examlab .net The most efficient path to the most valuable certifications.
Support
In this note ≈ 19 min

Compute Engine: Virtual Machines

3,620 words · ≈ 19 min read ·

Master Google Compute Engine (GCE) for the ACE exam. Learn about machine families, persistent disks, custom images, instance templates, and managed instance groups.

Do 20 practice questions → Free · No signup · ACE

Introduction to Compute Engine: Virtual Machines

Compute Engine: Virtual Machines (GCE) is the Infrastructure as a Service (IaaS) heart of Google Cloud. It allows you to run virtualized workloads on Google's globally distributed physical infrastructure. For an Associate Cloud Engineer, Compute Engine: Virtual Machines is often the most significant part of their daily work and represents a substantial portion of the ACE exam.

Understanding Compute Engine: Virtual Machines goes beyond just spinning up a server. You must know how to choose the right machine family for your workload, how to manage storage persistence, how to automate deployments using templates, and how to ensure high availability using Managed Instance Groups. Compute Engine: Virtual Machines provides the ultimate flexibility, giving you full control over the operating system and the hardware configuration.

白話文解釋(Plain English Explanation)

To help you grasp the many moving parts of Compute Engine: Virtual Machines, let's use these three analogies.

1. The Car Rental Agency (Flexibility)

Think of GCE as a massive car rental service:

  • Compute Engine: Virtual Machines are the individual cars you can rent.
  • Machine Types are the categories of cars (Economy, SUV, Truck, High-Performance Sports Car).
  • Images are the factory settings and interior features of the car when you pick it up.
  • Persistent Disks are like a removable roof rack or trunk. If you return the car, you can keep the rack and attach it to your next rental.

Just like you wouldn't rent a 26-foot box truck to go to the grocery store, you shouldn't use a memory-optimized VM for a simple personal blog. Compute Engine: Virtual Machines allows you to "rent" exactly what you need for the duration you need it.

2. The Modular Workspace (Customization)

Imagine a modern co-working space:

  • The Room is the VM instance.
  • vCPUs and RAM are the number of desks and chairs you put in the room. You can have a small room with one desk (E2-micro) or a giant hall with 400 desks (M3-megamem).
  • Startup Scripts are the instructions you leave for the cleaning crew to set up the room (install software) before you arrive.
  • Instance Templates are the blueprint for the room that allows the building manager to create 50 identical rooms instantly.

Compute Engine: Virtual Machines is about assembling these components into a functional environment that meets your specific requirements.

3. The Power Grid (Scalability)

Consider how a city manages its power:

  • Individual Power Plants are your VM instances.
  • Managed Instance Groups (MIGs) are the automated control systems that turn on more plants when the city starts using more power (autoscaling).
  • Load Balancers are the substations that distribute the electricity evenly across the city so no single plant is overwhelmed.

In this Compute Engine: Virtual Machines analogy, the system is designed to be resilient. If one plant fails, the system automatically detects it and starts a new one (auto-healing).

Machine Families and Types

A critical part of Compute Engine: Virtual Machines management is selecting the right machine family.

General-Purpose (E2, N1, N2, N2D, Tau T2D)

These are the workhorses of Google Cloud. E2 is the cost-leader, providing a balance of performance and price for web servers, small databases, and development environments.

Compute-Optimized (C2, C2D)

Designed for high-performance computing (HPC), gaming servers, and media transcoding. These offer the highest performance per core in the Compute Engine: Virtual Machines lineup.

Memory-Optimized (M1, M2, M3)

Perfect for large in-memory databases like SAP HANA or real-time data analytics. These machines offer massive amounts of RAM (up to 12TB).

Accelerator-Optimized (A2, A3)

These machines are powered by NVIDIA GPUs and are designed for massive AI/ML training and inference workloads.

