Contact UsGet started
© 2024 Direct Cursus Technology L.L.C.

Creating a VM from a public image

Written by
Updated at December 20, 2024

To create a VM:

  1. In the management console, select the folder to create your VM in.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines.

  4. Click Create virtual machine.

  5. Under Boot disk image, select a public image with the software you want to use.

  6. Under Location, select an availability zone to place your VM in.

  7. (Optional) Configure the boot disk in the Disks and file storages section:

    • Select the disk type.
    • Specify the required disk size.

  8. (Optional) Add a secondary disk:

    • Under Disks and file storages, click Add.

    • In the window that opens, select Disk. You can select an existing disk or create a new one: either empty or from a snapshot / image.

      For example, to create a new empty disk:

      • Select Create request.
      • In the Contents field, select Empty.
      • Specify the disk name.
      • Select the disk type.
      • Specify the required disk size and block size.
      • (Optional) In the Additional field, enable Delete along with the virtual machine if you need to automatically delete this disk when deleting the VM.
      • Click Add disk.

  9. (Optional) Connect a file storage:

    • Under Disks and file storages, click Add.

      • In the window that opens, select File storage and select the storage you want to connect from the list.

      • Click Add file storage.

  10. Under Computing resources, select a preset configuration or create a new one. To create a configuration:

    Note

    Each public image has its own minimum requirements for a VM. A GitLab image from Yandex Cloud Marketplace, for instance, requires at least 4 virtual cores and 8 GB of RAM.

  11. Under Network settings:

    • In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, you can select a cloud network from the list.

      • Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.

      • If you do not have a network, click Create network to create one:

        • In the window that opens, enter the network name and select the folder to host the network.
        • (Optional) Select the Create subnets option to automatically create subnets in all availability zones.
        • Click Create network.

    • In the Public IP field, choose a method for assigning an IP address:

      • Auto: Assign a random IP address from the Yandex Cloud IP address pool. In this case, you can enable DDoS protection using the option below.
      • List: Select a public IP address from the list of previously reserved static addresses. For more information, see Converting a dynamic public IP address to static.
      • No address: Not to assign a public IP address.

    • Select the appropriate security groups. If you leave this field empty, the default security group will be assigned to the VM.

    • Expand the Additional section and select a method for internal IP address assignment in the Internal IPv4 address field:

      • Auto: Assign a random IP address from the pool of IP addresses available in the selected subnet.
      • Manual: Manually assign a private IP address to the VM.
      • Enable the DDoS protection option, if needed. The option is available if you previously selected the automatic IP assignment method in the public address settings.

    • (Optional) Create records for the VM in the DNS zone:

      • Expand the DNS settings for internal addresses section and click Add record.
      • Specify the zone, FQDN, and TTL for the record. When setting the FQDN, you can select Detect automatically for the zone.
        You can add multiple records to internal DNS zones. For more information, see Cloud DNS integration with Compute Cloud.
      • To create another record, click Add record.

    If you want to attach an additional network interface to your VM, click Add network interface and repeat the settings from this step for the new interface. You can add up to eight network interfaces to a single VM.

  12. Under Access:

    • Select Access by OS Login to connect and manage access to the new VM using OS Login in Yandex Cloud Organization.

      With OS Login, you can connect to VMs using SSH keys and SSH certificates via a standard SSH client or the Yandex Cloud CLI. OS Login allows you to rotate the SSH keys used to access VMs, providing the most secure access option.

    • If you prefer not to use OS Login, select SSH key and specify the following info for VM access:

      • Under Login, enter the username.

        Alert

        Do not use root or other usernames reserved by the OS. To perform operations requiring superuser permissions, use the sudo command.

      • In the SSH key field, select the SSH key saved in your organization user profile.

        If there are no saved SSH keys in your profile, or you want to add a new key:

        • Click Add key.
        • Enter a name for the SSH key.
        • Upload or paste the contents of the public key file. You need to create a key pair for the SSH connection to a VM yourself.
        • Click Add.

        The SSH key will be added to your organization user profile.

        If users cannot add SSH keys to their profiles in the organization, the added public SSH key will only be saved to the user profile of the VM being created.

    If you want to add several users with SSH keys to the VM at the same time, specify these users' data under Metadata. You can also use metadata to install additional software on a VM when creating it.

