Moving a VM to a different availability zone
When creating a VM, you can choose the Yandex Cloud availability zone where it will be located.
You can move an existing VM to a different availability zone using a special command in the management console
Warning
To monitor the progress of migration and avoid possible issues during it, use disk snapshots or backups from Cloud Backup for migration. In this way, you yourself determine when to shut down your VM in the source availability zone and when to make it appear in the target availability zone. The VM in the source availability zone may continue to run until you make sure that the VM you created from a snapshot works properly in the new availability zone. For detailed recommendations, see Migrating resources to the ru-central1-d availability zone.
Currently, you can use the relocate
command to migrate VMs and disks only to the ru-central1-d
zone from any other zone.
Warning
The ru-central1-d
zone does not support VMs based on the Intel Broadwell platform. To move such VMs to the ru-central1-d
zone, do one of the following:
- Take a disk snapshot and use it to create a new VM in the
ru-central1-d
zone on a different platform. - Stop the VM, change the platform, and move the VM by running
relocate
.
Moving a VM using disk snapshots
To move a VM to a different availability zone using snapshots, create its copy in the target availability zone and delete the original one.
Create a snapshot of each of the VM's disks
Prepare the disks
A disk snapshot only contains the data that had already been written to the disk when the snapshot was created. If the disk is attached to a running VM, the OS and app cache will not be included in the snapshot.
To ensure the integrity of the snapshot data:
-
Stop all disk write operations in applications.
-
Write the OS cache to the disk:
sync
-
Freeze the file system:
sudo fsfreeze --freeze <mount_point>
Where
--freeze
is the parameter to freeze the file system. Instead of<mount_point>
, specify the folder the file system is connected to, e.g.,/mnt/vdc2
. -
Create a snapshot following the guide below.
-
Unfreeze the file system:
sudo fsfreeze --unfreeze <mount_point>
Where
--unfreeze
is the parameter to unfreeze the file system. Instead of<mount_point>
, specify the folder the file system is connected to, e.g.,/mnt/vdc2
.
- Stop the virtual machine (see Stop).
- Wait until the VM status changes to
STOPPED
.
Create snapshots
To create a disk snapshot:
-
In the management console
, select the folder containing the disk. -
Select Compute Cloud.
-
In the left-hand panel, select
Disks. -
In the row with the disk, click
and select Create snapshot. -
Enter a name for the snapshot. The naming requirements are as follows:
- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
-
If necessary, enter a description of the snapshot.
-
Click Create.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
See the description of the CLI commands to create snapshots:
yc compute snapshot create --help
-
Select the disk to take a snapshot of. To get a list of disks in the default folder, run the command:
yc compute disk list
Result:
+----------------------+--------------+-------------+-------------------+--------+----------------------+-----------------+-------------+ | ID | NAME | SIZE | ZONE | STATUS | INSTANCE IDS | PLACEMENT GROUP | DESCRIPTION | +----------------------+--------------+-------------+-------------------+--------+----------------------+-----------------+-------------+ | a7lqgbt0bb9s******** | first-disk | 20401094656 | ru-central1-a | READY | a7lcvu28njbh******** | | | | a7lv5j5hm1p1******** | second-disk | 21474836480 | ru-central1-a | READY | | | | +----------------------+--------------+-------------+-------------------+--------+----------------------+-----------------+-------------+
-
Create a snapshot in the default folder:
yc compute snapshot create \ --name first-snapshot \ --description "my first snapshot via CLI" \ --disk-id fhm4aq4hvq5g********
As a result, a disk snapshot is created with the
first-snapshot
as the name andmy first snapshot via CLI
as the description.The snapshot naming requirements are as follows:
- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
Describe the parameters of the
yandex_compute_snapshot
resource in the configuration file.Here is an example of the configuration file structure:
resource "yandex_compute_snapshot" "snapshot-1" { name = "disk-snapshot" source_disk_id = "<disk_ID>" }
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the configuration files are correct.
