Virtual Machine/Instance billing
- Each VM is charged per second.
- Each VM is launched within a specific VPC network and a specific zone.
- Multi-tenant host / sole-tenant node - allows only you to access the VM, eg for security purposes.
VM configuration: vCPU (choice of machine type), i.e. Machine Configuration
Predefined OR Custom
Predefined machine types (e2…):
- general
- compute
- memory
Note: Intel or AMD platforms are available
vCPU
Network throughput
virtual CPU
= 2Gbps per vCPU
VM configuration: Operating System
Public image: compatible Linux or Windows operating system
Custom image: private images (snapshots/existing disk); boot disk images that you have access to.
Note: here there is an image storage charge.
Marketplace: deploy functional software packages on Google Cloud; can start the software package without manually configuring the software
Note: if an image has (p) next to it, means that it applies per second billing after the first minute.
Images
- Boot loader info
- OS
- File system structure
- Software (maybe you want to have specific software pre-installed)
- Customisations
VM configuration: Storage
Either pay less but have a lower disk speed or pay more and have a higher iops.
Standard (HDD): cheapest/slowest
Balanced (SSD):
SSD: most expensive/fastest
Local SSD: these are physically directly attached to the VM, so they have the lowest latency. BUT once the instance is stopped or deleted the memory there no longer persists.
VM configuration: Networking
Default:
Custom:
- many available regions/zones
- ingress/egress firewall rules etc
Boot disk
- can choose to preserve the disk even if the VM is deleted
- a VM can have up to 128 disks attached to it (only 16 if it’s a shared-core VM)
- but having more disks means reducing the bandwidth for egress/ingress firewall traffic
Persistent disk (HDD - good for simply having capacity or SSD - good for having performance)
- not physically attached but survives if the VM is stopped
- scales with size
- HDD or SDD
- can be attached in Read-ONLY mode to multiple VMs (cheaper than replicating the data on each disk separately)
- Zonal or regional
– Standard (pd-standard - suitable for large workloads)
– pd-ssd (good for high performance DBs with lower latency)
– pd-balanced (balance performance vs cost)
– pd-extreme (zonal only) (high performance for DB)
-Encryption keys:
– Google-managed
– Customer-managed
– Customer-supplied
Local disk
- Physically attached to a VM
- High iops
- VM resets don’t impact it but stops and deletions do
- Higher performance than SSD
RAM disks
- tmpfs (storing data in memory)
- higher performance than Local Disk
- The storage is volatile, easily erased
- persistent disk should be used to back up this data
Creating a VM instance (DEMO)
- In the installation process, below the memory options (2Gb… CPU…), there will be Display Device, this should be ticked if I want to do screen capturing and recording on the VM.
- Confidential VM service - allows to encrypt data when it is being processed on the VM.
- Boot disk: allows to choose between public/custom images, snapshots and existing disks; here the disk type is chosen (standard persistent, Balanced SSD, SSD)
Creating a VM instance (DEMO): things that I can change / cannot after creating a VM
Stop instance before changes are possible:
1. Machine Configuration (eg e2-micro)
2. Display device - stop instance before changes are possible.
3. Confidential VM or not
4. Instance name
5. Load Balancer
Cannot change:
1. Zone / Region - cannot change
2. Boot disk (image: ubuntu, Linux…); type of disk (balanced disk type etc); size (10Gb etc)
3. Interfaces, once set upon VM creation, cannot be changed
Side note: all VMs will have a new service account assigned to them by default
Compute Engine: Machine Types (example)
After selecting pre-defined vs custom, we first choose machine family, then series, then machine type:
e2-standard-32
series - type - vCPUs amount
Compute Engine: Machine Familities / Types (general overview)
Predefined:
Family: General-purpose
- E2 - day-to-day, lower cost
- N1 (GPU is only available for N1 series)
- N2
- N2D
- Tau T2D
- Tau T2A (scale optimised)
Family: Compute-optimised
Ultra high performance for compute-intensive workloads such as Gaming, Electronic Design Automation (EDA), Single-Threaded applications
- C2 (Standard);
– only available on predefined machine types, not for custom;
– 4 to 60 vCPUs
– Memory: from 16 GB to 240 GB
– cannot use regional persistent disks with this type
- C2D (larger)
- H3 (even higher)
Family: Memory-optimised (committed use discounts availabile)
- M1 (Mega memory / Ultra-memory) 4 Tb of memory
- M2 (Mega memory / Ultra-memory) 12 Tb of memory
- M3
Family: Accelerator-optimised
A2 - parallel massive computations: ML + high performance computing
G2 - video transcoding or remote visualisations
Custom:
- Either 1 vCPU or an even number
- Up to 8Gb per vCPU
- Total memory must be a multiple of 256Gb
Compute Engine: Machine Types (predefined machine type families within General Purpose type)
- Standard (balance of CPU and memory)
- High memory (high memory to CPU ratio)
- High CPU
Compute Engine: Machine Types (E2 series details within General Purpose type)
