FAQ about Compute Cloud
General questions
Why use cloud computing?
Yandex Cloud offers scalable computing capacity: you can quickly create and start VMs on demand and stop them when the load decreases. By leveraging cloud resources, you reduce your IT infrastructure costs as you pay only for the resources you actually consume.
Cloud infrastructure is easier to manage, so you can focus on your business tasks rather than maintaining servers.
What can I do with a Yandex Cloud VM?
- Use only the computing capacity you really need. You do not have to buy expensive, powerful equipment for every business task that requires it. Instead, you can create a Yandex Cloud VM and use it if and when required.
- Quickly scale computing power up or down as needed. You can start additional VMs during peak periods and stop them when the load drops.
- Use VMs to deploy applications that must always be available. You do not need to worry about guaranteeing server uptime: Yandex Cloud will keep it running smoothly. Focus on building your software.
- Configure backups to easily recover your data in the event of data loss.
- Create and distribute VM disk images. You can use images to quickly deploy your software on other VMs.
- Automate VM management using the API and scripts in the CLI.
For more information about Yandex Cloud VMs, see VMs in Compute Cloud.
How do Yandex Cloud VMs differ from regular hosting?
Traditional hosting offers resources on lease with pre-agreed performance for a fixed term. Yandex Cloud VMs enable you to use cloud resources as your personal data center. At the same time, you get all the advantages of the fault tolerant infrastructure Yandex Cloud data centers provide.
You can scale your cloud infrastructure as your performance requirements change. This way you can manage how many resources you are using at any given time and how much you pay for them.
You will also be able to monitor and manage the status of your VMs. You can start and stop VMs as needed. You can set up your VM software configuration and change it as required. Disk images and snapshots enable you to easily transfer data between your VMs.
How do I get started with a Yandex Cloud VM?
You can create your first VM by following one of the scenarios described in Getting started with Compute Cloud.
How do I access my VM?
You can connect to your VM from another VM within the same cloud network. To connect, use the VM internal IP address or FQDN.
If you assigned a public IP address to your VM when creating it, you can use that IP address to connect to the VM from the internet.
You can get IP addresses, FQDNs, and other information in the management console, under Network on the VM page.
For more information, see VM network interfaces.
Use SSH to connect to your Linux VMs. Use RDP to connect to your Windows VMs.
How quickly can I adjust the capacity of my IT systems?
You can adjust your IT system capacity in one of the following ways:
- Create VMs with the appropriate configuration and pre-installed software in advance. During peak loads, simply start these VMs to scale up your IT system capacity. When the load decreases, you can stop some of the VMs to avoid paying for extra resources.
- If you frequently need new VMs with the same configuration, you can create a boot disk image and use it when creating VMs.
Why is my VM running slowly?
As with any servers, including physical ones, VM performance depends on the performance of the following:
- CPU
- RAM
- Disks
- Network
Note that the physical core thread allocated to your VM handles not only the vCPU, but also QEMU virtualization and I/O operations (both network and disk ones).
General best practices for improving VM performance:
-
For product solutions, use a vCPU with a guaranteed performance of at least 100%. If you are using a vCPU with performance below 100%, the vCPU performance may decrease to the guaranteed minimum due to other active processes on the same physical core. For example, for 5% performance, this is only about 100 MHz of clock frequency, which is most likely insufficient for a production server.
If the graphs show that the vCPU load is close to 100% for a long time or at the time the issue occurs, we recommend increasing the number of cores.
-
Never use the swap file. It causes a significant drop in performance. The best solution is to expand vRAM if your system is running low on memory. With Linux, you can also use
zram-config
. -
Use large network SSDs. Network disks can become a bottleneck in the system. They have limits on IOPS and bandwidth, which vary depending on the disk type and size. For more information, see Disk and file storage limits.
Keep in mind that disk performance also depends on the read and write request size. For details, see Read and write operations.
You should read and write data in several threads.
-
Note that network computing depends on the vCPU performance. To diagnose network problems, run synthetic tests that do not involve disk usage. If the issue is indeed related to a slow network, we recommend adding vCPUs and retesting.
Which operating systems do Yandex Cloud VMs support?
Yandex Cloud VMs support Linux and Windows operating systems.
Public boot disk images for popular distributions of these systems are available and tested in Yandex Cloud.
