Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Updating an instance group under load

Written by
Updated at June 26, 2025

In this step-by-step tutorial, you will configure an instance group and check how it operates when updating the configuration. To do this:

  1. Get your cloud ready.
  2. Set up your environment.
  3. Create an instance group using a Container Optimized Image.
  4. Start VM load testing.
  5. Update the instance group under load.
  6. Stop load testing and get the results.

If you no longer need the resources you created, delete them.

Get your cloud ready

  1. If you do not have the Yandex Cloud CLI yet, install it.

  2. To make sure the scripts from the step-by-step guide run correctly, download and install jq.

  3. To check autoscaling, install wrk.

The support cost for a Yandex Cloud instance group includes fees for:

Set up your environment

  1. Create a service account named for-load. To create, update, and delete VM instances in your group, as well as integrate the group with Network Load Balancer, assign the compute.editor and load-balancer.editor roles to the service account:

    1. In the management console, select the folder where you want to create your service account.
    2. In the list of services, select Identity and Access Management.
    3. Click Create service account.
    4. In the Name field, specify for-load.
    5. Click Add role. To create, update, and delete VM instances in your group, as well as integrate the group with Network Load Balancer, assign the compute.editor and load-balancer.editor roles to the service account.
    6. Click Create.

    1. Create a service account:

      By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

      yc iam service-account create --name for-load

      Result:

      id: ajeab0cnib1p********
folder_id: b0g12ga82bcv********
created_at: "2021-02-09T17:31:32.561702Z"
name: for-load

    2. Assign the compute.editor role to the service account:

      yc resource-manager folder add-access-binding <catalog_ID> \
  --role compute.editor \
  --subject serviceAccount:<service_account_ID>

    3. Assign the load-balancer.editor role to the service account:

      yc resource-manager folder add-access-binding <catalog_ID> \
  --role load-balancer.editor \
  --subject serviceAccount:<service_account_ID>
    1. Create a service account named for-load:
      Use the create REST API method for the ServiceAccount resource or the ServiceAccountService/Create gRPC API call.
    2. To create, update, and delete VM instances in your group, as well as integrate the group with Network Load Balancer, assign the compute.editor and load-balancer.editor roles to the service account:
      Use the setAccessBindings REST API method for the Folder resource or the FolderService/SetAccessBindings gRPC API call.

  2. Create a network named yc-auto-network and subnets in two availability zones:

    1. In the management console, select the folder where you want to create a network.
    2. In the list of services, select Virtual Private Cloud.
    3. Click Create network.
    4. In the Name field, specify yc-auto-network.
    5. Select Create subnets.
    6. Click Create network.

    1. Create a network:

      yc vpc network create --name yc-auto-network

      Result:

      id: enpabce123hd********
folder_id: b0g12ga82bcv********
created_at: "2021-02-09T17:33:32.561702Z"
name: yc-auto-network

    2. Create a subnet in the ru-central1-d availability zone:

      yc vpc subnet create --network-id enpabce123hd******** --range 192.168.1.0/24 --zone ru-central1-d

      Result:

      id: e1lnabc23r1c********
folder_id: b0g12ga82bcv********
created_at: "2021-02-09T17:34:32.561702Z"
network_id: enpabce123hd********
zone_id: ru-central1-d
v4_cidr_blocks:
- 192.168.1.0/24

    3. Create a subnet in the ru-central1-b availability zone:

      yc vpc subnet create --network-id enpabce123hd******** --range 192.168.2.0/24 --zone ru-central1-b

      Result:

      id: b1csa2b3clid********
folder_id: b0g12ga82bcv********
created_at: "2021-02-09T17:35:32.561702Z"
network_id: enpabce123hd********
zone_id: ru-central1-b
v4_cidr_blocks:
- 192.168.2.0/24
    1. Create a network:
      Use the create REST API method for the Network resource or the NetworkService/Create gRPC API call.
    2. Create subnets in the ru-central1-d and ru-central1-b availability zones:
      Use the create REST API method for the Subnet resource or the SubnetService/Create gRPC API call.