- Designed for day-to-day computing at low cost
- 2 to 32 vCPUs
- Memory: from 0.5 GB to 128 GB
- do not provide sustained use discounts
- available on predefined AND custom machine types
- shared core machine types
Compute Engine: Machine Types (N1 / N2 / N2D series details within General Purpose type)
N1 (first generation)
- 2 to 96 vCPUs
- Memory: from 0.95 GB to 624 GB
- offers TPU support and GPU support
- available on predefined AND custom machine types
- larger sustained use discount than N2
N2 (second generation more flexible)
- 2 to 80 vCPUs
- Memory: from 0.5 GB to 640 GB
- overall performance improvement over N1 machine types
- extended memory feature which offers per CPU software licencing cost control
N2D
- 2 to 224 vCPUs
- Memory: from 0.5 GB to 896 GB
- largest general purpose machine type
- available on predefined AND custom machine types
- helps avoid per CPU licencing
- higher memory to core ratios
Compute Engine: Machine Types (M1 / M2 series details within Memory-optimised type)
- For ultra high memory workloads
- used for in-memory analytics
M1
- 40 to 160 vCPUs
- Memory: from 32 GB to 3844 GB
- cannot use regional persistent disks
- only available on predefined machine types, not for custom
M2
- 40 to 160 vCPUs
- Memory: from 32 GB to 11776 GB
- cannot use regional persistent disks
- only available on predefined machine types, not for custom
Compute Engine: Machine Types (E2 and N1 series common ground, Shared core, within General Purpose type)
- for burstable workloads
- are cost-effective
- used with non-resource intensive applications
When workload bursts occur, additional CPUs are temporarily used (max 2 CPUs and 4Gb of memory):
E2
- micro
- core
- medium
N1
- f1-micro
- g1- small
Compute Engine: Machine Types (GPUs available)
For graphic intensive workloads
- NVIDIA Tesla K80
- NVIDIA Tesla P4
- NVIDIA Tesla T4
- NVIDIA Tesla V100
- NVIDIA Tesla P100
VM Metadata and scripting
- scripts can be created to use the metadata info of a VM to eg. auto start the VM or stop when something happens
Can move a VM to a new zone, but it needs to be stopped beforehand, also all the references to the VM will need to be manually updated
- VM can be moved automatically using gcloud:
gcloud compute instances move …
-VM can be manually moved
– all disk ‘templates’ need to be recreated in the new zone
– old disks need to be reattached to the new zone
– new VM needs to have a static IP
– change VM references
– delete original snapshots, disks and VM
Snapshots
- can be used for data recovery processes
- for data migration between zones
- for transferring data to a different disk type (eg to transfer data from an HDD disk to SSD)
- snapshots are available on persistent disks only, not local SSD
- used for incremental backups of data in the Cloud Storage (not visible in buckets but accessible using snapshot service)
- cheaper than recreating a full image of a disk
- not used for backing up metadata of VMs or tags
Managing Instances
- when the instance is running, it can be reset this is like a hard reset, all the data is wiped, only the settings remain
- when the VM instance is Suspended or Stopped: you still pay for static IPs or persistent disk data; you also pay for the suspended CPU and memory service
- when the VM is terminated: you don’t pay for the suspended CPU and memory service
Shielded VM
Offer verifiable integrity of your compute engine VM instances, you can be sure your systems weren’t compromised by boot etc.
Managing Instances: Boot process
Ensures you are not running a compromised system
1. Secure Boot (signatures are verified along with the certificates)
2. Virtual Trusted Platform Module (vTPM) - takes the measurements of the boot/start of the VM
3. Integrity Monitoring - compares the current boot info with the previous one, so it checks if there are any major changes in the way the VM started before vs how it started now
Managing Instances: When the instance is Running
- Startup script is run - installs the guest environment packages, in the default mode, these are installed automatically using metadata
Note: metadata propagates to all the instances within the project - Ability to log into your instance using SSH / RDP: set up a firewall rule for TCP on port 22 (for Linux, i.e. SSH); OS login is RECOMMENDED by Google when logging into an instance; for RDP (Windows) set a firewall rule for TCP on port 3389, connect using RDP or powershell, can then login through and RDP chrome extension, you also need to select a Windows password
- Can modify/repair the instance like shown in the previous demo
- Live migration: migrate your instance such that you can change the host to a different zone but within the same region, basically you are sort of copying the instance. You can then do the maintenance on the “copy” without interrupting the VM.
-
1. Cloud Computing Fundamentals6
-
2. Google Cloud Fundamentals70
-
3. Account Setup32
-
4. Identity and Access Management (IAM)39
-
5. Networking Services (I)45
-
5. Networking Services (II)21
-
6. Compute Engine28
-
Pluralsight - Elastic Infrastructure (Scaling & Automation)11
-
Pluralsight - Reliable Google Cloud Infrastructure: Design and Process29
-
Pluralsight - Getting Started with Google Kubernetes Engine22