-
In the command line, go to the folder where you created the configuration file.
-
Run a check using this command:
terraform plan
If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.
-
-
Deploy cloud resources.
-
If the configuration does not contain any errors, run this command:
terraform apply
-
Confirm that you want to create the resources.
All the resources you need will then be created in the specified folder. You can check the new resources and their settings using the management console
. -
- Get the list of disks using the list REST API method for the Disk resource or the DiskService/List gRPC API call.
- Create a snapshot using the create REST API method for the Snapshot resource or the SnapshotService/Create gRPC API call.
Repeat the steps to create a snapshot of each disk.
Create a VM in a different availability zone with the disks from the snapshots
To create a VM in a different availability zone with the disks from the snapshots:
-
In the management console
, select the folder to create your VM in. -
In the list of services, select Compute Cloud.
-
In the left-hand panel, select
Virtual machines. -
Click Create virtual machine.
-
Under Boot disk image:
- Go to the Custom tab.
- Click
, and, in the window that opens, select Create new. - In the Contents field, select
Snapshot
and then select the disk snapshot you need from the list below. Use filters if you need to. - Enter a name for the new boot disk.
- Select the disk type.
- Specify the required disk and block size.
- (Optional) In the Additional field, enable Delete along with the virtual machine if you need to automatically delete this disk when deleting the VM.
- Click Add disk.
-
Under Location, select an availability zone to place your VM in.
-
Add a secondary disk:
- Under Disks and file storages, click Add.
- In the window that opens, select Disk →
Create new
. - In the Contents field, select
Snapshot
. - Enter a name for the new disk.
- Select the disk type.
- Specify the required disk and block size.
- (Optional) In the Additional field, enable Delete along with the virtual machine if you need to automatically delete this disk when deleting the VM.
- Click Add disk.
-
(Optional) To encrypt a boot disk or a secondary disk, under Disks and file storages, click
to the right of the disk name and configure encryption parameters for the disk:- Select Encrypted disk.
- In the KMS key field, select the key to encrypt the disk with. To create a new key, click Create new key.
Warning
You can specify encryption settings only when creating a disk. You cannot disable or change disk encryption.
If you deactivate the key used to encrypt a disk, image, or snapshot, access to the data will be suspended until you reactivate the key.
Alert
If you destroy the key or its version used to encrypt a disk, image, or snapshot, access to the data will be irrevocably lost. Learn more in Destroying key versions.
-
(Optional) Connect a file storage:
-
Under Disks and file storages, click Add.
-
In the window that opens, select File storage and select the storage you want to connect from the list.
-
Click Add file storage.
-
-
-
Under Computing resources, select a preset configuration or create a new one. To create a configuration:
- Go to the Custom tab.
- Choose a platform.
- Specify the guaranteed share and required number of vCPUs, as well as RAM size.
- Enable a software-accelerated network if needed.
- If required, make your VM preemptible.
-
Under Network settings:
-
In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, you can select a cloud network from the list.
-
Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.
-
If you do not have a network, click Create network to create one:
- In the window that opens, enter the network name and select the folder to host the network.
- (Optional) Select the Create subnets option to automatically create subnets in all availability zones.
- Click Create network.
-
-
In the Public IP field, choose a method for assigning an IP address:
Auto
: Assign a random IP address from the Yandex Cloud IP address pool. In this case, you can enable DDoS protection using the option below.List
: Select a public IP address from the list of previously reserved static addresses. For more information, see Converting a dynamic public IP address to static.No address
: Not to assign a public IP address.
-
Select the appropriate security groups. If you leave this field empty, the default security group will be assigned to the VM.
-
Expand the Additional section and select a method for internal IP address assignment in the Internal IPv4 address field:
Auto
: Assign a random IP address from the pool of IP addresses available in the selected subnet.Manual
: Manually assign a private IP address to the VM.- Enable the DDoS protection option, if needed. The option is available if you previously selected the automatic IP assignment method in the public address settings.