A Machine Family is a curated set of hardware configurations optimized for specific workloads. Choosing the right family is the first step in GCE cost and performance management. Source ↗

Managing VM Images

Images provide the base operating system and software for your Compute Engine: Virtual Machines.

Public Images vs. Custom Images

  • Public Images: Maintained by Google or partners (Debian, Ubuntu, Windows Server).
  • Custom Images: Images you create from an existing VM that has been configured with your specific software and settings.

Image Families for Automated Updates

By using an image family name instead of a specific image version, you ensure that your Compute Engine: Virtual Machines always start with the latest patched version of the OS.

Shielded VM Images

These provide hardened security features like Measured Boot and Integrity Monitoring to protect your Compute Engine: Virtual Machines from rootkits and boot-level malware.

Storage Options for VMs

Data persistence is a vital part of the Compute Engine: Virtual Machines ecosystem.

Persistent Disks (Standard, Balanced, SSD, Extreme)

These are durable, network-attached storage devices. They can be resized while running and can be detached from one VM and attached to another.

Local SSD: High Performance, Ephemeral Data

Physically attached to the host server. They offer incredible IOPS and low latency but lose all data if the Compute Engine: Virtual Machines instance is deleted or stopped.

Persistent Disks are independent of the VM lifecycle. You can delete a VM and keep the disk. Local SSDs are NOT independent; their data is lost when the instance is terminated. Source ↗

Networking for Instances

How your Compute Engine: Virtual Machines communicate with the world.

Internal vs. External IP Addresses

Internal IPs are used for communication within the VPC. External IPs are for the public internet.

Static vs. Ephemeral IPs

Ephemeral IPs change when the instance is stopped and started. Static (Reserved) IPs remain with your account until you release them.

Network Tags and Firewalls

Tags are used to apply specific firewall rules to a group of Compute Engine: Virtual Machines without needing to manage individual IP addresses.

The VM Lifecycle and States

Understanding instance states is crucial for troubleshooting Compute Engine: Virtual Machines.

  • PROVISIONING/STAGING: Resources are being allocated.
  • RUNNING: The VM is up and functional. This is when billing for CPU/RAM occurs.
  • STOPPING/TERMINATED: The VM has been shut down. You are not paying for CPU/RAM, but you ARE still paying for the Persistent Disk.

A 'TERMINATED' VM still incurs costs for its Persistent Disk and any reserved Static IP addresses. To stop all costs, you must 'DELETE' the instance and its associated resources. Source ↗

Availability and Reliability Features

Google Cloud ensures your Compute Engine: Virtual Machines stay running.

Live Migration

Google can move your running VM to a different host without rebooting, allowing for seamless physical hardware maintenance.

Availability Policies

You can configure whether a VM should automatically restart if it crashes or how it should behave during host maintenance.

Cost Optimization for VMs

Saving money is a key responsibility in Compute Engine: Virtual Machines management.

Spot VMs (formerly Preemptible)

Up to 91% discount for resources that Google can reclaim at any time. Perfect for batch processing and fault-tolerant apps.

Sustained Use Discounts (SUD)

Automatic discounts that kick in when you run a VM for more than 25% of a month.

Committed Use Discounts (CUD)

Deep discounts for a 1-year or 3-year commitment to a certain amount of vCPU and RAM.

Cost-optimization numbers to memorize for the ACE: Spot VMs offer up to 91% discount but can be reclaimed by Google at any time; Sustained Use Discounts apply automatically once a VM runs for more than 25% of a month; Committed Use Discounts require a 1-year or 3-year commitment to a fixed amount of vCPU and RAM. Source ↗

Automation with Instance Templates

Templates are the blueprints for Compute Engine: Virtual Machines.

Creating a Template

Define the machine type, image, disks, and network settings once, and use it to create many identical instances.

Using Startup and Shutdown Scripts

Automate the installation of software or the backup of data when a Compute Engine: Virtual Machines instance starts or stops.

Metadata Management

Store custom variables that your scripts can query to customize the behavior of the VM.

