Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Running an autoscaling instance group using the management console, CLI, and API

Written by
Updated at July 3, 2025

To configure an autoscaling instance group:

  1. Get your cloud ready.
  2. Set up your environment.
  3. Create an autoscaling instance group with a network load balancer.
  4. Add a network load balancer with a target group.
  5. Test your instance group and network load balancer.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up in Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or register a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

  1. If you do not have the Yandex Cloud CLI yet, install it.

  2. To make sure the scripts from the step-by-step guide run correctly, download and install jq.

  3. To check autoscaling, install wrk.

The infrastructure cost includes:

Set up your environment

  1. Create a service account named for-autoscale: To create, update, and delete VM instances in your group, as well as integrate the group with Network Load Balancer, assign the compute.editor and load-balancer.editor roles to the service account:

    1. In the management console, select the folder where you want to create your service account.
    2. In the list of services, select Identity and Access Management.
    3. Click Create service account. In the window that opens:
      • In the Name field, specify for-autoscale.
      • To assign the service account a role for the current folder, click Add role and select compute.editor and load-balancer.editor.
      • Click Create.

    1. Create a service account:

      By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

      yc iam service-account create --name for-autoscale

      Result:

      id: ajelabcde12f********
folder_id: b0g12ga82bcv********
created_at: "2020-11-30T14:32:18.900092Z"
name: for-autoscale

    2. Assign the compute.editor role to the service account:

      yc resource-manager folder add-access-binding <catalog_ID> \
  --role compute.editor \
  --subject serviceAccount:<service_account_ID>

    3. Assign the load-balancer.editor role to the service account:

      yc resource-manager folder add-access-binding <catalog_ID> \
  --role load-balancer.editor \
  --subject serviceAccount:<service_account_ID>

    Use the create REST API method for the ServiceAccount resource or the ServiceAccountService/Create gRPC API call.

  2. Create a network named yc-auto-network and subnets in two availability zones:

    1. In the management console, select the folder where you want to create your network.
    2. Select Virtual Private Cloud.
    3. Click Create network.
    4. In the Name field, enter yc-auto-network.
    5. In the Advanced field, enable Create subnets.
    6. Click Create network.

    1. Create a network:

      yc vpc network create --name yc-auto-network

      Result:

      id: enpabce123hd********
folder_id: b0g12ga82bcv********
created_at: "2020-11-30T14:57:15Z"
name: yc-auto-network

    2. Create a subnet in the ru-central1-a availability zone:

      yc vpc subnet create \
  --network-id enpabce123hd******** \
  --range 192.168.1.0/24 \
  --zone ru-central1-a

      Result:

      id: e1lnabc23r1c********
folder_id: b0g12ga82bcv********
created_at: "2020-11-30T16:23:12Z"
network_id: enpabce123hd********
zone_id: ru-central1-a
v4_cidr_blocks:
- 192.168.1.0/24

    3. Create a subnet in the ru-central1-b availability zone:

      yc vpc subnet create \
  --network-id enpabce123hd******** \
  --range 192.168.2.0/24 \
  --zone ru-central1-b

      Result:

      id: b1csa2b3clid********
folder_id: b0g12ga82bcv********
created_at: "2020-11-30T16:25:02Z"
network_id: enpabce123hd********
zone_id: ru-central1-b
v4_cidr_blocks:
- 192.168.2.0/24

    1. Create a network.

      Use the create REST API method for the Network resource or the NetworkService/Create gRPC API call.

    2. Create subnets in the ru-central1-a and ru-central1-b availability zones.

      Use the create REST API method for the Subnet resource or the SubnetService/Create gRPC API call.

  3. Create a security group:

    1. In the management console, select Virtual Private Cloud.
    2. Open the Security groups tab.
    3. Create a security group for the load balancer:

      1. Click Create group.

      2. Enter the group Name: sg-autoscale.

      3. Select yc-auto-network for Network.

      4. Under Rules, create rules by following the steps below the table:

        Traffic
        direction        		 Description Port
        range        		 Protocol Source /
        destination type        		 Source /
        destination
        Egress any All Any CIDR 0.0.0.0/0
        Ingress ext-http 80 TCP CIDR 0.0.0.0/0
        Inbound healthchecks 80 TCP Load balancer health checks
        1. Select the Egress or Ingress tab.
        2. Click Add rule.
        3. In the Port range field of the window that opens, specify a port or range of ports open for inbound or outbound traffic.
        4. In the Protocol field, specify the protocol or leave Any to allow traffic over any protocol.
        5. In the Purpose or Source field, select the rule purpose:
          • CIDR: Rule will apply to the range of IP addresses. In the CIDR blocks field, specify the CIDR ranges of the source or destination subnets. To add more CIDRs, click Add CIDR.
          • Security group: Rule will apply to the VMs from the current group or the selected security group.
          • Load balancer health checks: Rule allowing a load balancer to health-check VMs.
        6. Click Save. Repeat these steps to create all rules from the table.

