selected platform. -
boot_disk
: Boot disk settings. Specify the disk ID. -
network_interface
: Network settings. Specify the ID of the selected subnet. To automatically assign a public IP address to the VM, setnat = true
. -
metadata
: In the metadata, provide the public SSH key for accessing the VM. For more information, see VM metadata.If you want to add several users with SSH keys to the VM at the same time, specify these users' data in a file and supply it under
metadata
.
-
-
yandex_vpc_network
: Description of the cloud network. -
yandex_vpc_subnet
: Description of the subnet your VM will connect to.
Note
If you already have suitable resources, such as a cloud network and subnet, you do not need to describe them again. Use their names and IDs in the appropriate parameters.
For more information about resources you can create with Terraform, see the provider documentation
. -
-
Create resources:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validate
If the configuration is correct, the following message is returned:
Success! The configuration is valid.
-
Run the command:
terraform plan
The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply
-
Confirm the changes: type
yes
in the terminal and press Enter.
All the resources you need will then be created in the specified folder. You can check the new resources and their configuration using the management console
. -
When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.
You can make a public IP address static. For more information, see Making a VM's public IP address static.
Create a VM using the create REST API method for the Instance resource:
-
Prepare a key pair (public and private keys) for SSH access to the VM.
-
Get an Yandex Identity and Access Management token used for authentication in the examples:
- Guide for users with a Yandex account.
- Guide for a service account.
- Guide for a federated account.
-
Get the ID of the folder.
-
Get information about the image to create your VM from (image ID and minimum disk size):
-
If you know the image family, get information about the latest image in this family:
export IAM_TOKEN=CggaATEVAgA... export FAMILY=ubuntu-1804 curl -H "Authorization: Bearer ${IAM_TOKEN}" \ "https://compute.api.cloud.yandex.net/compute/v1/images:latestByFamily?folderId=standard-images&family=${FAMILY}"
-
To learn more about the image, see the list of public images.
-
-
Get the subnet and availability zone IDs. Specify the ID of the folder where the subnet was created in your request:
export IAM_TOKEN=CggaATEVAgA... export FOLDER_ID=b1gvmob95yys******** curl -H "Authorization: Bearer ${IAM_TOKEN}" \ "https://vpc.api.cloud.yandex.net/vpc/v1/subnets?folderId=${FOLDER_ID}" { "subnets": [ { "v4CidrBlocks": [ "10.130.0.0/24" ], "id": "b0c6n43ftldh********", "folderId": "b1gvmob95yys********", "createdAt": "2018-09-23T12:15:00Z", "name": "default-ru-central1-a", "description": "Auto-created default subnet for zone ru-central1-a", "networkId": "enpe3m3faglu********", "zoneId": "ru-central1-a" }, ... ] }
-
Create a file
named body.json
with the body of the request to create a VM:{ "folderId": "b1gvmob95yys********", "name": "instance-demo-no-pwauth", "zoneId": "ru-central1-a", "platformId": "standard-v3", "resourcesSpec": { "memory": "2147483648", "cores": "2" }, "metadata": { "user-data": "#cloud-config\nusers:\n - name: user\n groups: sudo\n shell: /bin/bash\n sudo: 'ALL=(ALL) NOPASSWD:ALL'\n ssh-authorized-keys:\n - ssh-ed25519 AAAAB3N... user@example.com" }, "bootDiskSpec": { "diskSpec": { "size": "2621440000", "imageId": "fd8rc75pn12f********" } }, "networkInterfaceSpecs": [ { "subnetId": "b0c6n43ftldh********", "primaryV4AddressSpec": { "oneToOneNatSpec": { "ipVersion": "IPV4" } } } ] }
Where:
-
folderId
: Folder ID. -
name
: Name assigned to the VM upon creation. -
zoneId
: Availability zone that corresponds to the selected subnet. -
platformId
: Platform. -
resourceSpec
: Resources available to the VM. The values must match the selected platform. -
metadata
: In the metadata, provide the public key for VM access via SSH. For more information, see VM metadata. -
bootDiskSpec
: Boot disk settings. Specify the selected image ID and disk size.You can also view image IDs in the management console
when creating a VM or on the image page in Cloud Marketplace, under Product IDs.The disk size must not be less than the minimum value specified in the image details.
-
networkInterfaceSpecs
: Network settings.-
subnetId
: ID of the selected subnet. -
primaryV4AddressSpec
: IP address to assign to the VM. To add a public IP to your VM, specify:"primaryV4AddressSpec": { "oneToOneNatSpec": { "ipVersion": "IPV4" } }
-
Read more about the request body format in the API reference.
-
-
Create a VM:
export IAM_TOKEN=CggaATEVAgA... curl -X POST \ -H "Content-Type: application/json" \ -H "Authorization: Bearer ${IAM_TOKEN}" \ -d '@body.json' \ https://compute.api.cloud.yandex.net/compute/v1/instances
When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.
You can make a public IP address static. For more information, see Making a VM's public IP address static.