You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Sole-tenant nodes provide dedicated physical servers in Google Cloud's data centres where only your VMs run. Unlike standard Compute Engine VMs that share physical hosts with other customers (multi-tenancy), sole-tenant nodes ensure that your workloads are physically isolated from other tenants.
While multi-tenancy is the norm in public cloud computing and is secure by design (Google's custom hypervisor provides strong isolation), some organisations have requirements that mandate physical isolation:
Some industry regulations and compliance frameworks require workloads to run on dedicated hardware:
| Requirement | Example |
|---|---|
| HIPAA | Healthcare data that must not share physical hosts |
| PCI DSS | Payment card data requiring physical isolation |
| Government | Classified or sensitive workloads with strict tenancy rules |
| Financial services | Trading systems requiring dedicated performance |
Many enterprise software licences (Oracle, SQL Server, Windows Server) have per-core or per-socket licensing terms that require you to know the exact physical hardware your VMs run on. Sole-tenant nodes provide the visibility needed to comply with Bring Your Own Licence (BYOL) agreements.
While Google's hypervisor prevents noisy-neighbour effects at the security level, some workloads are sensitive to CPU cache contention, memory bandwidth sharing, or NUMA topology. Sole-tenant nodes eliminate these concerns.
A sole-tenant node is a physical Compute Engine server dedicated to your project. You create a node group that contains one or more nodes, and then schedule your VMs onto those nodes.
A node template defines the configuration of a sole-tenant node:
# Create a node template
gcloud compute sole-tenancy node-templates create my-node-template \
--region=europe-west2 \
--node-type=n2-node-80-640
The node type n2-node-80-640 means an N2-family node with 80 vCPUs and 640 GB of memory.
| Node Type | vCPUs | Memory (GB) | Local SSD |
|---|---|---|---|
| n1-node-96-624 | 96 | 624 | Optional |
| n2-node-80-640 | 80 | 640 | Optional |
| n2d-node-224-896 | 224 | 896 | Optional |
| c2-node-60-240 | 60 | 240 | Optional |
| m1-node-96-1433 | 96 | 1,433 | N/A |
A node group manages a set of nodes with the same template:
# Create a node group with 2 nodes
gcloud compute sole-tenancy node-groups create my-node-group \
--zone=europe-west2-a \
--node-template=my-node-template \
--target-size=2
# Create a VM on a sole-tenant node group
gcloud compute instances create isolated-vm \
--zone=europe-west2-a \
--machine-type=n2-standard-16 \
--image-family=debian-12 \
--image-project=debian-cloud \
--node-group=my-node-group
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.