Create a Confidential VM instance with GPU

Stay organized with collections Save and categorize content based on your preferences.

To use GPUs with Confidential VM, you must create a Confidential VM instance using the spot or flex-start provisioning model based on the a3-highgpu-1g machine type and use Intel TDX. After you create the VM instance, you then enable confidential computing mode on the attached GPU.

To create a VM instance using the spot or the flex-start model, do the following:

• To use the flex-start model, create a managed instance group (MIG). See Create a MIG.

• To use the spot model, create an accelerator-optimized Spot VM instance. See Create a Spot VM instance.

Create a MIG

Before you begin

• To make sure that you have sufficient GPU quota for the resources you're requesting, check your GPU quota. For Confidential VM instance with a GPU, request preemptible GPU quota to use the resources. When you request a GPU quota, you must request a quota for the GPU models that you want to create in each region, and an additional global quota (GPUs (all regions)) for the total number of GPUs of all types in all regions.
• To understand quota consumption, read GPU VMs and preemptible allocation quotas.
• See the prerequisites for creating a MIG and the limitations for creating a resize request in a MIG.

To create a MIG that contains GPU VM instances, complete the following steps:

1. Create an instance template, which is required to create a MIG.

   gcloud

   gcloud compute instance-templates create INSTANCE_TEMPLATE_NAME \
       --machine-type=a3-highgpu-1g \
       --image-project=IMAGE_PROJECT \
       --image-family=IMAGE_FAMILY_NAME \
       --maintenance-policy=TERMINATE \
       --reservation-affinity=none \
       --boot-disk-size=30G \
       --confidential-compute-type=TDX \
       --project=PROJECT_ID
   

   To enable Secure Boot, you can optionally use the --shielded-secure-boot flag for VM instance boots.

   Provide the following values:

   • INSTANCE_TEMPLATE_NAME: The name of the new VM instance template.

   • IMAGE_PROJECT: The project containing the supported operating system image. We recommend using the ubuntu-os-cloud image project for Ubuntu images. You can optionally use the confidential-vm-images image project for Container-Optimized OS images.

   • IMAGE_FAMILY_NAME: The family for the Confidential VM-supported operating system image. When using the ubuntu-os-cloud image project, we recommend using the ubuntu-2204-lts image family. For Container-Optimized OS images from the confidential-vm-images project, use the cos-tdx-113-lts image family.

   • PROJECT_ID: Optional. The ID of the project to create the VM in.

   REST

   To create a Confidential VM instance template, send the following POST request with the appropriate body content.

   The HTTP method and URL:

   POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/ZONE_NAME/instanceTemplates
   

   Request JSON body:

   {
     "name": "INSTANCE_TEMPLATE_NAME",
     "properties": {
       "confidentialInstanceConfig": {
         "confidentialInstanceType": "TDX"
       },
       "scheduling": {
         "onHostMaintenance": "TERMINATE",
         "provisioningModel": "STANDARD",
         "automaticRestart": true,
         "preemptible": false
       },
       "disks": [
         {
           "type": "PERSISTENT",
           "autoDelete": true,
           "index": 0,
           "boot": true,
           "kind": "compute#attachedDisk",
           "mode": "READ_WRITE",
           "initializeParams": {
             "sourceImage": "projects/IMAGE_PROJECT/global/images/family/IMAGE_FAMILY_NAME",
             "diskSizeGb": "30"
           }
         }
       ],
       "networkInterfaces": [
         {
           "name": "nic0",
           "network": "projects/PROJECT_ID/global/networks/default",
           "accessConfigs": [
             {
               "name": "external-nat",
               "type": "ONE_TO_ONE_NAT",
               "kind": "compute#accessConfig",
               "networkTier": "PREMIUM"
             }
           ],
           "kind": "compute#networkInterface"
         }
       ],
       "reservationAffinity": {
         "consumeReservationType": "NO_RESERVATION"
       },
       "canIpForward": false,
       "machineType": "a3-highgpu-1g",
       "metadata": {
         "fingerprint": "3y_uc6s9Qvs=",
         "kind": "compute#metadata"
       }
     }
   }
   

   To enable Secure Boot, you can optionally include the following object for VM instance boots.

     "shieldedInstanceConfig": {
       "enableIntegrityMonitoring": true,
       "enableSecureBoot": true,
       "enableVtpm": true
     }
   

   Provide the following values:

   • INSTANCE_TEMPLATE_NAME: The name of the new VM instance template.

   • IMAGE_PROJECT: The project containing the supported operating system image. We recommend using the ubuntu-os-cloud image project for Ubuntu images. You can optionally use the confidential-vm-images image project for Container-Optimized OS images.