Why can't I see my previous operations in the management console?
The management console stores information about events for 14 days.
Does the service meet the requirements of the Russian Federation Federal Law 152-FZ on personal data?
Yes, it does. You can read the full security audit conclusion here
How do I contact support?
You can contact support in the Support
Can I get logs of my operations in Yandex Cloud?
Yes, you can request information about operations with your resources from Yandex Cloud logs. For more information, see Data requests.
How do I learn about the cost?
See the pricing for this service in Compute Cloud pricing policy. You can also use our calculator.
Virtual machines
Technical specifications
What VM configuration (memory, vCPU) can I use?
When creating a VM, you select its vCPU performance level. This determines the required number and performance of cores (vCPUs). You can choose the computing resources that are appropriate for the expected load.
For more information, see vCPU performance levels.
How do I change the amount of RAM and the number of vCPUs allocated to my VM?
For more information, see Changing VM computing resources.
How do I create a multi-interface VM?
You can add a network interface only when creating a VM. Currently, you can only create multiple interfaces on network images from Yandex Cloud Marketplace.
You can also create a NAT instance to use multiple network interfaces.
VM parameters
How do I increase my quotas?
To increase quotas, submit a request
After creating the request, you will be able to view it and track its status in the support section
Is nested virtualization supported? Can I deploy custom VMs within a VM?
Nested virtualization is not supported for security reasons. If you did not find a suitable public VM image, you can upload a custom image and use it to create your VM. Use this guide: Creating a VM from a custom image.
Will my data be safe if I update the VM settings?
Yes, your data should stay safe. However, please note that you should not restart your VM when writing data to the system disk as this might result in file system corruption.
To update the parameters of your VM, follow these steps:
- Create a snapshot of the disk (see Creating a disk snapshot for details).
- Shut down the VM gracefully (see Stopping, starting, or restarting a VM for details).
- Update the VM parameters (see Changing VM computing resources for details).
- Wait for the operation to complete (the Operations section in Compute Cloud).
- Start the VM.
- Make sure the new parameters are applied.
Can I reduce vCPU or vRAM for my VM?
Yes, you can. However, if the vCPU and/or vRAM utilization was already high prior to updating the parameters, the VM may fail to start after they are reduced.
Still, if the server load is small and consistently distributed, we recommend reducing the parameters to avoid extra charges.
Can I change the FQDN?
A VM gets its FQDN upon creation, and you cannot change it.
If you need to change the FQDN, delete the VM and create a new one. To ensure data consistency:
- Stop the VM (see Stopping for details).
- Create a snapshot of the disk (see Creating a disk snapshot for details).
- Create a new VM by selecting the snapshot as the source of its boot disk. For details, see Creating a VM with disks recovered from snapshots. While creating, specify the FQDN you need.
Can the UUID of a VM change?
Typical VM configuration updates, such as changing the number of vCPUs, the amount of vRAM, and adding disks, do not affect the UUID. However, in some cases, the UUID may change. For example, this may happen when updating BIOS or performing similar operations that affect the service's hardware components.
Keep this in mind when using third-party software licenses. The best solution is to purchase a license that does not have any link to the UUID.
Can I install the required software on a VM when creating it?
Yes, you can. To do this, specify a custom script with commands to install the required software in the metadata of the VM you are creating. For more information, see Creating a VM with a custom configuration script.
How do I change metadata after creating a VM?
Use the updateMetadata API method.
This method enables you to update the metadata in the service without affecting the guest OS run by the VM. If you need to update a parameter within your VM after its creation, in most cases, the best way is to recreate the VM from a snapshot or make the changes manually.
VM operations
Can I copy or clone an existing VM?
Yes, you can create snapshots of the disks attached to your VM and use them when creating a new VM.
Can I move my VM to a different availability zone?
You cannot directly change the availability zone hosting your VM. However, you can create a VM copy in the availability zone you need.
Can I move my VM to a different folder?
You can move your VM to a different folder within a single cloud. For more information, see Moving a VM to a different folder.
Can I recover my VM if I accidentally delete it?
No, you cannot. Deleting a VM is irreversible and cannot be undone.
To prevent data loss if you accidentally delete a VM, you can either set up disk backups using snapshots or configure the disks so that they are not automatically deleted along with the VM.
