Instance
Manages a VM instance template resource within GCE. For more information see the official documentation and API.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceAccount.Account;
import com.pulumi.gcp.serviceAccount.AccountArgs;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Disk;
import com.pulumi.gcp.compute.DiskArgs;
import com.pulumi.gcp.compute.ResourcePolicy;
import com.pulumi.gcp.compute.ResourcePolicyArgs;
import com.pulumi.gcp.compute.inputs.ResourcePolicySnapshotSchedulePolicyArgs;
import com.pulumi.gcp.compute.inputs.ResourcePolicySnapshotSchedulePolicyScheduleArgs;
import com.pulumi.gcp.compute.inputs.ResourcePolicySnapshotSchedulePolicyScheduleDailyScheduleArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateServiceAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultAccount = new Account("defaultAccount", AccountArgs.builder()
.accountId("service-account-id")
.displayName("Service Account")
.build());
final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var foobar = new Disk("foobar", DiskArgs.builder()
.image(myImage.applyValue(getImageResult -> getImageResult.selfLink()))
.size(10)
.type("pd-ssd")
.zone("us-central1-a")
.build());
var dailyBackup = new ResourcePolicy("dailyBackup", ResourcePolicyArgs.builder()
.region("us-central1")
.snapshotSchedulePolicy(ResourcePolicySnapshotSchedulePolicyArgs.builder()
.schedule(ResourcePolicySnapshotSchedulePolicyScheduleArgs.builder()
.dailySchedule(ResourcePolicySnapshotSchedulePolicyScheduleDailyScheduleArgs.builder()
.daysInCycle(1)
.startTime("04:00")
.build())
.build())
.build())
.build());
var defaultInstanceTemplate = new InstanceTemplate("defaultInstanceTemplate", InstanceTemplateArgs.builder()
.description("This template is used to create app server instances.")
.tags(
"foo",
"bar")
.labels(Map.of("environment", "dev"))
.instanceDescription("description assigned to instances")
.machineType("e2-medium")
.canIpForward(false)
.scheduling(InstanceTemplateSchedulingArgs.builder()
.automaticRestart(true)
.onHostMaintenance("MIGRATE")
.build())
.disks(
InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-11")
.autoDelete(true)
.boot(true)
.resourcePolicies(dailyBackup.id())
.build(),
InstanceTemplateDiskArgs.builder()
.source(foobar.name())
.autoDelete(false)
.boot(false)
.build())
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network("default")
.build())
.metadata(Map.of("foo", "bar"))
.serviceAccount(InstanceTemplateServiceAccountArgs.builder()
.email(defaultAccount.email())
.scopes("cloud-platform")
.build())
.build());
}
}Automatic Envoy Deployment
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetDefaultServiceAccountArgs;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateServiceAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var default = ComputeFunctions.getDefaultServiceAccount();
final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var foobar = new InstanceTemplate("foobar", InstanceTemplateArgs.builder()
.machineType("e2-medium")
.canIpForward(false)
.tags(
"foo",
"bar")
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage(myImage.applyValue(getImageResult -> getImageResult.selfLink()))
.autoDelete(true)
.boot(true)
.build())
.networkInterfaces(InstanceTemplateNetworkInterfaceArgs.builder()
.network("default")
.build())
.scheduling(InstanceTemplateSchedulingArgs.builder()
.preemptible(false)
.automaticRestart(true)
.build())
.metadata(Map.ofEntries(
Map.entry("gce-software-declaration", """
{
"softwareRecipes": [{
"name": "install-gce-service-proxy-agent",
"desired_state": "INSTALLED",
"installSteps": [{
"scriptRun": {
"script": "#! /bin/bash\nZONE=$(curl --silent http://metadata.google.internal/computeMetadata/v1/instance/zone -H Metadata-Flavor:Google | cut -d/ -f4 )\nexport SERVICE_PROXY_AGENT_DIRECTORY=$(mktemp -d)\nsudo gsutil cp gs://gce-service-proxy-"$ZONE"/service-proxy-agent/releases/service-proxy-agent-0.2.tgz "$SERVICE_PROXY_AGENT_DIRECTORY" || sudo gsutil cp gs://gce-service-proxy/service-proxy-agent/releases/service-proxy-agent-0.2.tgz "$SERVICE_PROXY_AGENT_DIRECTORY"\nsudo tar -xzf "$SERVICE_PROXY_AGENT_DIRECTORY"/service-proxy-agent-0.2.tgz -C "$SERVICE_PROXY_AGENT_DIRECTORY"\n"$SERVICE_PROXY_AGENT_DIRECTORY"/service-proxy-agent/service-proxy-agent-bootstrap.sh"
}
}]
}]
}
"""),
Map.entry("gce-service-proxy", """
{
"api-version": "0.2",
"proxy-spec": {
"proxy-port": 15001,
"network": "my-network",
"tracing": "ON",
"access-log": "/var/log/envoy/access.log"
}
"service": {
"serving-ports": [80, 81]
},
"labels": {
"app_name": "bookserver_app",
"app_version": "STABLE"
}
}
"""),
Map.entry("enable-guest-attributes", "true"),
Map.entry("enable-osconfig", "true")
))
.serviceAccount(InstanceTemplateServiceAccountArgs.builder()
.email(default_.email())
.scopes("cloud-platform")
.build())
.labels(Map.of("gce-service-proxy", "on"))
.build());
}
}Using with Instance Group Manager
Instance Templates cannot be updated after creation with the Google Cloud Platform API. In order to update an Instance Template, this provider will create a replacement. In order to effectively use an Instance Template resource with an Instance Group Manager resource. Either omit the Instance Template name attribute, or specify a partial name with name_prefix. Example:
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateNetworkInterfaceArgs;
import com.pulumi.gcp.compute.InstanceGroupManager;
import com.pulumi.gcp.compute.InstanceGroupManagerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.namePrefix("instance-template-")
.machineType("e2-medium")
.region("us-central1")
.disks()
.networkInterfaces()
.build());
var instanceGroupManager = new InstanceGroupManager("instanceGroupManager", InstanceGroupManagerArgs.builder()
.instanceTemplate(instanceTemplate.id())
.baseInstanceName("instance-group-manager")
.zone("us-central1-f")
.targetSize("1")
.build());
}
}resources:
instanceTemplate:
type: gcp:compute:InstanceTemplate
properties:
namePrefix: instance-template-
machineType: e2-medium
region: us-central1
# boot disk
disks:
- {}
# networking
networkInterfaces:
- {}
instanceGroupManager:
type: gcp:compute:InstanceGroupManager
properties:
instanceTemplate: ${instanceTemplate.id}
baseInstanceName: instance-group-manager
zone: us-central1-f
targetSize: '1'With this setup, this provider generates a unique name for your Instance Template and can then update the Instance Group manager without conflict before destroying the previous Instance Template.
Deploying the Latest Image
A common way to use instance templates and managed instance groups is to deploy the latest image in a family, usually the latest build of your application. There are two ways to do this in the provider, and they have their pros and cons. The difference ends up being in how "latest" is interpreted. You can either deploy the latest image available when the provider runs, or you can have each instance check what the latest image is when it's being created, either as part of a scaling event or being rebuilt by the instance group manager. If you're not sure, we recommend deploying the latest image available when the provider runs, because this means all the instances in your group will be based on the same image, always, and means that no upgrades or changes to your instances happen outside of a pulumi up. You can achieve this by using the gcp.compute.Image data source, which will retrieve the latest image on every pulumi apply, and will update the template to use that specific image:
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const myImage = gcp.compute.getImage({
family: "debian-11",
project: "debian-cloud",
});
const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", {
namePrefix: "instance-template-",
machineType: "e2-medium",
region: "us-central1",
disks: [{
sourceImage: myImage.then(myImage => myImage.selfLink),
}],
});import pulumi
import pulumi_gcp as gcp
my_image = gcp.compute.get_image(family="debian-11",
project="debian-cloud")
instance_template = gcp.compute.InstanceTemplate("instanceTemplate",
name_prefix="instance-template-",
machine_type="e2-medium",
region="us-central1",
disks=[gcp.compute.InstanceTemplateDiskArgs(
source_image=my_image.self_link,
)])using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var myImage = Gcp.Compute.GetImage.Invoke(new()
{
Family = "debian-11",
Project = "debian-cloud",
});
var instanceTemplate = new Gcp.Compute.InstanceTemplate("instanceTemplate", new()
{
NamePrefix = "instance-template-",
MachineType = "e2-medium",
Region = "us-central1",
Disks = new[]
{
new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
{
SourceImage = myImage.Apply(getImageResult => getImageResult.SelfLink),
},
},
});
});package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myImage, err := compute.LookupImage(ctx, &compute.LookupImageArgs{
Family: pulumi.StringRef("debian-11"),
Project: pulumi.StringRef("debian-cloud"),
}, nil)
if err != nil {
return err
}
_, err = compute.NewInstanceTemplate(ctx, "instanceTemplate", &compute.InstanceTemplateArgs{
NamePrefix: pulumi.String("instance-template-"),
MachineType: pulumi.String("e2-medium"),
Region: pulumi.String("us-central1"),
Disks: compute.InstanceTemplateDiskArray{
&compute.InstanceTemplateDiskArgs{
SourceImage: *pulumi.String(myImage.SelfLink),
},
},
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.namePrefix("instance-template-")
.machineType("e2-medium")
.region("us-central1")
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage(myImage.applyValue(getImageResult -> getImageResult.selfLink()))
.build())
.build());
}
}resources:
instanceTemplate:
type: gcp:compute:InstanceTemplate
properties:
namePrefix: instance-template-
machineType: e2-medium
region: us-central1
# boot disk
disks:
- sourceImage: ${myImage.selfLink}
variables:
myImage:
fn::invoke:
Function: gcp:compute:getImage
Arguments:
family: debian-11
project: debian-cloudTo have instances update to the latest on every scaling event or instance re-creation, use the family as the image for the disk, and it will use GCP's default behavior, setting the image for the template to the family:
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const instanceTemplate = new gcp.compute.InstanceTemplate("instanceTemplate", {
disks: [{