Create an instance group using a Container Optimized Image

  1. In this tutorial, you will be creating all instance groups from a Container Optimized Image. Each VM will have a Docker container running a web server that emulates the load.

    1. In the management console, select the folder where you want to create an instance group.
    2. From the list of services, select Compute Cloud.
    3. In the left-hand panel, select Instance groups.
    4. Click Create group of virtual machines.
    5. Under Basic parameters:
      • In the Name field, specify group-for-load.
      • Select for-load for Service account.
    6. Under Allocation, select ru-central1-d and ru-central1-b in the Availability zone field.
    7. Under Instance template, click Define and do the following in the window that opens:
      • Under Boot disk image, select the Container Solution tab.
      • Click Configure.
      • In the Docker container settings window:
        • In the Name field, specify nginx.
        • In the Docker image field, click Enter link and enter cr.yandex/yc/demo/autoscaling-example-app:v1.
        • Click Apply.
      • Under Disks and file storages:
        • For the boot disk, specify 30 GB for Size.
      • Under Network settings:
        • In the Network field, select for-load.
      • Under Access:
        • In the Service account field, select for-load.
        • In the Login field, enter the name of the user to create on the VM.
        • In the SSH key field, paste the contents of the public key file.
      • Click Save.
    8. Under Changes during creation and updates:
      • In the Reduce below target value field, enter 4.
    9. Under Scaling:
      • In the Type field, select Fixed.
      • Set the Size to 6.
    10. Under Integration with Network Load Balancer:
      • Enable Create target group.
      • In the Name of the target group field, specify load-generator.
    11. Click Create.

    1. Get the ID of the latest version of the public Container Optimized Image.

      A Container Optimized Image in Yandex Container Registry may get updates and modifications that come with new releases. Such modifications will not automatically update the VM image to the latest version. To create an instance group with the latest Container Optimized Image version, manually check whether it is available:

      yc compute image get-latest-from-family container-optimized-image --folder-id standard-images

      Result:

      id: fd8iv792kira********
folder_id: standard-images
created_at: "2021-01-29T13:30:22Z"
...
status: READY
os:
  type: LINUX

    2. Save the specification of the instance group with a network load balancer to the specification.yaml file:

      name: group-for-load # VM group name, unique within the folder.
service_account_id: ajeab0cnib1p******** # Service account ID.
allocation_policy: # VM allocation policy for the group.
   zones:
     - zone_id: ru-central1-d
     - zone_id: ru-central1-b
instance_template:
  service_account_id: ajeab0cnib1p******** # ID of the service account to access private Docker images.
  platform_id: standard-v1 # Platform ID.
  resources_spec:
    memory: 2G # Amount of memory (RAM).
    cores: 2 # Number of processor cores (vCPUs).
  boot_disk_spec:
    mode: READ_WRITE # Disk access mode (read and write).
    disk_spec:
      image_id: <latest_COI_version_ID>
    type_id: network-ssd # Disk type.
    size: 30G # Disk size.
  network_interface_specs:
   - network_id: enplhg4nncc7******** # Network ID.
     subnet_ids:
       - e1lnabc23r1c******** # Subnet ID.
       - b1csa2b3clid********
     primary_v4_address_spec: {
       one_to_one_nat_spec: {
         ip_version: IPV4 # IPv4 specification for public access to the VM.
       }
     }         
  metadata: # Values to send to the VM metadata.
    docker-container-declaration: |- # Key in the VM metadata that is used with the Docker Container specification.
      spec:
        containers:
          - image: cr.yandex/yc/demo/autoscaling-example-app:v1
            name: nginx
            securityContext:
              privileged: false
            restartPolicy: Always
            tty: false
            stdin: false
    ssh-keys: | # Parameter for providing an SSH key to the VM.
      yc-user:ssh-ed25519 ABC...d01 user@desktop.ru # Username for connecting to the VM.
deploy_policy: # VM deployment policy for the group.
  max_unavailable: 4
scale_policy: # Instance scaling policy for the group.
  fixed_scale:
    size: 6
load_balancer_spec: # Network load balancer.
  target_group_spec:
    name: load-generator

      Note

      You can provide an SSH key in the VM metadata using the ssh-keys parameter or in the user-data key. This tutorial uses the first option.