Connection
How do I connect to a Linux VM?
Use Connecting to a Linux VM over SSH this guide. If the computer you are connecting from runs Windows 7, 8, or early releases of Windows 10 without a built-in console SSH client, use PuTTY
Linux images provided by Yandex Cloud come without a GUI shell by default. SSH authentication with a username and password is disabled by default, as this method is outdated and poses security risks.
I cannot login to my VM after creating it. What should I do?
Your device must have network connectivity to the VM:
- If you are connecting externally, your VM must have a public IP address or be accessible through another VM with a public IP address, e.g., through a NAT instance.
- Your device must allow outgoing traffic to the VM and incoming traffic from it.
Do not shut down or reboot the VM immediately after creating it. VMs with low guaranteed vCPU performance may take a long time to boot for the first time, up to half an hour. If the VM is terminated prematurely, the initialization scripts might have failed to complete. In this case, delete the VM and create a new one.
How do I use root on a Linux VM?
When creating a Linux VM, do not use usernames reserved by the system, such as root
, admin
, etc., because cloud-init
will not be able to add a user with such a username. Try creating a VM, specifying user
for username.
To upgrade your permissions to root
, use sudo
. The user specified when creating the VM is a member of the sudo
group. root
has no password, so you can simply connect to the VM over SSH (see Connecting to a Linux VM over SSH) and run this command:
sudo su
You can also run various commands without switching to root
. For example, to shut down a VM from within the guest OS, use this command:
sudo poweroff
I can no longer login to my VM. What should I do?
Your login details have likely been compromised, resulting in unauthorized access to the VM. Create a disk snapshot of your VM (see Creating a disk snapshot this guide for details) and use it to create a new VM (see Creating a VM with disks recovered from snapshots this guide for details). If you succeeded connecting to the new VM, make sure to use stronger passwords and do not share your private data.
If you cannot access the VM you created from the snapshot either, see How do I retrieve important data from a failed VM.
What should I do if I cannot connect to a VM created from a Cloud Marketplace image?
Some Cloud Marketplace images have service usernames reserved, e.g., bitrix
in the 1C-Bitrix image. When creating a VM and connecting to it, use a username not reserved in the system, e.g., user
. Do not use root
, admin
, or other system usernames.
Later on, you will be able to change the bitrix
user password by running the sudo passwd bitrix
command.
What do I do if the Permission denied error occurs?
When connecting to a VM over SSH, you may get the following errors:
Permission denied (publickey)
Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
Here are common causes of these errors:
- Mistyped public key specified when creating a VM.
- Invalid private key provided when attempting to establish a connection.
- Invalid data in the
authorized_keys
file.
To solve the connection issue, try providing the valid private key using the -i
flag:
ssh -i <key_path/key_file_name> <username>@<VM_public_IP_address>
How do I set up an RDP/VNC connection to a Linux VM?
To enable the GUI on Linux VMs, consider one of these two options:
- Use RDP or VNC. To do this:
-
Install the desktop environment on the Linux VM (Ubuntu/CentOS).
-
Install the
xrdp
or VNC server to connect through RDP or VNC, respectively. -
Configure the software.
We recommend using a combination of a VNC server that only listens to localhost and an SSH tunnel. This way, you will both eliminate the risk of attackers connecting to your VM through VNC and encrypt the VNC traffic.
-
- Configure X11 forwarding to the local computer. For Windows, use Xming
.- Install the desktop environment.
- Configure X11 forwarding and connect over SSH.
- Start the application from the terminal.
I can no longer login to my VM. What should I do?
Your login details have likely been compromised, resulting in unauthorized access to the VM. Create a disk snapshot of your VM (see Creating a disk snapshot this guide for details) and use it to create a new VM (see Creating a VM with disks recovered from snapshots this guide for details). If you succeeded connecting to the new VM, make sure to use stronger passwords and do not share your private data.
If you cannot access the VM you created from the snapshot either, see How do I retrieve important data from a failed VM.
How do I use a serial console? How do I connect to my VM directly?
If you have issues while connecting to your VM over a network, you can use the serial console. For more information about a serial console, see Getting started with a serial console.
You can enable serial console access when creating or updating your VM. The serial console will be available in the Yandex Cloud management console
For a Linux VM, you need to additionally configure password access for the user in advance by connecting over SSH and setting the password using the sudo passwd user
command (replace user
with the username you specified when creating the VM).
