Contact UsGet started

Uploading a disk image to Yandex Cloud

Written by
Improved by
Updated at October 30, 2024

In this tutorial, you will learn how to upload a Linux OS image file to Yandex Object Storage and use it to create an image and a VM in Compute Cloud.

Major virtualization systems are supported.

Warning

In Compute Cloud, you can only create images using files uploaded to Object Storage. You can also migrate a VM using Hystax Acura.

Prepare an image file

Boot disk images must meet the following requirements:

  • The virtio-net, virtio-blk, and virtio-pci drivers are installed. If you are going to attach file storages to your VM, you also need to install the virtiofs driver. For more information, refer to this guide.
  • The ttyS0 terminal (COM1 port) is set up as a serial console. For more information, refer to this guide.
  • The network interface runs correctly when starting a VM and obtains the IP address via DHCP.
  • The cloud-init package is installed and configured to work with our metadata service. To install the package for CentOS, run the sudo yum install cloud-init command. To install it for Debian or Ubuntu, run sudo apt update && sudo apt install -y cloud-init.
  • If you created an image based on an Amazon Machine Image (AMI), verification of the cloud platform where the VM instance is run is disabled in the cloud-init settings. For more information, refer to this guide.
  • In the system firewall settings, the minimum required set of ports for running your applications and a port for SSH access (by default, 22 TCP) are open.
  • The SSH server starts automatically at VM startup.
  • Services running your application are resistant to VM reboots.
  • The boot disk uses MBR partitioning.
  • The disk is mounted by its UUID rather than by name.
  • The file system is not encrypted.

The supported formats include Qcow2, VMDK, RAW, and VHD.

For setup instructions, see Preparing your disk image.

Upload an image file to Object Storage

Upload your image to Object Storage and get a link to the uploaded image:

  1. If you do not have a bucket in Object Storage, create one with restricted access.
  2. Upload the image using the management console, the AWS CLI, or WinSCP, for example. In Object Storage terms, the uploaded image is called an object.
  3. Get a link to the uploaded image. Use this link when creating an image in Compute Cloud.

Create an image in Compute Cloud

Create a new image from the link obtained in Object Storage:

  1. In the management console, select the folder where you want to create an image.

  2. Select Compute Cloud.

  3. In the left-hand panel, select Images.

  4. Click Upload image.

  5. Enter the image name. The naming requirements are as follows:

    • The name must be from 3 to 63 characters long.
    • It may contain lowercase Latin letters, numbers, and hyphens.
    • The first character must be a letter and the last character cannot be a hyphen.

  6. If necessary, add a description of the image.

  7. Paste the link to the image you got in Object Storage.

  8. To create an optimized image, enable Optimize for deployment.

  9. Click Upload.

To create a new image via the link, use the --source-uri flag. To create an optimized image, use the --pooled flag.

yc compute image create --name <image_name> --source-uri <image_URL> --pooled

Where:

  • --name: Name to assign to the image.
  • --source-uri: Image link you got in Object Storage.

Add a description as required and specify the family the image belongs to:

yc compute image create \
  --name ubuntu-cosmic \
  --description "Ubuntu Server 18.10 (Cosmic Cuttlefish)" \
  --family ubuntu \
  --source-uri "https://storage.yandexcloud.net/mybucket/cosmic-server-cloudimg-amd64.vmdk"

If you know the minimum requirements for the size of a disk that will be created from this image, specify the size in GB:

yc compute image create \
  --name big-image \
  --min-disk-size 20 \
  --source-uri "https://storage.yandexcloud.net/mybucket/cosmic-server-cloudimg-amd64.vmdk"

Note

The min-disk-size value must be greater than the volume of the source data in the image and greater than the size of the virtual disk specified in the image.

If the min-disk-size value you specify is less than that allowed, an error will occur and no image will be created. The error description will contain the minimum value in bytes, for example, Minimal disk size should be greater than or equal to 10737418240.

If no min-disk-size is specified, the minimum value will be used.

If you don't have Terraform, install it and configure the Yandex Cloud provider.

To create an image:

  1. Describe the resource parameters in the yandex_compute_image configuration file.

    Here is an example of the configuration file structure:

    resource "yandex_compute_image" "image-1" {
  name       = "ubuntu-cosmic"
  os_type    = "LINUX"
  source_url = "<image_link>"
  pooled     = "false"
}

    Where source_url is the link to the image in Object Storage.