    3. Create an instance group named group-for-load using specification.yaml:

      yc compute instance-group create --file=specification.yaml

      Result:

      done (2m18s)
id: cl0kabcquk1g********
folder_id: b0g12ga82bcv********
...
service_account_id: ajeab0cnib1p********
status: ACTIVE
application_load_balancer_state: {}

    1. Get the ID of the latest container-optimized-image version in the standard-images family:
      Use the getLatestByFamily REST API method for the Image resource or the ImageService/GetLatestByFamily gRPC API call.

    2. Create an instance group based on this spec:

      name: group-for-load # VM group name, unique within the folder.
service_account_id: ajeab0cnib1p******** # Service account ID.
allocation_policy: # VM allocation policy for the group.
   zones:
     - zone_id: ru-central1-d
     - zone_id: ru-central1-b
instance_template:
  service_account_id: ajeab0cnib1p******** # ID of the service account to access private Docker images.
  platform_id: standard-v1 # Platform ID.
  resources_spec:
    memory: 2G # Amount of memory (RAM).
    cores: 2 # Number of processor cores (vCPUs).
  boot_disk_spec:
    mode: READ_WRITE # Disk access mode (read and write).
    disk_spec:
      image_id: <latest_COI_version_ID>
    type_id: network-ssd # Disk type.
    size: 30G # Disk size.
  network_interface_specs:
   - network_id: enplhg4nncc7******** # Network ID.
     subnet_ids:
       - e1lnabc23r1c******** # Subnet ID.
       - b1csa2b3clid********
     primary_v4_address_spec: {
       one_to_one_nat_spec: {
         ip_version: IPV4 # IPv4 specification for public access to the VM.
       }
     }         
  metadata: # Values to send to the VM metadata.
    docker-container-declaration: |- # Key in the VM metadata that is used with the Docker Container specification.
      spec:
        containers:
          - image: cr.yandex/yc/demo/autoscaling-example-app:v1
            name: nginx
            securityContext:
              privileged: false
            restartPolicy: Always
            tty: false
            stdin: false
    ssh-keys: | # Parameter for providing an SSH key to the VM.
      yc-user:ssh-ed25519 ABC...d01 user@desktop.ru # Username for connecting to the VM.
deploy_policy: # VM deployment policy for the group.
  max_unavailable: 4
scale_policy: # Instance scaling policy for the group.
  fixed_scale:
    size: 6
load_balancer_spec: # Network load balancer.
  target_group_spec:
    name: load-generator

      Use the createFromYaml REST API method for the InstanceGroup resource or the InstanceGroupService/CreateFromYaml gRPC API call.

  2. Check your instance group:

    1. In the management console, select the folder where you created the instance group.
    2. From the list of services, select Compute Cloud.
    3. In the left-hand panel, select Instance groups.
    4. Click group-for-load.
    yc compute instance-group list-instances group-for-load

    Result:

    +----------------------+---------------------------+-----------------+-------------+----------------------+----------------+
|     INSTANCE ID      |           NAME            |   EXTERNAL IP   | INTERNAL IP |        STATUS        | STATUS MESSAGE |
+----------------------+---------------------------+-----------------+-------------+----------------------+----------------+
...
| fhmab0cfsfd1******** | cl0kabcquk1g********-oxig | 178.154.226.108 | 10.130.0.8  | RUNNING_ACTUAL [49m] |                |
| epdabchpdef0******** | cl0kabcquk1g********-aqyg | 130.193.40.55   | 10.129.0.20 | RUNNING_ACTUAL [43m] |                |
+----------------------+---------------------------+-----------------+-------------+----------------------+----------------+

    To view a list of the instance groups you created, use the list REST API method for the InstanceGroup resource or the InstanceGroupService/List gRPC API call.