What should I do if I lose my SSH key?
If you set a user password, configure the VM serial console and connect to it. We recommend connecting through the CLI.
If no user password is set, take a snapshot of the VM's disk and create a new VM from the snapshot.
If the problem persists:
- Create a new disk from the VM snapshot.
- Attach it as a secondary disk to a different VM.
- Change the root directory with
chroot
. - Modify configuration files that affect VM accessibility, e.g., set a new password for the user using the
sudo passwd <username>
command. - Detach the disk from the VM.
- Create a new VM. Under Image/boot disk selection, go to the Custom tab and select your disk as the boot disk.
- After restoring access to the VM, do not forget to delete unused resources: VMs, disks, and disk snapshots. If you do not delete them, they will remain billable, and Yandex Cloud will continue to charge for them.
Why is my VM not working after a reboot?
The VM may fail to start after a reboot for one of the following reasons:
- The VM was forcibly restarted while writing to the system disk. This could have damaged the file system.
- Either the firewall or the network, or both, were not properly configured.
cloud-init
settings were updated.- The Python system version, which is also used by
cloud-init
, was modified. - There was an issue with the service.
If you performed one of these actions, see How do I retrieve important data from a failed VM. Otherwise, submit a support request.
How do I retrieve important data from a failed VM?
When a VM fails:
- Create a snapshot of the faulty disk (see Creating a disk snapshot this guide for details).
- Create a new VM with a secondary (non-bootable) disk recovered from the snapshot (see Creating a VM with disks recovered from snapshots for details).
- Connect to the VM (see Using a VM for details).
- Mount the disk (see Mounting a disk created from a snapshot or image for details).
- Run a check of the disk file system.
- Transfer the data you need to the boot disk of your new VM.
Disks, snapshots, and images
How much disk space can I use for a virtual machine?
For disk space limits, see Quotas and limits in Compute Cloud.
How do I resize a disk?
To increase your disk size within the limits, follow this guide. This will not affect your disk data. Be sure to wait until the operation is complete.
Due to the architectural constraints of Yandex Cloud technologies, disk downsizing is not supported. The same applies to creating a disk from a snapshot: it cannot be smaller than the parent disk.
If resizing the disk does not automatically expand the partition on your Linux boot disk, use these commands:
sudo growpart /dev/vda 2
sudo resize2fs /dev/vda2
Non-bootable disks do not have the partition size increased automatically. You will need to use native OS tools to work with disks and their partitions, such as parted
, fdisk
, cfdisk
, sfdisk
, and growpart
. For more information, see Increasing the size of a Linux disk partition.
To avoid accidentally losing data when resizing, we recommend that you first create a disk snapshot.
How do I upload a custom image?
See Uploading a custom disk image to Yandex Cloud.
To ensure your VM created from a custom image works properly, follow all steps in the guide.
If you have followed all recommended steps but still have issues with the image, or in case you have other questions, create a support request.
What happens to VMs running outdated OS versions?
You can use images with outdated OS versions on your VMs; however, you will not be able to get support for these VMs if you have any issues.
Should I use swap?
Swap is strongly discouraged in cloud environments, as the disk subsystem can become a bottleneck for the entire guest system. Network disk limits are too low to use the disk as a RAM extension.
Instead of swap, you can use zram-config
. It enables you to create a swap-like space within RAM itself, leveraging compression that is significantly faster than disk I/O. Keep in mind that under high I/O and/or vCPU loads, zram-config
may negatively impact iowait
, affecting network, disk, and vCPU performance.
The most effective way to increase available memory is to expand vRAM on your VM.
What should I do if a snapshot is larger than the actual data on the disk?
This happens when deleted files leave behind filled sectors on the disk.
To resolve this, create a zero-filled file to overwrite all unused disk space, flush the cache to the disk, and then delete the file entry.
-
For Windows: Stop disk operations and use
SDelete
. You can learn more about this utility and download it from the relevant Microsoft article . -
For Linux: Stop disk operations and run the following commands one by one:
dd if=/dev/zero | pv > full.disk
sync
rm full.disk
Now, all unused space becomes actually empty and you can create a disk snapshot. The snapshot size will be nearly the same as the currently used disk space.