    For more information about the resources you can create with Terraform, see the provider documentation.

  2. Make sure the configuration files are correct.

    1. In the command line, go to the folder where you created the configuration file.

    2. Run a check using this command:

      terraform plan

    If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.

  3. Deploy cloud resources.

    1. Run this command:

      terraform apply

    2. Confirm that you want to create the resources.

    All the resources you need will then be created in the specified folder. You can check the new resources and their configuration using the management console.

Create a new image using the create REST API method for the Image resource or the ImageService/Create gRPC API call. In the request, specify the link to the image.

Once created, the image will have the CREATING status. Wait until the image status changes to READY before using it.

Delete the image from Object Storage

If you have successfully created an image, you can delete the image file from Object Storage. You can also delete the bucket if it does not contain any more objects.

Create a VM from the prepared image

  1. In the management console, select the folder to create your VM in.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines.

  4. Click Create virtual machine.

  5. Under Boot disk image:

    • Go to the Custom tab.
    • Click Select and select Create new in the window that opens.
    • In the Contents field, select Image and then select the image you need from the list below.
    • (Optional) Enable the Additional option in the Delete along with the virtual machine field if you need to automatically delete this disk when deleting the VM.
    • Click Add disk.

  6. Under Location, select an availability zone to place your VM in.

  7. Add a disk.

    • Under Disks and file storages, click Add
    • In the window that opens, select DiskCreate new.
    • In the Contents field, select Image and then select the image you need from the list below.
    • Specify the disk name.
    • Select the disk type.
    • Specify the required disk size and block size.
    • (Optional) Enable the Additional option in the Delete along with the virtual machine field if you need to automatically delete this disk when deleting the VM.
    • Click Add disk.

  8. (Optional) To encrypt a boot disk or a secondary disk, under Disks and file storages, click to the right of the disk name and set encryption parameters for the disk:

    • Select Encrypted disk.
    • In the KMS key field, select the key to encrypt the disk with. To create a new key, click Create new key.
    • In the Service account field, select a service account with the kms.keys.encrypterDecrypter role for the specified key. To create a service account, click Create new account.

    The encryption feature in Compute Cloud is currently at the Preview stage. To access it, open the resource creation page and click Request access under Encryption or contact support.

    If you deactivate the key used to encrypt a disk or snapshot, access to the data will be suspended until you reactivate the key.

    Alert

    If you destroy the key or its version used to encrypt a disk or snapshot, access to the data will be irrevocably lost. Learn more in Destroying key versions.

  9. (Optional) Connect a file storage:

    • Under Disks and file storages, click Add.

      • In the window that opens, select File storage and select the storage you want to connect from the list.

        If you do not have any file storages, click Create file storage to create a new one.

      • Click Add file storage.

  10. Under Computing resources, select a preset configuration or create a new one. To create a configuration:

  11. Under Network settings:

    • In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, you can select a cloud network from the list.

      • Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.

      • If you do not have a network, click Create network to create one:

        • In the window that opens, enter the network name and select the folder to host the network.
        • (Optional) Select the Create subnets option to automatically create subnets in all availability zones.
        • Click Create network.

    • In the Public IP field, choose a method for assigning an IP address:

      • Auto: Assign a random IP address from the Yandex Cloud IP address pool. In this case, you can enable DDoS protection using the option below.
      • List: Select a public IP address from the list of previously reserved static addresses. For more information, see Converting a dynamic public IP address to static.
      • No address: Do not assign a public IP address.

    • Select the appropriate security groups. If you leave this field empty, the default security group will be assigned to the VM.

    • Expand the Additional section and select a method for internal IP address assignment in the Internal IPv4 address field:

      • Auto: Assign a random IP address from the pool of IP addresses available in the selected subnet.
      • List: Select a private IP address from the list of previously reserved IP addresses. Click Reserve to reserve a private IP address in the selected subnet if needed.
      • Enable the DDoS protection option, if needed. The option is available if you previously selected the automatic IP assignment method in the public address settings.

    • (Optional) Create records for the VM in the DNS zone:

      • Expand the DNS settings for internal addresses section and click Add record.
      • Specify the zone, FQDN, and TTL for the record. When setting the FQDN, you can select Detect automatically for the zone.
        You can add multiple records to internal DNS zones. For more information, see Cloud DNS integration with Compute Cloud.
      • To create another record, click Add record.

    If you want to attach an additional network interface to your VM, click Add network interface and repeat the settings from this step for the new interface. You can add up to eight network interfaces to a single VM.