Add a network load balancer to the instance group

  1. Create a network load balancer named load-generator and add it to the instance group you created:

    1. In the management console, select the folder where you want to create a load balancer.
    2. In the list of services, select Network Load Balancer.
    3. Click Create a network load balancer.
    4. In the Name field, specify load-generator.
    5. In the Public address field, select Auto.
    6. Under Listeners, click Add listener.
    7. In the window that opens:
      • In the Name field, specify http.
      • In the Port field, enter 80. The load balancer will listen for inbound traffic on this port.
      • In the Target port field, enter 80. The load balancer will redirect traffic to this port.
      • Click Add.
    8. Under Target groups, click Add target group.
    9. In the Target group list, select load-generator.
    10. Under Health check, click Configure:
      • In the window that opens, specify /hello for Path. The load balancer will use this path to send health check requests to the target group VMs.
      • Click Apply.
    11. Click Create.

    1. Get the ID of the load-generator target group:

      yc load-balancer target-group get load-generator | grep "^id"

      Result:

      id: enpsa475ej51********

    2. Create a network load balancer:

      yc load-balancer network-load-balancer create \
  --name load-generator \
  --listener external-ip-version=ipv4,name=http,port=80,protocol=tcp,target-port=80 \
  --target-group healthcheck-http-port=80,healthcheck-http-path=/hello,target-group-id=<target_group_ID>

      Result:

      done (14s)
id: b0ruab1ccvpd********
folder_id: b1csa2b3clid********
...
    healthy_threshold: "2"
    http_options:
      port: "80"
      path: /hello
    1. Create a load balancer using the create REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Create gRPC API call.
    2. Add a listener to the load balancer using the addListener REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/AddListener gRPC API call.
    3. Attach the target group to the load balancer using the attachTargetGroup REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/AttachTargetGroup gRPC API call.
    4. Add the load balancer to the instance group using the addTargets REST API method for the TargetGroup resource or the TargetGroupService/AddTargets gRPC API call.

  2. Check the load-generator network load balancer and make sure it is linked to the instance group:

    1. In the management console, select the folder where you created the load balancer.
    2. From the list of services, select Network Load Balancer.
    3. Click load-generator.
    yc load-balancer network-load-balancer list

    Result:

    +----------------------+----------------+-----------------+----------+----------------+------------------------+--------+
|          ID          |      NAME      |    REGION ID    |   TYPE   | LISTENER COUNT | ATTACHED TARGET GROUPS | STATUS |
+----------------------+----------------+-----------------+----------+----------------+------------------------+--------+
| b0ruab1ccvpd******** | load-generator | ru-central1     | EXTERNAL |              1 | b0r1tabcphde********   | ACTIVE |
+----------------------+----------------+-----------------+----------+----------------+------------------------+--------+

    Use the list REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/List gRPC API call.

Start VM load testing

  1. Get the IP address of the load balancer you created:

    1. In the management console, select the folder with your load balancer.
    2. From the list of services, select Network Load Balancer.
    3. Copy the IP address of the load-generator load balancer.
    yc load-balancer network-load-balancer get load-generator | grep "address"

    Result:

      address: 84.252.133.110

    Use the get REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Get gRPC API call.

  2. Run this command to start generating load:

    wrk -t20 -c20 -d20m --timeout 20s http://<load_balancer_IP_address>/sleep

    This will start wrk to send requests to the load balancer using 20 threads, with 20 connections each, for 20 minutes. The request timeout is 20 seconds. The load balancer will distribute the load it gets across the VM instances in the group.

    As soon as wrk launches, a message about the test start will appear on the screen:

    Running 20m test @ http://84.252.133.110/sleep
  20 threads and 20 connections

    Proceed to the next step without waiting for the command to complete.