    In public Linux images provided by Yandex Cloud, the functionality of connecting over SSH using login and password is disabled by default.

    Note

    On VMs with access via OS Login enabled, provide your custom SSH keys through metadata.

  13. Under General information, specify the VM name:

    • The name must be from 3 to 63 characters long.
    • It may contain lowercase Latin letters, numbers, and hyphens.
    • The first character must be a letter and the last character cannot be a hyphen.

    Note

    The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.

  14. Under Additional:

  15. Click Create VM.

VM creation takes several minutes. When the VM status changes to RUNNING, proceed to configure the software. You can monitor VM statuses on the list of VMs in the folder.

If you do not have the Yandex Cloud command line interface yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. View the description of the CLI command to create a VM:

    yc compute instance create --help

  2. Prepare a key pair (public and private keys) for SSH access to the VM.

  3. Select one of the Yandex Cloud Marketplace public images.

    You can also view image IDs in the management console when creating a VM or on the image page in Cloud Marketplace, under Product IDs.

    To get a list of available images using the CLI, run this command:

    yc compute image list --folder-id standard-images

    Result:

    +----------------------+-------------------------------------+--------------------------+----------------------+--------+
|          ID          |                NAME                 |          FAMILY          |     PRODUCT IDS      | STATUS |
+----------------------+-------------------------------------+--------------------------+----------------------+--------+
...
| fdvk34al8k5n******** | centos-7-1549279494                 | centos-7                 | dqni65lfhvv2******** | READY  |
| fdv7ooobjfl3******** | windows-2016-gvlk-1548913814        | windows-2016-gvlk        | dqnnc72gj2is******** | READY  |
| fdv4f5kv5cvf******** | ubuntu-1604-lts-1549457823          | ubuntu-1604-lts          | dqnnb6dc7640******** | READY  |
...
+----------------------+-------------------------------------+--------------------------+----------------------+--------+

    Where:

    • ID: Image ID.

    • NAME: Image name.

    • FAMILY: ID of the image family the image belongs to.

    • PRODUCT IDS: IDs of Yandex Cloud Marketplace products associated with the image.

    • STATUS: Current status of the image. It may take one of the following values:

      • STATUS_UNSPECIFIED: Image status is not defined.
      • CREATING: Image is being created.
      • READY: Image is ready to use.
      • ERROR: You cannot use the image due to an issue.
      • DELETING: Image is being deleted.

  4. Select a subnet:

    yc vpc subnet list

    Result:

    +----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+
|          ID          |           NAME            |      NETWORK ID      | ROUTE TABLE ID |       ZONE        |      RANGE      |
+----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+
| b0c6n43f9lgh******** | default-ru-central1-a     | enpe3m3fa00u******** |                | ru-central1-a     | [10.130.0.0/24] |
| e2l2da8a20b3******** | default-ru-central1-b     | enpe3m3fa00u******** |                | ru-central1-a     | [10.129.0.0/24] |
| e9bnlm18l70a******** | default-ru-central1-d     | enpe3m3fa00u******** |                | ru-central1-a     | [10.128.0.0/24] |
+----------------------+---------------------------+----------------------+----------------+-------------------+-----------------+

  5. Create a VM in the default folder:

    yc compute instance create \
  --name first-instance \
  --zone ru-central1-a \
  --network-interface subnet-name=default-ru-central1-a,nat-ip-version=ipv4 \
  --create-boot-disk image-folder-id=standard-images,image-family=centos-7 \
  --ssh-key ~/.ssh/id_ed25519.pub

    Where:

    • --name: VM name. The naming requirements are as follows:

      • The name must be from 3 to 63 characters long.
      • It may contain lowercase Latin letters, numbers, and hyphens.
      • The first character must be a letter and the last character cannot be a hyphen.

      Note

      The VM name is used to generate an internal FQDN only once: when creating a VM. If the internal FQDN is important to you, choose an appropriate name for the VM at the creation stage.

    • --zone: Availability zone corresponding to the selected subnet.

    • --network-interface: VM network interface settings.

      • subnet-name: Name of the selected subnet.
      • nat-ip-version=ipv4: Public IP address. To create a VM without a public IP address, disable this parameter.