Can I create multiple snapshots of the same disk at a time?
No, you can only create a single snapshot of a disk at a time. While a disk snapshot is being created (either manually or on a schedule), all other scheduled operations for the disk will be skipped.
How do snapshots count towards quotas?
Snapshots are billed and count towards quotas
How do I move a VM to a different folder or cloud?
-
Assign the following roles in your cloud to a user from a different cloud:
- Role for the cloud:
resource-manager.clouds.member
. - Role for the folder:
viewer
orcompute.images.user
.
For details, see Assigning rolesthis guide.
- Role for the cloud:
-
Create an image from your snapshot under Snapshots or from the disk itself under Disks.
A user in the cloud you want to move your VM to must follow these steps:
-
Run this CLI command:
yc compute image create --source-image-id=<your_image_ID>
-
When creating a VM, specify this image as the boot disk.
How do I attach a new disk to my VM?
After creating a new disk and attaching it to your VM, you need to mount it or assign it a letter, depending on your operating system. See Mounting a disk created from a snapshot or image.
How do I set up automatic backups?
For disk backups in Compute Cloud, you can make disk copies called snapshots. To automatically create snapshots, use schedules.
For more information, see Backups in Compute Cloud.
Why was a disk snapshot created later than scheduled?
Scheduled snapshots may be created with a slight delay depending on the current Compute Cloud load.
Can I add a single disk to multiple schedules to create snapshots?
Yes, you can add a disk to multiple schedules. There are fixed limits on the number of schedules for a disk.
What time zone is used for configuring snapshot schedules?
All times are UTC±00:00
Can I choose a folder for scheduled disk snapshots?
All snapshots will be created in the same folder as the schedule, regardless of whether the schedule includes disks from other folders.
What cron expression format is supported for disk snapshot schedules?
See Cron expressions.
If a schedule is configured to keep only the most recent disk snapshots, are older snapshots deleted before or after new ones are created?
After. A new snapshot is created first, then the oldest one is deleted. For example, if you want to keep only the most recent five snapshots, the first snapshot will only be deleted after the sixth one is created, the second snapshot will be deleted after the seventh one is created, and so on.
What happens to running operations and existing snapshots when I change, disable, or delete a disk snapshot schedule?
All running snapshot creation or deletion operations initiated prior to changing, disabling, or deleting the schedule will be completed. Snapshots that were not deleted according to schedule retention settings will stay unaffected.
What happens to my data when I delete a VM?
When selecting a disk to attach to your VM, you can specify whether to delete that disk when deleting the VM. You can enable this option when creating or updating a VM, or when attaching a new disk to it.
Disks attached to a VM prior to its deletion will automatically be detached. This will not affect disk data, and you will be able to attach this disk to another VM when needed.
If you want to have a disk deleted with the VM is it attached to, enable the relevant option when creating the VM, updating it, or attaching the disk. Such disks will be deleted along with the VM.
Do I have to stop a VM to create disk snapshots? Do I have to wait until disk snapshots are created before I can start a VM?
You do not have to stop your VM. However, keep in mind that a snapshot only contains the data available on the disk at the time of creating the snapshot. You need to take care of data integrity yourself. For more information on how to create a disk snapshot, see Creating a disk snapshot.
Snapshots are created asynchronously. You can resume writing data to your disk immediately after running the create snapshot command, without waiting for it to complete.
Can I download an image of a created VM?
This option is not currently supported. However, you can copy data from your VM using application software, such as rsync
, dd
, or GNU Wget
.
If you would like us to implement an option to manually download or upload VM images and disk snapshots from or to external resources or a local device, consider suggesting this feature or voting for a similar one. We regularly review all suggestions and add them to our development roadmap. We will notify you as soon as the feature you suggested or voted for has been implemented.
How do I detect processes that are putting a heavy load on the disk?
You can detect these processes using iotop
/usr/sbin/iotop -botqqqk --iter=60 | grep -P "\d\d\d\d.\d\d K/s" >> /var/log/iotop.log
How can I find out the terms and conditions of technical support for public images?
The terms and conditions of technical support for public images may differ. For more information, see the product page in Yandex Cloud Marketplace.
Instance groups
What is Instance Groups?
Instance Groups is a component that allows you to create, use, and scale groups of similar instances in the Yandex Compute Cloud infrastructure.