Update the instance group under load

  1. In the management console, select the folder where you created the instance group.
  2. Select Compute Cloud.
  3. In the left-hand panel, select Instance groups.
  4. Click group-for-load.
  5. Click Edit.
  6. Under Instance template, click and select Edit.
    • Under Disks and file storages, specify 35 GB as the new disk size.
    • Click Save.
  7. Click Save.
  8. Under VM states, you will see the disk size modifications for all VM instances in the group, one by one.

  1. In specification.yaml, enter the new disk size of 35 GB and save the file:

    ...
size: 35G
...

  2. Update the instance group:

    yc compute instance-group update --name=group-for-load --file=specification.yaml

    Result:

    done (9m24s)
id: cl10kktrjcn8********
folder_id: b1g7gvsi89m3********
...
   name: load-generator
service_account_id: ajehbk07uus3********
status: ACTIVE

  1. In the spec, enter the new disk size of 35 GB:

    ...
size: 35G
...

  2. To update the load-generator instance group based on the new spec, use the updateFromYaml REST API method for the InstanceGroup resource or the InstanceGroupService/UpdateFromYaml gRPC API call.

Stop load testing and get the results

Stop wrk by pressing Ctrl + C.

Result:

  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    10.00s     1.70ms  10.01s    68.21%
    Req/Sec     0.00      0.00     0.00    100.00%
  1148 requests in 17.47m, 211.89KB read
Requests/sec:      1.09
Transfer/sec:     206.94B

If the result contains no error line, such as Socket errors, it means the system has processed all requests.

How to delete the resources you created

To delete the created resources:

  1. Delete the load balancer:
    1. In the management console, select the folder where you created the load balancer.
    2. In the list of services, select Network Load Balancer.
    3. To the right of load-generator, click and select Delete.
    4. In the window that opens, click Delete.
  2. Delete the instance group:
    1. In the management console, select the folder where you created the instance group.
    2. From the list of services, select Compute Cloud.
    3. In the left-hand panel, select Instance groups.
    4. To the right of load-generator, click and select Delete.
    5. In the window that opens, click Delete.
  3. Delete the service account:
    1. In the management console, select the folder where you created the service account.
    2. In the list of services, select Identity and Access Management.
    3. In the left-hand panel, select Service accounts.
    4. In the list that opens, click next to yc-auto-sa and select Delete.
    5. In the window that opens, click Delete.
  4. Delete the network and the subnets:
    1. In the management console, select the folder where you created the network and the subnets.
    2. In the list of services, select Virtual Private Cloud.
    3. Select yc-auto-network.
    4. Under Subnets:
      1. To the right of yc-auto-subnet-1, click and select Delete.
      2. In the window that opens, click Delete.
      3. Delete yc-auto-subnet-2 as well.
    5. In the top-right corner, click Delete.

Run these commands one by one:

yc load-balancer network-load-balancer delete load-generator
yc compute instance-group delete load-generator
yc iam service-account delete yc-auto-sa
yc vpc subnet delete yc-auto-subnet-1
yc vpc subnet delete yc-auto-subnet-2
yc vpc network delete yc-auto-network
  1. Delete the load-generator load balancer using the delete REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Delete gRPC API call.
  2. Delete the load-generator instance group using the delete REST API method for the InstanceGroup resource or the InstanceGroupService/Delete gRPC API call.
  3. Delete the yc-auto-sa service account using the delete REST API method for the ServiceAccount resource or the ServiceAccountService/Delete gRPC API call.
  4. Delete the yc-auto-subnet-1 and yc-auto-subnet-2 subnets using the delete REST API method for the Subnet resource or the SubnetService/Delete gRPC API call.
  5. Delete the yc-auto-network network using the delete REST API method for the Network resource or the NetworkService/Delete gRPC API call.
Previous
Autoscaling an instance group to process messages from a queue
Next
Deploying Remote Desktop Gateway