Container-Optimized OS (COS) is an operating system image for your Compute Engine VMs that is optimized for running Docker containers. With Container-Optimized OS, you can bring up your Docker containers on Trusted Cloud quickly, efficiently, and securely. This page describes the differences between the Trusted Cloud and Google Cloud versions of Container-Optimized OS.
For more detailed information about Container-Optimized OS, see the Container-Optimized OS overview and the rest of the Container-Optimized OS documentation.
Key differences
There are some differences between the Trusted Cloud version of Container-Optimized OS and the Google Cloud version. Some notable differences include the following:
- COS milestones 113 and below are unavailable
- ARM OS image families are unavailable
- Automatic updates are unavailable
A more detailed list of differences is provided in the rest of this section. If you are already familiar with Google Cloud, we recommend that you review these differences carefully, particularly before designing an application to run on Trusted Cloud. We also recommend reviewing the general differences between Google Cloud and your universe in the Trusted Cloud by S3NS overview.
If you would like to use a particular Container-Optimized OS feature that isn't currently available in Trusted Cloud, contact Trusted Cloud support. To be notified when new features roll out in Trusted Cloud, subscribe to the release notes.
Hardware and OS
| Operating system details | The following differences apply to the image project:
|
Creating and configuring instances
| Creating a simple instance | Creating an instance with a container or containers as described in Creating and configuring an instance is not available, as the Konlet workflow is not supported in Trusted Cloud by S3NS. Instead, follow the instructions in Create a Compute Engine instance to create an instance, selecting a Container-Optimized OS version as your boot disk. |
| Other metadata flags | Other metadata flags are unavailable |
| Enabling or disabling automatic updates | Enabling or disabling automatic updates is unavailable |
Running containers on instances
| Container Registry | Container Registry is unavailable |
| Private images | Accessing private images command docker-credential-gcr configure-docker should be replaced with docker-credential-gcr configure-docker --registries s3nsregistry.fr
|
| Configuring Docker daemon | Configuring Docker daemon to pull images from registry cache is unavailable |
Monitoring
| Node Problem Detector | Monitoring system health with Node Problem Detector is unavailable |
Building from open source
| Building from open source | Building from open source is unavailable |
Toolbox
| References to gcr.io/cos-cloud/toolbox | The toolbox Docker image has a different repository path in Trusted Cloud. Use docker.s3nsregistry.fr/s3ns-system/cos-cloud/toolbox/toolbox if you need to pull the image
|
GPU accelerators
| Pulling cos-gpu-installer | The cos-gpu-installer Docker image has a different repository path in Trusted Cloud.Use docker.s3nsregistry.fr/s3ns-system/cos-cloud/cos-gpu-installer/cos_gpu_installer if you need to pull the image
|
| Available GPUs | NVIDIA H100 is available |
| Unavailable GPUs |
The following machine types and their associated gpu drivers are unavailable: A2, G2, and N1 Pre-compiled close source drivers cannot be mirrored in Trusted Cloud by S3NS, hence the following GPUs are unavailable: |
Workflows and tools
| Artifact Registry domain | Use s3nsregistry.fr instead of pkg.dev when using images in Artifact Registry
|
| Oval vulnerability feed | Oval vulnerability feed is unavailable |
| Configuring instances with user-defined guest policies | OSConfig is unavailable |
| OS Policy | OS Policy is unavailable |
Related guides
The following information might also affect how you use and design for Container-Optimized OS in Trusted Cloud by S3NS. These guides include general information about working in Trusted Cloud, including documentation, security and access control, billing, tooling, and service usage.
For details about other services and features in Trusted Cloud and their differences from their Google Cloud counterparts, see the product list.