Scaling with Managed Instance Groups (MIGs)

MIGs allow you to manage a group of identical Compute Engine: Virtual Machines as a single entity.

Autoscaling Policies

Automatically add or remove instances based on CPU usage, Load Balancing capacity, or custom Cloud Monitoring metrics.

Auto-healing and Health Checks

If an instance fails a health check, the MIG will automatically delete it and recreate a fresh one based on the instance template.

Always use a Managed Instance Group for production workloads to ensure high availability and easy scaling. Source ↗

Security Best Practices for GCE

  1. Use OS Login: Manage SSH access via IAM instead of managing individual SSH keys.
  2. Restrict Service Account Scopes: Give the VM's service account only the permissions it needs.
  3. Use Shielded VMs: Protect against firmware-level attacks.
  4. Avoid Public IPs: Use Cloud NAT and Identity-Aware Proxy (IAP) for more secure access.

Managing VMs via gcloud CLI

You must know these commands for the Compute Engine: Virtual Machines portion of the ACE exam.

gcloud compute instances create

The primary command to launch a new VM.

gcloud compute instances create my-vm \
    --zone=us-central1-a \
    --machine-type=e2-medium \
    --image-family=debian-11 \
    --image-project=debian-cloud

gcloud compute instances stop/start

Used to manage the lifecycle of an existing instance.

gcloud compute instances set-machine-type

Change the resources of an instance (requires the VM to be in a STOPPED state).

To resize a VM with gcloud compute instances set-machine-type (for example, switching from e2-medium to a memory-optimized M3), you must first STOP the instance — Compute Engine rejects the call on a RUNNING VM. This is also why ACE scenarios about "giving a running VM more RAM" always answer Stop -> change machine type -> Start, never live-resize. Source ↗

Troubleshooting Common VM Issues

Connection Refused (SSH Issues)

Usually caused by a missing firewall rule (port 22) or an incorrectly configured SSH key.

Serial Console Logs

If a VM won't boot, check the serial console logs to see where the boot process is failing.

Quota Exhaustion Errors

If you can't create a VM, you might have hit your regional vCPU or Persistent Disk quota.

Common Exam Scenarios for ACE

Changing a Machine Type

"You need to give a running VM more RAM. What are the steps?" (Answer: Stop VM, change machine type, Start VM).

Responding to Preemption

"You are using Spot VMs for a batch job. How can you ensure the job finishes if a VM is reclaimed?" (Answer: Use a Managed Instance Group and a startup script that resumes work from a checkpoint in Cloud Storage).

Configuring a High-Availability Web Server

"How do you ensure your web app stays online even if a zone fails?" (Answer: Use a Regional Managed Instance Group distributed across multiple zones).

FAQ

Q1: Can I change the boot disk of a running VM? A1: No. To change the boot disk, you must delete the VM (keeping the other disks) and recreate it with the new boot disk.

Q2: What is the difference between a Snapshot and an Image? A2: Snapshots are incremental backups of a disk. Images are blueprints used to create new VMs. You can create an image from a snapshot.

Q3: Can a VM have multiple network interfaces? A3: Yes, but each interface must be connected to a different VPC network.

Q4: Is there a limit to how many disks I can attach to one VM? A4: Yes, the limit depends on the machine type, typically ranging from 16 to 128 disks.

Q5: Can I move a VM between regions? A5: Not directly. You must take a snapshot of the disk, move the snapshot to the new region, and create a new VM from that snapshot.

Summary Checklist for ACE

  • Understand the differences between the major machine families (E2, C2, M3).
  • Know that you must STOP a VM to change its machine type.
  • Understand that Local SSD data is ephemeral and Persistent Disk data is durable.
  • Be comfortable with the basics of gcloud compute instances create.
  • Know the difference between Managed and Unmanaged instance groups.
  • Understand how Spot VMs can be used to save money.

Official sources

More ACE topics