With Instance Groups, you can:
- Create groups with the required number of instances and performance parameters.
- Scale the computing capacity up or down, depending on the load.
You work with an instance group as a single entity in the Yandex Compute Cloud infrastructure. This allows you to manage internal settings of instance groups to meet your app requirements.
How do I calculate the cost of using instance groups?
Creating an instance group is free of charge.
All other Yandex Cloud services, such as VMs and external IP addresses, are charged as usual.
How do I know I'm not overpaying?
To select the appropriate number of instances and minimize costs:
- Estimate the amount of computing resources required for your service and see the calculation examples and pricing policy for Yandex Compute Cloud.
- Try to frequently monitor the load on the service at different times of day.
Why can't I delete a service account linked to an instance group?
You cannot delete a service account used to manage an instance group while it is linked to this group. First, update the service account in the instance group settings or delete the instance group and then delete the service account.
Can I install the required software on a group instance when creating it?
Yes, you can. To do this, specify a custom script with commands to install the required software in the metadata section of your new instance's template. For more information, see Creating a VM with a custom configuration script.
Monitoring resource usage
Why does vCPU utilization displayed on the chart exceed 100%?
If you use cores with guaranteed, say, 5% vCPU performance, then this 5% represents 100% of the expected load for the monitoring system. If there are no "neighbors" on the physical core, you can be allocated up to 100% of vCPU performance, which is 20 times higher than the maximum expected load (×20 of 5%). Thus, the chart can show up to 2000%.
If you see the upper limit of 100% exceeded for quite a while in the graphs, we recommend increasing the guaranteed vCPU performance because "neighbors" may appear on the physical core at any time and your real utilization of physical core resources will drop to the guaranteed 5% (about 100 MHz). In this case, the guest system may not cope with the load and you'll lose access to the VM.
How do I track vRAM use through monitoring?
The Compute Cloud service can't measure vRAM consumption inside the guest operating system because for the service, memory consumption by the virtual machine is always the same: the one that is allocated the moment it is started.
To track the vRAM state, use the Yandex Monitoring service. It allows you to record your own metrics. See Writing custom metrics via the API. Just schedule a task to download data about the vRAM state and Monitoring will display them.
Licensing
The terms of use for Microsoft software are governed by the terms and conditions of the Microsoft license agreement that you enter into when purchasing a Microsoft product. The user is responsible for complying with the Microsoft licensing terms and conditions. Licensing recommendations are provided below. You are in no way obligated to follow such recommendations as they are not legally binding. If you have any questions regarding Microsoft software licensing and usage rights, please consult your legal department or Microsoft reseller. The information on this page complies with the current Microsoft Product Terms
General questions about
What is License Mobility?
License Mobility is a benefit provided to customers with Microsoft corporate licenses for eligible server software covered by active Microsoft Software Assurance (SA) agreements. With License Mobility, customers can use eligible Microsoft software when working with third-party cloud solution providers such as Yandex Cloud. See more details at the Microsoft website
What Microsoft software can I run on the Yandex Cloud platform?
Yandex Cloud supports server software available under the License Mobility through Software Assurance
How can I find out whether a Microsoft product is eligible for License Mobility?
You can find this information in the terms of use for the Microsoft product. Information on the eligibility of a product for License Mobility is included in the relevant section of the Software Assurance agreement
Do I need to have a valid Software Assurance agreement in place and participate in License Mobility through Software Assurance to deploy my own Microsoft licenses within Yandex Cloud?
Yes. When using licensed Microsoft software in Compute Cloud, you must have a valid Software Assurance agreement in place and participate in License Mobility through Software Assurance.
Why do I need to specify the address when using Microsoft products?
As of January 24, 2022, you need to specify usernames, names and tax IDs of legal entities, as well as addresses of individuals and legal entities to use Microsoft products. These are the requirements under the Microsoft licensing policy. This data can be sent to Microsoft. Without this data, you will not be able to run Microsoft products.
Can I use Microsoft products with my own licenses in Compute Cloud?
To learn more about Windows Server licensing, see Using personal licenses for Microsoft products.
For any software products you plan to use within your VM, beyond those specifically mentioned, see the terms of the license you purchased or contact Microsoft to find out whether you can use the product with such a license in Yandex Cloud.