   • IMAGE_FAMILY_NAME: The family for the Confidential VM-supported operating system image. When using the ubuntu-os-cloud image project, we recommend using the ubuntu-2204-lts image family. For Container-Optimized OS images from the confidential-vm-images project, use the cos-tdx-113-lts image family.

   • PROJECT_ID: Optional. The ID of the project to create the VM in.

   • ZONE: The supported zone to create the MIG in.

2. Create a MIG and a resize request to add GPU VM instances all at once.

3. List the instances present in the MIG.

   gcloud

   gcloud compute instance-groups managed list-instances INSTANCE_GROUP_NAME \
       --zone=ZONE \
       --project=PROJECT_ID
   

   Provide the following values:

   • INSTANCE_GROUP_NAME: The name of the MIG.

   • ZONE: The supported zone to get a list of VM instances from.

   • PROJECT_ID: Optional. The ID of the project to get a list of VM instances from.

   REST

   To list all instances, send the following GET request.

   The HTTP method and URL:

   GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/instanceTemplates
   

   To narrow the list of instances to a specific zone, send the following GET request.

   The HTTP method and URL:

   GET https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/ZONE/instanceTemplates
   

   Provide the following values:

   • ZONE: The supported zone to get a list of VM instances from.

   • PROJECT_ID: The ID of the project to get a list of VM instances from.

Create a Spot VM instance

  gcloud compute instances create VM_NAME \
      --provisioning-model=SPOT \
      --image-family=IMAGE_FAMILY_NAME \
      --image-project=IMAGE_PROJECT \
      --machine-type=a3-highgpu-1g \
      --maintenance-policy=TERMINATE \
      --boot-disk-size=30G \
      --confidential-compute-type=TDX \

  POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE/instances

  {
    "name": "VM_NAME",
    "confidentialInstanceConfig": {
      "confidentialInstanceType": "TDX"
    },
    "scheduling": {
      "onHostMaintenance": "TERMINATE",
      "provisioningModel": "SPOT",
    },
    "disks": [
      {
        "type": "PERSISTENT",
        "autoDelete": true,
        "index": 0,
        "boot": true,
        "kind": "compute#attachedDisk",
        "mode": "READ_WRITE",
        "initializeParams": {
          "sourceImage": "projects/IMAGE_PROJECT/global/images/family/IMAGE_FAMILY_NAME",
          "diskSizeGb": "30"
        }
      }
    ],
    "networkInterfaces": [
      {
        "name": "nic0",
        "network": "projects/PROJECT_ID/global/networks/default",
        "accessConfigs": [
          {
            "name": "external-nat",
            "type": "ONE_TO_ONE_NAT",
            "kind": "compute#accessConfig",
            "networkTier": "PREMIUM"
          }
        ],
        "kind": "compute#networkInterface"
      }
    ],
    "machineType": "zones/ZONE/machineTypes/a3-highgpu-1g",
  }

Enable confidential computing mode on the GPU

1. Connect to a VM instance in the MIG using the gcloud compute ssh command.

   gcloud compute ssh
   

2. Update the package list and install the necessary tools and libraries.

   sudo apt-get update --yes
   sudo apt-get install linux-headers-$(uname -r)
   sudo apt install -y build-essential libxml2 libncurses5-dev pkg-config libvulkan1
   

3. Install the appropriate GPU drivers on the VM instance.

4. Enable Linux Kernel Crypto API (LKCA) to configure a secure communication between the GPU and the GPU driver.

   echo "install nvidia /sbin/modprobe ecdsa_generic; /sbin/modprobe ecdh; /sbin/modprobe --ignore-install nvidia" | sudo tee /etc/modprobe.d/nvidia-lkca.conf
   sudo update-initramfs -u
   

5. Enable persistence mode to ensure a secure Security Protocol and Data Model (SPDM) connection between the GPU and the GPU driver.

   sudo test -f /usr/lib/systemd/system/nvidia-persistenced.service && sudo sed -i "s/no-persistence-mode/uvm-persistence-mode/g" /usr/lib/systemd/system/nvidia-persistenced.service
   sudo systemctl daemon-reload
   

6. Reboot the VM instance to apply LKCA and persistence mode configurations.

   sudo reboot
   

7. (Optional) Install CUDA samples to enable confidential computing mode.

   wget -O cuda-samples.tar.gz https://github.com/NVIDIA/cuda-samples/archive/refs/tags/v12.5.tar.gz
   tar xzvf cuda-samples.tar.gz
   

What's next

• Learn how to verify confidential mode is enabled on GPUs.