      If you want to add multiple network interfaces to the VM, specify the --network-interface parameter as many times as you need. You can add up to eight network interfaces to a single VM.

    • --create-boot-disk: VM boot disk settings:

      • image-family: Image family, e.g., centos-7. This option allows you to install the latest version of the OS from the specified family.

    • --ssh-key: Path to the file with the public SSH key. The VM will automatically create a user named yc-user for this key.

      When creating a VM from a Yandex Cloud Marketplace public image, make sure to provide an SSH key to the VM. By default, SSH access with a username and password is disabled for such images.

      If you want to add several users with SSH keys to the VM at the same time, specify these users' data using the --metadata-from-file parameter.

Once you are done, all the resources you need will be created in the specified folder. You can verify that the resources are there and their configuration is correct using the management console or the following CLI command:

yc compute instance list

When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.

You can make a public IP address static. For more information, see Making a VM's public IP address static.

If you don't have Terraform, install it and configure the Yandex Cloud provider.

  1. In the configuration file, describe the parameters of the resources you want to create:

    
resource "yandex_compute_disk" "boot-disk" {
  name     = "<disk_name>"
  type     = "<disk_type>"
  zone     = "<availability_zone>"
  size     = "<disk_size>"
  image_id = "<image_ID>"
}

resource "yandex_compute_instance" "linux-vm" {
  name        = "linux-vm"
  platform_id = "standard-v3"
  zone        = "<availability_zone>"

  resources {
    cores  = "<number_of_vCPU_cores>"
    memory = "<RAM_in_GB>"
  }

  boot_disk {
    disk_id = yandex_compute_disk.boot-disk.id
  }

  network_interface {
    subnet_id = yandex_vpc_subnet.subnet-1.id
    nat       = true
  }

  metadata = {
    user-data = "#cloud-config\nusers:\n  - name: <username>\n    groups: sudo\n    shell: /bin/bash\n    sudo: 'ALL=(ALL) NOPASSWD:ALL'\n    ssh_authorized_keys:\n      - ${file("<path_to_public_SSH_key>")}"
  }
}

resource "yandex_vpc_network" "network-1" {
  name = "network1"
}

resource "yandex_vpc_subnet" "subnet-1" {
  name           = "subnet1"
  zone           = "<availability_zone>"
  v4_cidr_blocks = ["192.168.10.0/24"]
  network_id     = yandex_vpc_network.network-1.id
}

    Where:

    • yandex_compute_disk: Boot disk description:

    • yandex_compute_instance: VM description.

      • name: VM name.

      • platform_id: Platform.

      • zone: Availability zone the VM will be in.

      • resources: Number of vCPU cores and RAM available to the VM. The values must match the selected platform.

      • boot_disk: Boot disk settings. Specify the disk ID.

      • network_interface: VM's network interface settings. Specify the ID of the selected subnet. To automatically assign a public IP address to the VM, set nat = true.

        If you want to add multiple network interfaces to the VM, specify the network_interface section as many times as you need. You can add up to eight network interfaces to a single VM.

      • metadata: In the metadata, provide the username and public key for SSH access to the VM. For more information, see VM metadata.

        If you want to add multiple users with SSH keys to the VM at the same time, specify these users' data in a file and provide it under metadata.

    • yandex_vpc_network: Description of the cloud network.

    • yandex_vpc_subnet: Description of the subnet your VM will be connected to.

    Note

    If you already have suitable resources, such as a cloud network and subnet, you do not need to describe them again. Use their names and IDs in the appropriate parameters.

    For more information about the resources you can create with Terraform, see the provider documentation.

  2. Make sure the configuration files are correct.

    1. In the command line, go to the folder where you created the configuration file.

    2. Run a check using this command:

      terraform plan

    If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.

  3. Deploy cloud resources.

    1. If the configuration does not contain any errors, run this command:

      terraform apply

    2. Confirm creating the resources: type yes in the terminal and press Enter.

    Once you are done, all the resources you need will be created in the specified folder. You can verify that the resources are there and their configuration is correct using the management console or the following CLI command:

    yc compute instance list

When a VM is created, it is assigned an IP address and hostname (FQDN). This data can be used for SSH access.

You can make a public IP address static. For more information, see Making a VM's public IP address static.

Previous
Configuring VM placement group access permissions
Next
Configuring software