  12. Under Access, specify the data for access to the VM:

    • (Optional) Enable VM access via OS Login. The option is available for Linux images from Cloud Marketplace with OS Login in their names.

    • Enter the username into the Login field.

      Alert

      Do not use root or other usernames reserved by the OS. To perform operations requiring superuser permissions, use the sudo command.

    • In the SSH key field, paste the contents of the public key file. You need to create a key pair for the SSH connection yourself. To learn how, see Connecting to a VM via SSH.

    If you want to add several users with SSH keys to the VM at the same time, specify these users' data under Metadata. You can also use metadata to install additional software on a VM when creating it.

    In public Linux images provided by Yandex Cloud, the functionality of connecting over SSH using login and password is disabled by default.

  13. Under General information, specify the VM name:

    • The name must be from 3 to 63 characters long.
    • It may contain lowercase Latin letters, numbers, and hyphens.
    • The first character must be a letter and the last character cannot be a hyphen.

    Note

    The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.

  14. Under Additional:

  15. Click Create VM.

The VM appears in the list. Once created, the VM is assigned an IP address and a host name (FQDN).

You can monitor the VM status in the serial console or the serial port output.

If you do not have the Yandex Cloud command line interface yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. View the description of the CLI command to create a VM:

    yc compute instance create --help

  2. Get a list of images in the default folder:

    yc compute image list

    Result:

    +----------------------+-----------------+--------+-------------+--------+
|          ID          |      NAME       | FAMILY | PRODUCT IDS | STATUS |
+----------------------+-----------------+--------+-------------+--------+
|         ...          |        ...      |        |             |  ...   |
| fd8gkcd3l6ov******** | your-test-image |        |             | READY  |
|         ...          |        ...      |        |             |  ...   |
+----------------------+-----------------+--------+-------------+--------+

  3. Select ID or NAME of the image you need.

  4. Select a subnet:

    yc vpc subnet list

    Result:

    +----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+
|          ID          |           NAME            |      NETWORK ID      | ROUTE TABLE ID |       ZONE        |      RANGE      |
+----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+
| e9bnlm18l70a******** |   default-ru-central1-a   | enpe3m3fa00u******** |                |   ru-central1-a   | [10.128.0.0/24] |
+----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+

  5. Create a VM in the default folder:

    yc compute instance create \
  --name <VM_name> \
  --zone <availability_zone> \
  --network-interface subnet-name=<subnet_name>,nat-ip-version=ipv4 \
  --create-boot-disk name=<disk_name>,size=<disk_size_in_GB>,image-id=<custom_image_ID> \
  --ssh-key <path_to_public_key_file>

    Where:

    • --name: VM name. The naming requirements are as follows:

      • The name must be from 3 to 63 characters long.
      • It may contain lowercase Latin letters, numbers, and hyphens.
      • The first character must be a letter and the last character cannot be a hyphen.

      Note

      The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.

    • --zone: Availability zone corresponding to the selected subnet.

    • --network-interface: VM network interface settings:

      • subnet-name: Name of the selected subnet.
      • nat-ip-version=ipv4: Public IP address. To create a VM without a public IP address, disable this parameter.

      If you want to add multiple network interfaces to the VM, specify the --network-interface parameter as many times as you need. You can add up to eight network interfaces to a single VM.

    • --create-boot-disk: VM boot disk settings:

      • name: Boot disk name. The naming requirements are as follows:

        • The name must be from 3 to 63 characters long.
        • It may contain lowercase Latin letters, numbers, and hyphens.
        • The first character must be a letter and the last character cannot be a hyphen.

      • size: Disk size in GB.

      • image-id: ID of the custom image for the VM. Specify the ID of the uploaded image.

    • --ssh-key: Path to the file with the public SSH key. The VM will automatically create a user named yc-user for this key.

      When creating a VM from a Yandex Cloud Marketplace public image, make sure to provide an SSH key to the VM. By default, SSH access with a username and password is disabled for such images.

      If you want to add several users with SSH keys to the VM at the same time, specify these users' data using the --metadata-from-file parameter.

When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.

You can make a public IP address static. For more information, see Making a VM's public IP address static.