-
(Optional) Create records for the VM in the DNS zone:
- Expand the DNS settings for internal addresses section and click Add record.
- Specify the zone, FQDN, and TTL for the record. When setting the FQDN, you can select
Detect automatically
for the zone.
You can add multiple records to internal DNS zones. For more information, see Cloud DNS integration with Compute Cloud. - To create another record, click Add record.
If you want to attach an additional network interface to your VM, click Add network interface and repeat the settings from this step for the new interface. You can add up to eight network interfaces to a single VM.
-
-
Under Access:
-
Select Access by OS Login to connect and manage access to the new VM using OS Login in Yandex Cloud Organization.
With OS Login, you can connect to VMs using SSH keys and SSH certificates via a standard SSH client or the Yandex Cloud CLI. OS Login allows you to rotate the SSH keys used to access VMs, providing the most secure access option.
-
If you prefer not to use OS Login, select SSH key and specify the following info for VM access:
-
Under Login, enter the username.
Alert
Do not use
root
or other usernames reserved by the OS. To perform operations requiring superuser permissions, use thesudo
command. -
In the SSH key field, select the SSH key saved in your organization user profile.
If there are no saved SSH keys in your profile, or you want to add a new key:
- Click Add key.
- Enter a name for the SSH key.
- Upload or paste the contents of the public key file. You need to create a key pair for the SSH connection to a VM yourself.
- Click Add.
The SSH key will be added to your organization user profile.
If users cannot add SSH keys to their profiles in the organization, the added public SSH key will only be saved to the user profile of the VM being created.
-
If you want to add several users with SSH keys to the VM at the same time, specify these users' data under Metadata. You can also use metadata to install additional software on a VM when creating it.
In public Linux images provided by Yandex Cloud, the functionality of connecting over SSH using login and password is disabled by default.
-
-
Under General information, specify the VM name:
- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
Note
The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.
-
Under Additional:
-
(Optional) Select or create a service account. With a service account, you can flexibly configure access rights for your resources.
-
(Optional) Grant access to the serial console.
-
(Optional) Under Backup, enable Connect and select or create a backup policy to back up your VMs automatically using Cloud Backup.
For more information, see Connecting Compute Cloud VMs and Yandex BareMetal servers to Cloud Backup.
-
(Optional) Under Monitoring, enable the Agent for delivering metrics option to configuire delivery of metrics to Yandex Monitoring.
-
(Optional) Under Placement, select a VM placement group.
-
-
Click Create VM.
You will see the new VM in the list. Every new VM gets an IP address and host name (FQDN).
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
View the description of the CLI command for creating a VM:
yc compute instance create --help
-
Prepare the snapshots of the disks, see Creating a disk snapshot.
-
Get a list of snapshots in the default folder:
yc compute snapshot list
Result:
+----------------------+-----------------+----------------------+--------+----------------------------+ | ID | NAME | PRODUCT IDS | STATUS | DESCRIPTION | +----------------------+-----------------+----------------------+--------+----------------------------+ | fd8rlt1u2rf0l******* | first-snapshot | f2ecl5vhsftd******** | READY | my first snapshot via CLI | | fhmolt1u2rf0******** | second-snapshot | f2eclmol5lps******** | READY | my second snapshot via CLI | +----------------------+-----------------+----------------------+--------+----------------------------+
-
Select the IDs (
ID
) or names (NAME
) of the snapshots you need. -
Create a VM in the default folder:
yc compute instance create \ --name first-instance \ --zone ru-central1-a \ --public-ip \ --create-boot-disk snapshot-name=first-snapshot \ --create-disk snapshot-name=second-snapshot \ --ssh-key ~/.ssh/id_ed25519.pub
This command creates a VM named
first-instance
in theru-central1-a
availability zone, with a public IP and disks from the snapshots.Note
The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.