Troubleshooting
This section describes typical problems that may arise when using Compute Cloud and the relevant solutions.
You cannot connect to a new VM with multiple network interfaces over SSH
When creating a Linux VM with multiple network interfaces, the additional network interfaces may not work correctly in the OS. In some cases, this issue can hinder network connectivity and prevent you from connecting to your VM over SSH.
To fix it, delete the VM and create a new one by providing additional cloud-init
Expand the Metadata section and add the user-data
key with the following configuration:
For Ubuntu
In the write_files.content.network.ethernets
configuration section, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.
#cloud-config
datasource:
Ec2:
strict_id: false
ssh_pwauth: yes
users:
- name: <username>
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- <public_SSH_key>
write_files:
- path: "/etc/netplan/01-netcfg.yaml"
permissions: "0644"
content: |
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: yes
eth1:
dhcp4: yes
dhcp4-overrides:
use-dns: false
use-routes: false
dhcp6: no
eth2:
dhcp4: yes
dhcp4-overrides:
use-dns: false
use-routes: false
dhcp6: no
runcmd:
- sleep 1
- sudo -i
- netplan apply
For Debian
In the Primary network interface
and Other network interfaces
configuration sections, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.
#cloud-config
datasource:
Ec2:
strict_id: false
ssh_pwauth: yes
users:
- name: <username>
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- <public_SSH_key>
write_files:
- path: "/etc/network/interfaces"
permissions: "0644"
content: |
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# Loopback network interface
auto lo
iface lo inet loopback
# Primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
# Other network interfaces
auto eth1
allow-hotplug eth1
iface eth1 inet dhcp
auto eth2
allow-hotplug eth2
iface eth2 inet dhcp
post-up ip route del default
runcmd:
- sleep 1
- sudo -i
- systemctl restart networking
Where:
name:
: Username for connecting to the VM over SSH.ssh_authorized_keys:
: List of public SSH keys to connect the user to the VM over SSH. Specify at least one public SSH key.
-
Create a file with the cloud-init configuration, e.g.,
vm-init.tpl
:For Ubuntu
In the
write_files.content.network.ethernets
configuration section, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.#cloud-config datasource: Ec2: strict_id: false ssh_pwauth: yes users: - name: <username> sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash ssh_authorized_keys: - <public_SSH_key> write_files: - path: "/etc/netplan/01-netcfg.yaml" permissions: "0644" content: | # This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: eth0: dhcp4: yes eth1: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no eth2: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no runcmd: - sleep 1 - sudo -i - netplan apply
For Debian
In the
Primary network interface
andOther network interfaces
configuration sections, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.#cloud-config datasource: Ec2: strict_id: false ssh_pwauth: yes users: - name: <username> sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash ssh_authorized_keys: - <public_SSH_key> write_files: - path: "/etc/network/interfaces" permissions: "0644" content: | # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # Loopback network interface auto lo iface lo inet loopback # Primary network interface allow-hotplug eth0 iface eth0 inet dhcp # Other network interfaces auto eth1 allow-hotplug eth1 iface eth1 inet dhcp auto eth2 allow-hotplug eth2 iface eth2 inet dhcp post-up ip route del default runcmd: - sleep 1 - sudo -i - systemctl restart networking
-
When creating a VM, provide the created configuration file in the
--metadata-from-file
parameter. Here is an example:yc compute instance create --name=multi-net-vm --hostname=multi-net-vm \ --zone ru-central1-a \ --create-boot-disk image-folder-id=standard-images,image-id=fd8bi0vgcf8vco49q3bm \ --cores=2 --memory=4G --core-fraction=100 \ --network-interface subnet-name=subnet1,ipv4-address=auto,nat-ip-version=ipv4 \ --network-interface subnet-name=subnet2,ipv4-address=auto \ --network-interface subnet-name=subnet3,ipv4-address=auto \ --metadata-from-file user-data=vm-init.tpl
Note
The commands
yc compute instance create
|create-with-container
|update
|add-metadata
support substitution of environment variable values into VM metadata. When you execute a Yandex Cloud CLI command, these values, specified in theuser-data
key in$<variable_name>
format, will be substituted into the VM metadata from the environment variables of the environment the command is executed in.To change such behavior, i.e. to provide a variable name to the VM metadata in
$<variable_name>
format rather than take the variable value from the CLI command runtime environment, use the two-dollar syntax, e.g.,$$<variable_name>
.For more information, see Specifics of providing environment variables in metadata via the CLI.