sourceImage: "debian-cloud/debian-11",
}],
machineType: "e2-medium",
namePrefix: "instance-template-",
region: "us-central1",
});import pulumi
import pulumi_gcp as gcp
instance_template = gcp.compute.InstanceTemplate("instanceTemplate",
disks=[gcp.compute.InstanceTemplateDiskArgs(
source_image="debian-cloud/debian-11",
)],
machine_type="e2-medium",
name_prefix="instance-template-",
region="us-central1")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var instanceTemplate = new Gcp.Compute.InstanceTemplate("instanceTemplate", new()
{
Disks = new[]
{
new Gcp.Compute.Inputs.InstanceTemplateDiskArgs
{
SourceImage = "debian-cloud/debian-11",
},
},
MachineType = "e2-medium",
NamePrefix = "instance-template-",
Region = "us-central1",
});
});package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := compute.NewInstanceTemplate(ctx, "instanceTemplate", &compute.InstanceTemplateArgs{
Disks: compute.InstanceTemplateDiskArray{
&compute.InstanceTemplateDiskArgs{
SourceImage: pulumi.String("debian-cloud/debian-11"),
},
},
MachineType: pulumi.String("e2-medium"),
NamePrefix: pulumi.String("instance-template-"),
Region: pulumi.String("us-central1"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.InstanceTemplate;
import com.pulumi.gcp.compute.InstanceTemplateArgs;
import com.pulumi.gcp.compute.inputs.InstanceTemplateDiskArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var instanceTemplate = new InstanceTemplate("instanceTemplate", InstanceTemplateArgs.builder()
.disks(InstanceTemplateDiskArgs.builder()
.sourceImage("debian-cloud/debian-11")
.build())
.machineType("e2-medium")
.namePrefix("instance-template-")
.region("us-central1")
.build());
}
}resources:
instanceTemplate:
type: gcp:compute:InstanceTemplate
properties:
# boot disk
disks:
- sourceImage: debian-cloud/debian-11
machineType: e2-medium
namePrefix: instance-template-
region: us-central1Import
Instance templates can be imported using any of these accepted formats
$ pulumi import gcp:compute/instanceTemplate:InstanceTemplate default projects/{{project}}/global/instanceTemplates/{{name}}$ pulumi import gcp:compute/instanceTemplate:InstanceTemplate default {{project}}/{{name}}$ pulumi import gcp:compute/instanceTemplate:InstanceTemplate default {{name}}custom-vm-typeshttps://cloud.google.com/dataproc/docs/concepts/compute/custom-machine-types network-tierhttps://cloud.google.com/network-tiers/docs/overview
Constructors
Properties
Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below
Whether to allow sending and receiving of packets with non-matching source or destination IPs. This defaults to false.
Enable Confidential Mode on this VM. Structure is documented below
A brief description of this resource.
Disks to attach to instances created from this template. This can be specified multiple times for multiple disks. Structure is documented below.
) Enable Virtual Displays on this instance. Note: allow_stopping_for_update must be set to true in order to update this field.
List of the type and count of accelerator cards attached to the instance. Structure documented below.
A brief description to use for instances created from this template.
The machine type to create. To create a machine with a custom-vm-types (such as extended memory), format the value like custom-VCPUS-MEM_IN_MB like custom-6-20480 for 6 vCPU and 20GB of RAM.
An alternative to using the startup-script metadata key, mostly to match the compute_instance resource. This replaces the startup-script metadata key on the created instance and thus the two mechanisms are not allowed to be used simultaneously.
Specifies a minimum CPU platform. Applicable values are the friendly names of CPU platforms, such as Intel Haswell or Intel Skylake. See the complete list here.
Creates a unique name beginning with the specified prefix. Conflicts with name.
Networks to attach to instances created from this template. This can be specified multiple times for multiple networks. Structure is documented below.
(Optional, Configures network performance settings for the instance created from the template. Structure is documented below. Note: machine_type must be a supported type, the image used must include the GVNIC in guest-os-features, and network_interface.0.nic-type must be GVNIC in order for this setting to take effect.
An instance template is a global resource that is not bound to a zone or a region. However, you can still specify some regional resources in an instance template, which restricts the template to the region where that resource resides. For example, a custom subnetwork resource is tied to a specific region. Defaults to the region of the Provider if no value is given.
Specifies the reservations that this instance can consume from. Structure is documented below.
The scheduling strategy to use. More details about this configuration option are detailed below.
Service account to attach to the instance. Structure is documented below.
Enable Shielded VM on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. Note: shielded_instance_config can only be used with boot images with shielded vm support. See the complete list here.