To create a VM without a public IP address, remove the
--public-ip
flag.If you want to add multiple network interfaces to the VM, specify the
--network-interface
parameter as many times as you need. You can add up to eight network interfaces to a single VM.
Use the create REST API method for the Instance resource or the InstanceService/Create gRPC API call.
Delete the original VM
To delete the original VM:
-
In the management console
, select the folder the VM belongs to. -
Select Compute Cloud.
-
In the row with the VM you need, click
→ Delete.To delete multiple VMs, select the VMs you need to delete in the list and click Delete at the bottom of the screen.
-
In the window that opens, click Delete.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
View a description of the CLI instance delete command below:
yc compute instance delete --help
-
Get a list of VMs in the default folder:
yc compute instance list
Result:
+----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4******** | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7g******** | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+
-
Select the
ID
orNAME
of the VM you need, e.g.,first-instance
. -
Delete the VM instance:
yc compute instance delete first-instance
If you don't have Terraform, install it and configure the Yandex Cloud provider.
If you created an instance using Terraform, you can delete it:
-
In the command line, go to the folder with the Terraform configuration file.
-
Delete the resources using this command:
terraform destroy
Alert
Terraform deletes all the resources that you created in the current configuration, such as clusters, networks, subnets, and instances.
-
Type
yes
and press Enter.
Use the delete REST API method for the Instance resource or the InstanceService/Delete gRPC API call.
Moving a VM using a special command
When a VM is moved to a different availability zone using the management console or the CLI, its metadata and ID will be preserved. The VM will be moved to the new availability zone together with all the disks attached to it.
Note
The time it takes to move a VM to a different availability zone depends on the size of its disks. It takes about 10 minutes to move a 100 GB disk.
In some cases, the migration may take longer if you are moving it to the ru-central1-d
availability zone.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
See the description of the CLI command for moving a VM to a different availability zone:
yc compute instance relocate --help
-
Get a list of all subnets in the default folder:
yc vpc subnet list
Result:
+----------------------+-----------------------+----------------------+----------------+---------------+-------------------+ | ID | NAME | NETWORK ID | ROUTE TABLE ID | ZONE | RANGE | +----------------------+-----------------------+----------------------+----------------+---------------+-------------------+ | bucqps2lt75g******** | subnet-ru-central1-a1 | c64pv6m0aqq6******** | | ru-central1-a | [192.168.11.0/24] | | e2lrucutusnd******** | subnet-ru-central1-a2 | c64pv6m0aqq6******** | | ru-central1-a | [192.168.12.0/24] | | e2lv9c6aek1d******** | subnet-ru-central1-a3 | c64pv6m0aqq6******** | | ru-central1-a | [192.168.13.0/24] | | bltign9kcffv******** | default-ru-central1-b | c64pv6m0aqq6******** | | ru-central1-b | [192.168.1.0/24] | +----------------------+-----------------------+----------------------+----------------+---------------+-------------------+
-
Get a list of all security groups in the default folder:
yc vpc sg list
Result:
+----------------------+---------------------------------+--------------------------------+----------------------+ | ID | NAME | DESCRIPTION | NETWORK-ID | +----------------------+---------------------------------+--------------------------------+----------------------+ | c646ev94tb6k******** | my-sg-group | | c64pv6m0aqq6******** | | c64r84tbt32j******** | default-sg-c64pv6m0aqq6******** | Default security group for | c64pv6m0aqq6******** | | | | network | | +----------------------+---------------------------------+--------------------------------+----------------------+
-
Get a list of all VMs in the default folder:
yc compute instance list
Result:
+----------------------+---------+---------------+---------+---------------+-------------+ | ID | NAME | ZONE ID | STATUS | EXTERNAL IP | INTERNAL IP | +----------------------+---------+---------------+---------+---------------+-------------+ | a7lh48f5jvlk******** | my-vm-1 | ru-central1-a | RUNNING | | 192.168.0.7 | | epdsj30mndgj******** | my-vm-2 | ru-central1-b | RUNNING | | 192.168.1.7 | +----------------------+---------+---------------+---------+---------------+-------------+
-
Get a list of network interfaces of the VM in question by specifying the VM ID:
yc compute instance get <VM_ID>
Result:
... network_interfaces: - index: "0" mac_address: d0:0d:24:**:**:** subnet_id: bucqps2lt75g******** primary_v4_address: address: 192.168.11.23 one_to_one_nat: address: 158.160.**.*** ip_version: IPV4 - index: "1" mac_address: d0:1d:24:**:**:** subnet_id: e2lrucutusnd******** primary_v4_address: address: 192.168.12.32 - index: "2" mac_address: d0:2d:24:**:**:** subnet_id: e2lv9c6aek1d******** primary_v4_address: address: 192.168.13.26 ...