      5. Click Save.

Create an autoscaling instance group with a network load balancer

  1. In this tutorial, you will be creating all instance groups from a Container Optimized Image. Each VM instance will have a Docker container running a web server that emulates the service load.

    Find out the ID of the latest version of the public Container Optimized Image.

    A Container Optimized Image in a Container Registry registry may be updated and changed with new releases. This will not automatically update the VM image to the latest version. To create an instance group with the latest Container Optimized Image version, you need to check whether it is available yourself:

    yc compute image get-latest-from-family container-optimized-image --folder-id standard-images

    Result:

    id: <ID_of_latest_COI_version>
folder_id: standard-images
...
    1. Go to the Cloud Marketplace page and select the image with the configuration you need:
    2. Under Product IDs, copy the value of image_id.

  2. Save the specification of the instance group with a network load balancer to the specification.yaml file:

    name: auto-group
service_account_id: <service_account_ID>
scale_policy:
  auto_scale:
    min_zone_size: 1
    max_size: 6
    measurement_duration: 60s
    warmup_duration: 120s
    stabilization_duration: 60s
    initial_size: 2
    cpu_utilization_rule:
      utilization_target: 40
deploy_policy:
  max_unavailable: 1
allocation_policy:
  zones:
    - zone_id: ru-central1-a
    - zone_id: ru-central1-b
load_balancer_spec:
  target_group_spec:
    name: auto-group-tg
instance_template:
  service_account_id: <service_account_ID>
  platform_id: standard-v3
  resources_spec:
    memory: 2G
    cores: 2
    core_fraction: 100
  metadata:
    docker-container-declaration: |-
      spec:
        containers:
        - image: cr.yandex/yc/demo/web-app:v1
          securityContext:
            privileged: false
          tty: false
          stdin: false
  boot_disk_spec:
    mode: READ_WRITE
    disk_spec:
      type_id: network-hdd
      size: 30G
      image_id: fd8iv792kira******** # ID of the public Container Optimized Image
  network_interface_specs:
    - network_id: <cloud_network_ID>
      primary_v4_address_spec: { one_to_one_nat_spec: { ip_version: IPV4 }}

  3. In specification.yaml, replace the values in angle brackets with actual values from the previous steps.

  4. Create an instance group named auto-group using specification.yaml:

    Run this command:

    yc compute instance-group create --file=specification.yaml

    Result:

    done (2m45s)
id: cl0hmabc1nd2********
folder_id: b0g12ga82bcv********
...
  target_group_id: enpoi5jhfps3********
...
    name: auto-group-tg
service_account_id: ajelabcde12f********
status: ACTIVE

    Use the CreateFromYaml method for the InstanceGroup resource.

  5. Check your instance group:

    1. In the management console, select the folder where you created the instance group.
    2. Select Compute Cloud.
    3. In the left-hand panel, click Instance groups.
    4. Select auto-group.
    yc compute instance-group list-instances auto-group

    Result:

    +----------------------+---------------------------+----------------+--------------+------------------------+----------------+
|     INSTANCE ID      |           NAME            |  EXTERNAL IP   | INTERNAL IP  |         STATUS         | STATUS MESSAGE |
+----------------------+---------------------------+----------------+--------------+------------------------+----------------+
| epdab0c1ji2a******** | cl0habce1nd2********-fned | 84.201.163.202 | 192.168.1.34 | RUNNING_ACTUAL [4m26s] |                |
| ef0uabc1s2fb******** | cl0habce1nd2********-craq | 130.193.56.102 | 192.168.2.19 | RUNNING_ACTUAL [4m14s] |                |
+----------------------+---------------------------+----------------+--------------+------------------------+----------------+

    To view a list of the instance groups you created, use the list REST API method for the InstanceGroup resource or the InstanceGroupService/List gRPC API call.

Add a network load balancer with a target group

  1. Create a network load balancer named group-balancer and add it to the instance group you created:

    1. In the management console, select the folder where you want to create a load balancer.
    2. Select Network Load Balancer.
    3. Click Create a network load balancer.
    4. Enter group-balancer as the name.
    5. In the Public address field, specify Auto.
    6. Under Listeners, click Add listener. In the window that opens, specify:
      • Name: http.
      • Port: 80. The load balancer will listen for inbound traffic on this port.
      • Target port: 80. The load balancer will redirect traffic to this port.
      • Click Add.
    7. Under Target groups, click Add target group.
    8. In the Target group field, select auto-group-tg and click Configure. In the window that opens, specify:
      • Name: tcp
      • Type: TCP
      • Port: 80
      • Click Apply.
    9. Click Create.
    yc load-balancer network-load-balancer create \
  --listener external-ip-version=ipv4,name=http,port=80,protocol=tcp,target-port=80 \
  --name group-balancer \
  --target-group healthcheck-name=tcp,healthcheck-tcp-port=80,target-group-id=enpoi5jhfps3********