-
Create a file with the cloud-init configuration, e.g.,
vm-init.tpl
:For Ubuntu
In the
write_files.content.network.ethernets
configuration section, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.#cloud-config datasource: Ec2: strict_id: false ssh_pwauth: yes users: - name: <username> sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash ssh_authorized_keys: - <public_SSH_key> write_files: - path: "/etc/netplan/01-netcfg.yaml" permissions: "0644" content: | # This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: eth0: dhcp4: yes eth1: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no eth2: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no runcmd: - sleep 1 - sudo -i - netplan apply
For Debian
In the
Primary network interface
andOther network interfaces
configuration sections, specify the settings for the required number of network interfaces you want to create on this VM, as shown below. Interfaces are numbered starting from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.#cloud-config datasource: Ec2: strict_id: false ssh_pwauth: yes users: - name: <username> sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash ssh_authorized_keys: - <public_SSH_key> write_files: - path: "/etc/network/interfaces" permissions: "0644" content: | # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # Loopback network interface auto lo iface lo inet loopback # Primary network interface allow-hotplug eth0 iface eth0 inet dhcp # Other network interfaces auto eth1 allow-hotplug eth1 iface eth1 inet dhcp auto eth2 allow-hotplug eth2 iface eth2 inet dhcp post-up ip route del default runcmd: - sleep 1 - sudo -i - systemctl restart networking
-
When creating a VM, provide the created metadata file in the
yandex_compute_instance.metadata
section. Here is an example:resource "yandex_compute_instance" "multi-net-vm" { name = "multi-net-vm" platform_id = "standard-v2" zone = "ru-central1-a" resources { cores = "2" memory = "2" } boot_disk { initialize_params { image_id = "fd8bi0vgcf8vco49q3bm" } } network_interface { subnet_id = "e2lrucutusnd********" nat = true } network_interface { subnet_id = "e2lpp96bvvgp********" nat = false } network_interface { subnet_id = "e2lv9c6aek1d********" nat = false } metadata = { user-data = "${file("./vm-init.tpl")}" } }
Additional network interfaces do not work after you attach them to an existing VM
After you attach additional network interfaces to a Linux VM, they may not work correctly in the operating system. In some cases, this issue can hinder network connectivity and prevent you from connecting to your VM over SSH.
To fix it, try upgrading the VM's operating system to its latest version.
If upgrading the OS is not possible or does not help:
-
Connect to the VM over SSH.
If the SSH connection fails due to network connectivity issues, remove all additional network interfaces and reboot the VM.
-
Update the OS network configuration:
UbuntuDebian-
Add the configuration of the new network interfaces to the
/etc/netplan/01-netcfg.yaml
file:sudo nano /etc/netplan/01-netcfg.yaml
In the
write_files.content.network.ethernets
configuration section, specify the settings for the required number of existing or new VM network interfaces, as shown below. Interface numbering starts from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.# This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: eth0: dhcp4: yes eth1: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no eth2: dhcp4: yes dhcp4-overrides: use-dns: false use-routes: false dhcp6: no
-
Assign the required permissions to the
/etc/netplan/01-netcfg.yaml
file:sudo chmod 0644 /etc/netplan/01-netcfg.yaml
-
Apply the network configuration changes:
sudo netplan apply
-
Add the configuration of the new network interfaces to the
/etc/network/interfaces
file:sudo nano /etc/network/interfaces
In the
Primary network interface
andOther network interfaces
configuration sections, specify the settings for the required number of existing or new VM network interfaces, as shown below. Interface numbering starts from zero. This example shows how to set up three interfaces. You can add up to eight network interfaces to a single VM.# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # Loopback network interface auto lo iface lo inet loopback # Primary network interface allow-hotplug eth0 iface eth0 inet dhcp # Other network interfaces auto eth1 allow-hotplug eth1 iface eth1 inet dhcp auto eth2 allow-hotplug eth2 iface eth2 inet dhcp post-up ip route del default
-
Restart the network service:
sudo systemctl restart networking
-
-
If you previously had to remove additional network interfaces, add them back.