-
Move the VM to a different availability zone:
yc compute instance relocate <VM_ID> \ --destination-zone-id <availability_zone_ID> \ --network-interface subnet-id=<subnet_ID>,security-group-ids=<security_group_ID>
Where:
-
<VM_ID>
: ID of the VM to move to a different availability zone. -
--destination-zone-id
: ID of the availability zone to move the VM to. -
--network-interface
: VM network interface settings:subnet-id
: ID of the subnet in the availability zone to move the VM to.security-group-ids
: ID of the security group to link to the VM you are moving. You can link multiple security groups to a single VM by providing a comma-separated list of security group IDs in[id1,id2]
format.
If a VM has multiple network interfaces, specify the
--network-interface
parameter as many times as needed (for each network interface).
For more information about the
yc compute instance relocate
command, see the CLI reference.Here is an example:
yc compute instance relocate a7lh48f5jvlk******** \ --destination-zone-id ru-central1-b \ --network-interface \ subnet-id=bltign9kcffv********,security-group-ids=c646ev94tb6k********
In this example, we are moving a VM named
my-vm-1
from theru-central1-a
availability zone toru-central1-b
.Result:
done (3m15s) id: a7lh48f5jvlk******** folder_id: aoeg2e07onia******** created_at: "2023-10-13T19:47:40Z" name: my-vm-1 zone_id: ru-central1-b platform_id: standard-v3 resources: memory: "2147483648" cores: "2" core_fraction: "100" status: RUNNING metadata_options: gce_http_endpoint: ENABLED aws_v1_http_endpoint: ENABLED gce_http_token: ENABLED aws_v1_http_token: DISABLED boot_disk: mode: READ_WRITE device_name: a7lp7jpslu59******** auto_delete: true disk_id: a7lp7jpslu59******** network_interfaces: - index: "0" mac_address: d0:0d:11:**:**:** subnet_id: bltign9kcffv******** primary_v4_address: address: 192.168.1.17 security_group_ids: - c646ev94tb6k******** gpu_settings: {} fqdn: my-vm-1.ru-central1.internal scheduling_policy: {} network_settings: type: STANDARD placement_policy: {}
If you are moving a VM with a disk in a placement group, use this command:
yc compute instance relocate <VM_ID> \ --destination-zone-id <availability_zone_ID> \ --network-interface subnet-id=<subnet_ID>,security-group-ids=<security_group_ID> \ --boot-disk-placement-group-id <disk_placement_group_ID> \ --boot-disk-placement-group-partition <partition_number> \ --secondary-disk-placement disk-name=<disk_name>,disk-placement-group-id=<disk_placement_group_ID>,disk-placement-group-partition=<partition_number>
Where:
-
--boot-disk-placement-group-id
: Disk placement group ID. -
--boot-disk-placement-group-partition
: Partition number in the disk placement group with the partition placement strategy. -
--secondary-disk-placement
: Placement policy for secondary disks. Parameters:disk-name
: Disk name.disk-placement-group-id
: ID of the disk placement group to place the disk in.disk-placement-group-partition
: Partition number in the disk placement group.