Result:

```text
id: fhmue131en37********
folder_id: b1g681qpemb4********
created_at: "2024-03-02T12:58:43Z"
name: test-vm-from-image
zone_id: ru-central1-a
platform_id: standard-v2
resources:
  memory: "2147483648"
  cores: "2"
  core_fraction: "100"
status: RUNNING
metadata_options:
  gce_http_endpoint: ENABLED
  aws_v1_http_endpoint: ENABLED
  gce_http_token: ENABLED
  aws_v1_http_token: DISABLED
boot_disk:
  mode: READ_WRITE
  device_name: fhmn9n1uhutc********
  auto_delete: true
  disk_id: fhmn9n1uhutc********
network_interfaces:
  - index: "0"
    mac_address: d0:0d:1e:70:46:17
    subnet_id: e9bb9n0v4h17********
    primary_v4_address:
      address: 10.12*.*.**
      one_to_one_nat:
        address: 178.154.***.***
        ip_version: IPV4
gpu_settings: {}
fqdn: fhmue131en37********.auto.internal
scheduling_policy: {}
network_settings:
  type: STANDARD
placement_policy: {}
```

If you don't have Terraform, install it and configure the Yandex Cloud provider.

To create a VM from a custom image:

  1. In the configuration file, describe the parameters of the resources you want to create:

    resource "yandex_compute_disk" "boot-disk" {
  name     = "<disk_name>"
  type     = "<disk_type>"
  zone     = "<availability_zone>"
  size     = "<disk_size>"
  image_id = "<custom_image_ID>"
}

resource "yandex_compute_instance" "vm-1" {
  name                      = "vm-from-image"
  allow_stopping_for_update = true
  platform_id               = "standard-v3"
  zone                      = "<availability_zone>"

  resources {
    cores  = <number_of_vCPU_cores>
    memory = <RAM_in_GB>
  }

  boot_disk {
    disk_id = yandex_compute_disk.boot-disk.id
  }

  network_interface {
    subnet_id = "${yandex_vpc_subnet.subnet-1.id}"
    nat       = true
  }

  metadata = {
    ssh-keys = "<username>:<SSH_key_contents>"
  }
}

resource "yandex_vpc_network" "network-1" {
  name = "network1"
}

resource "yandex_vpc_subnet" "subnet-1" {
  name       = "subnet1"
  zone       = "<availability_zone>"
  network_id = "${yandex_vpc_network.network-1.id}"
}

    Where:

    • yandex_compute_disk: Boot disk description:

      • name: Disk name. The naming requirements are as follows:

        • The name must be from 3 to 63 characters long.
        • It may contain lowercase Latin letters, numbers, and hyphens.
        • The first character must be a letter and the last character cannot be a hyphen.

      • type: Disk type.

      • zone: Availability zone the disk will be in.

      • size: Disk size in GB.

      • image_id: ID of the custom image for the VM. Specify the ID of the uploaded image.

    • yandex_compute_instance: VM description.

      • name: VM name. The naming requirements are as follows:

        • The name must be from 3 to 63 characters long.
        • It may contain lowercase Latin letters, numbers, and hyphens.
        • The first character must be a letter and the last character cannot be a hyphen.

        Note

        The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.

      • allow_stopping_for_update: Allow a VM instance to stop to make changes. Set true if you plan to change the network settings, computing resources, disks, or file storage for your VM using Terraform. The default value is false.

      • platform_id: Platform.

      • zone: Availability zone the VM will be in.

      • resources: Number of vCPU cores and RAM available to the VM. The values must match the selected platform.

      • boot_disk: Boot disk settings. Specify the disk ID.

      • network_interface: VM's network interface settings. Specify the ID of the selected subnet. To automatically assign a public IP address to the VM, set nat = true.

        If you want to add multiple network interfaces to the VM, specify the network_interface section as many times as you need. You can add up to eight network interfaces to a single VM.

      • metadata: In metadata, provide the public key for accessing the VM via SSH. For more information, see VM metadata.

    • yandex_vpc_network: Description of the cloud network.
    • yandex_vpc_subnet: Description of the subnet your VM will be connected to.

    Note

    If you already have suitable resources, such as a cloud network and subnet, you do not need to describe them again. Use their names and IDs in the appropriate parameters.

    For more information about the resources you can create with Terraform, see the provider documentation.

  2. Create resources:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

    All the resources you need will then be created in the specified folder. You can check the new resources and their configuration using the management console.

Use the create REST API method for the Instance resource or the InstanceService/Create gRPC API call.

For information about Object Storage pricing, see Object Storage pricing policy.

Previous
Preparing a disk image
Next
Creating an image from a disk