Compute Engine in Trusted Cloud versus Google Cloud

Compute Engine is a customizable compute service for creating and running virtual machines. Compute Engine offers scale, performance, and value that lets you easily move from single virtual machines for experimentation and development to large compute clusters for production workloads. Because Trusted Cloud is optimized for general purpose compute infrastructure and modest-scale AI/ML workloads, there are some differences between Compute Engine in Trusted Cloud by S3NS and Google Cloud. This page describes the differences between the Trusted Cloud and Google Cloud versions of Compute Engine.

For more detailed information about Compute Engine, see the Compute Engine overview and the rest of the Compute Engine documentation.

You can find recommendations and best practices for using Compute Engine in Trusted Cloud, including recommended alternatives where features differ from Google Cloud, in the Recommendations section.

Key differences

There are some differences between the Trusted Cloud version of Compute Engine and the Google Cloud version. Some notable differences include the following:

Only three machine type series are available in Trusted Cloud
Hyperdisk Balanced is the only disk type available in Trusted Cloud
Image adaptation is the only supported migration path into Trusted Cloud

A more detailed list of differences is provided in the rest of this section. If you are already familiar with Google Cloud, we recommend that you review these differences carefully, particularly before designing an application to run on Trusted Cloud. We also recommend reviewing the general differences between Google Cloud and your universe in the Trusted Cloud by S3NS overview.

If you would like to use a particular Compute Engine feature that isn't currently available in Trusted Cloud, contact Trusted Cloud support. To be notified when new features roll out in Trusted Cloud, subscribe to the release notes.

Hardware and OS

Machine types	Only the following machine types are available in Trusted Cloud: C3 machine types with up to 176 vCPUs. C3 Bare metal instances aren't available. M3 machine types with up to 128 vCPUs. A3 Edge machine type: `a3-edgegpu-8g-nolssd` All other machine series, including AMD and Arm-based machine types are unavailable. For recommendations about how to adapt your machine usage in Trusted Cloud, see the recommendations section. The following instance types are available in Trusted Cloud: Virtual machine (VM) instances Managed and unmanaged instance groups Sole tenant nodes All other instance types are unavailable, including the following: Bare metal instances Confidential VM instances
GPUs and TPUs	Only the following GPUs are available in Trusted Cloud: NVIDIA H100 80GB GPUs are available with the A3 Edge machine type, with the following differences: Machine type: `a3-edgegpu-8g-nolssd` Attached Local SSD (Gib): 0. Local SSD isn't supported in Trusted Cloud Maximum network bandwidth (Gbps): 800 All other GPU machine types are unavailable. TPUs are unavailable.
Disks and encryption	The following disk types are available in Trusted Cloud: Hyperdisk Balanced All other disk types are unavailable. For recommendations about how to adapt your disk usage in Trusted Cloud, see the recommendations section. Note: Trusted Cloud is contained within a single region. We recommend that you use off-cloud data replication to ensure business continuity in case of an outage. Compute Engine automatically encrypts customer content at rest. The following key encryption key (KEK) methods are addionally available in Trusted Cloud: Customer-managed encryption keys (CMEK) All other KEK encryption methods are unavailable.
Operating system images	The following Linux operating systems are available in Trusted Cloud: Debian Ubuntu LTS Rocky Linux Container-Optimized OS Arm image families are unavailable in Trusted Cloud. If you want to use enterprise operating systems such as Windows, Red Hat Enterprise Linux (RHEL), and SUSE Linux Enterprise Server (SLES), you must bring your own licenses. You can import images that you have licenses for into Compute Engine by adapting operating systems for Trusted Cloud.
Operating system details	The following differences apply to OS images in Trusted Cloud: Image project: Debian: `s3ns-system:debian-cloud` Ubuntu LTS: `s3ns-system:ubuntu-os-cloud` Rocky Linux: `s3ns-system:rocky-linux-cloud` Container-Optimized OS: `s3ns-system:cos-cloud` Arm image family: Not supported SCSI interfaces: Not supported IDPF interfaces: Not supported Guest environment: Supported. You are responsible for installation and updates. gcloud CLI: Supported. You are responsible for installing and updating. OS Login: Not supported VM Manager: Not supported Import: Adapting operating systems for Trusted Cloud is supported License: No licenses are required

Networking

VM networking

Zonal DNS names ares available in Trusted Cloud.

Global DNS names are unavailable.

There is no default network created when you create a project. Some examples assume that you have a default network. If you need a default network you can manually create an equivalent auto mode network called default.

For detailed information about networking differences in Trusted Cloud, see the following documents:

Availability and Disaster Recovery

Regions and zones

Trusted Cloud has multiple zones in a single region. Multi-region features and cross-region failover are not supported. Deployment across multiple zones for resiliency is supported. We recommend that you use off-cloud data replication to ensure business continuity in case of an outage.

Reservations

On-demand reservations are available in Trusted Cloud.

Future reservations are not available.

Cost management

Cost saving features

There are no cost savings features available in Trusted Cloud. This includes Spot VMs and committed use discounts (CUDs).

Security and access control

VM security features

The following VM security features are available in Trusted Cloud:

All other security features are unavailable, including the following:

Confidential VMs

Workflows and tools

VM creation	The following VM creation options are unavailable in Trusted Cloud: Bulk VM creation
Migration	Image adaptation is available in Trusted Cloud. All other migration options are unavailable.
Backup and restoration	The following backup options are available in Trusted Cloud: Snapshots Clones All other backup and restoration options are unavailable.
VM and user management	The following VM and user management options are unavailable in Trusted Cloud: VM Manager OS Login

Recommendations

Machine type recommendations:
- If you need small machine types like N2, we recommend that you use C3 in Trusted Cloud. C3 instances have more powerful CPUs than N2 instances, so you might be able to use fewer instances to achieve equivalent or better performance.
- If you need large amounts of memory, we recommend that you use M3.
- If you need to use GPUs, we recommend that you use A3 Edge. Consider doing CPU inferencing if A3 Edge is too large for your workload.
Disk recommendations:
- Google Cloud Hyperdisk balanced is the recommended block storage option for Compute Engine and the only block storage option in Trusted Cloud by S3NS. If you use balanced Persistent Disk in Google Cloud, we recommend that you use Google Cloud Hyperdisk in Trusted Cloud by S3NS and Google Cloud alike.

The following information might also affect how you use and design for Compute Engine in Trusted Cloud by S3NS. These guides include general information about working in Trusted Cloud, including documentation, security and access control, billing, tooling, and service usage.

For details about other services and features in Trusted Cloud and their differences from their Google Cloud counterparts, see the product list.