For more information about the
yc compute instance relocate
command, see the CLI reference. -
Please note that connecting VM's network interfaces to new subnets changes their IP addressing. If you need to specify internal IP addresses for the VM's network interfaces, use the ipv4-address=<internal_IP_address>
property of the network-interface
parameter; for public IP addresses, use the nat-address=<public_IP_address>
property. Other than that, setting up network interface parameters when moving a VM to a different availability zone is similar to setting up the same parameters when creating a VM.
Note
If the VM disks are being written to, moving them may end in an error. In this case, stop writing to the disks or shut down the VM and restart the move.
Examples
Moving a VM to a different zone
In this example, we are moving a VM named my-vm-1
from the ru-central1-a
availability zone to ru-central1-d
.
yc compute instance relocate a7lh48f5jvlk******** \
--destination-zone-id ru-central1-d \
--network-interface \
subnet-id=bltign9kcffv********,security-group-ids=c646ev94tb6k********
Result:
done (3m15s)
id: a7lh48f5jvlk********
folder_id: aoeg2e07onia********
created_at: "2023-10-13T19:47:40Z"
name: my-vm-1
zone_id: ru-central1-d
platform_id: standard-v3
resources:
memory: "2147483648"
cores: "2"
core_fraction: "100"
status: RUNNING
metadata_options:
gce_http_endpoint: ENABLED
aws_v1_http_endpoint: ENABLED
gce_http_token: ENABLED
aws_v1_http_token: DISABLED
boot_disk:
mode: READ_WRITE
device_name: a7lp7jpslu59********
auto_delete: true
disk_id: a7lp7jpslu59********
network_interfaces:
- index: "0"
mac_address: d0:0d:11:**:**:**
subnet_id: bltign9kcffv********
primary_v4_address:
address: 192.168.1.17
security_group_ids:
- c646ev94tb6k********
gpu_settings: {}
fqdn: my-vm-1.ru-central1.internal
scheduling_policy: {}
network_settings:
type: STANDARD
placement_policy: {}
Moving a VM with disks in a placement group
In this example, we are moving a VM named my-vm-1
with two disks in the placement group from the ru-central1-b
availability zone to ru-central1-d
.
yc compute instance relocate epd6qtn128k1******** \
--destination-zone-id ru-central1-d \
--network-interface \
subnet-id=fl8glc5v0lqj********,security-group-ids=enp1gjh3q042******** \
--boot-disk-placement-group-id fv4pfmor782v******** \
--boot-disk-placement-group-partition 1 \
--secondary-disk-placement \
disk-name=disk-two,fv4pfmor782v********,disk-placement-group-partition=2
Result:
done (9m0s)
id: epd6qtn128k1********
folder_id: b1gmit33ngp3********
created_at: "2023-12-07T19:30:20Z"
name: my-vm-1
zone_id: ru-central1-d
platform_id: standard-v3
resources:
memory: "2147483648"
cores: "2"
core_fraction: "100"
status: RUNNING
metadata_options:
gce_http_endpoint: ENABLED
aws_v1_http_endpoint: ENABLED
gce_http_token: ENABLED
aws_v1_http_token: DISABLED
boot_disk:
mode: READ_WRITE
device_name: epdeqrm6g38j********
auto_delete: true
disk_id: epdeqrm6g38j********
secondary_disks:
- mode: READ_WRITE
device_name: epdi54snn7t6********
disk_id: epdi54snn7t6********
network_interfaces:
- index: "0"
mac_address: d0:0d:6d:76:e1:12
subnet_id: fl8glc5v0lqj********
primary_v4_address:
address: 10.130.0.12
security_group_ids:
- enp1gjh3q042********
gpu_settings: {}
fqdn: my-vm-1.ru-central1.internal
scheduling_policy: {}
network_settings:
type: STANDARD
placement_policy: {}