    Result:

    done (16s)
id: b0rbabc1m2ed********
folder_id: b0g12ga82bcv********
...
    healthy_threshold: "2"
    tcp_options:
      port: "80"
    1. Create a load balancer using the create REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Create gRPC API call.
    2. Add a listener to the load balancer using the addListener REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/AddListener gRPC API call.
    3. Attach the target group to the load balancer using the attachTargetGroup REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/AttachTargetGroup gRPC API call.
    4. Add the load balancer to the instance group using the addTargets REST API method for the TargetGroup resource or the TargetGroupService/AddTargets gRPC API call.

  2. Check the group-balancer network load balancer and make sure it is linked to the instance group:

    1. In the management console, select the folder where you created the load balancer.
    2. Select Network Load Balancer.
    3. Select group-balancer.
    yc load-balancer network-load-balancer list

    Result:

    +----------------------+----------------+-----------------+----------+----------------+------------------------+--------+
|          ID          |      NAME      |    REGION ID    |   TYPE   | LISTENER COUNT | ATTACHED TARGET GROUPS | STATUS |
+----------------------+----------------+-----------------+----------+----------------+------------------------+--------+
| b0rbabc1m2ed******** | group-balancer | ru-central1 | EXTERNAL |              1 | b0rdabckribe********   | ACTIVE |
+----------------------+----------------+-----------------+----------+----------------+------------------------+--------+

    Use the list REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/List gRPC API call.

Test your instance group and network load balancer

  1. Create a load on an instance.

    To do this, save the script named request.sh to the home directory. The script will send a request to one of the VMs through the group-balancer load balancer. The request will utilize 100% CPU for 30 seconds.

    EXTERNAL_IP=$(yc load-balancer network-load-balancer get group-balancer --format=json | jq -r .listeners[0].address)

curl "http://$EXTERNAL_IP/burn-cpu?time=30000&load=100"

  2. Run the script:

    sh request.sh

    Result:

    projects/b0g12ga82bcv********/zones/ru-central1-b

  3. View the instance utilization:

    1. In the management console, select the folder where you created the instance group.

    2. Select Compute Cloud.

    3. In the left-hand panel, click Instance groups.

    4. Select auto-group.

    5. Navigate to the Monitoring tab.

      The load balancer sent the request to an instance in the group. In the availability zone this instance belongs to, the average CPU utilization is higher than in other zones (see the Average CPU utilization in zone chart).

Autoscaling test

To test autoscaling for your instance group, increase the CPU utilization of each instance. In the specification.yaml file, the scale_policy.auto_scale.cpu_utilization_rule.utilization_target parameter is set to 40: it means that the target utilization level is 40% CPU. If you exceed the target utilization, the number of VMs in the group will increase.

  1. Increase the utilization for the instance group.

    To do this, save the script named load.sh to the home directory. The script sends requests to the instance group through 12 threads for 10 minutes. Each VM instance utilizes 20% CPU on each core that processes the request. The instance group utilization is 240% CPU at any given time. To be sure that requests are evenly distributed across the instances in the group, the script executes multiple parallel requests utilizing 20% CPU rather than one request utilizing 240% CPU.

    EXTERNAL_IP=$(yc load-balancer network-load-balancer get group-balancer --format=json | jq -r .listeners[0].address)

wrk -H "Connection: close" -t12 -c12 -d10m "http://$EXTERNAL_IP/burn-cpu?time=5000&load=20"

  2. Run the script:

    sh load.sh

    Result:

    Running 10m test @ http://130.193.56.111/burn-cpu?time=5000&load=20
  12 threads and 12 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
...
Requests/sec: 15.04
Transfer/sec: 3.20KB

  3. View the utilization levels:

    1. In the management console, select the folder where you created the auto-group instance group.
    2. Select Compute Cloud.
    3. In the left-hand panel, click Instance groups.
    4. Select auto-group.
    5. Navigate to the Monitoring tab.
      The chart Number of instances in zone shows how the number of instances changed in each availability zone. The chart Average CPU utilization in zone shows average CPU utilization in each availability zone.
    6. Navigate to the Logs tab.
      The page displays messages relating to the instance group autoscaling.

    The total utilization of 240% CPU was evenly distributed between two instances in two availability zones and exceeded the target utilization of 40% CPU. Yandex Compute Cloud created one instance more in each availability zone to result in four instances in the group. When the script stopped utilizing the CPU, Compute Cloud automatically decreased the number of instances in the group to two.

How to delete the resources you created

To stop paying for the resources you created:

  1. Delete the network load balancer.
  2. Delete the instance group.

See also

Previous
Overview
Next
Terraform