[Yandex Cloud documentation](../../index.md) > [Yandex Container Solution](../index.md) > [Tutorials](index.md) > Creating a VM from a Container Optimized Image

# Creating a VM from a Container Optimized Image

Create a VM from a [Container Optimized Image](../concepts/index.md) and run a Docker container on it.

## Getting started {#before-you-begin}

If the required Docker image has been pushed to Yandex Container Registry, create a [service account](../../iam/operations/sa/create.md) with the [container-registry.images.puller](../../container-registry/security/index.md#choosing-roles) role for the registry in use. A Container Optimized Image VM will pull the Docker image from the registry under this account.

## Create a Docker container VM from a Container Optimized Image {#create-vm}

{% list tabs group=instructions %}

- Management console {#console}

  1. In the [management console](https://console.yandex.cloud), select the [folder](../../resource-manager/concepts/resources-hierarchy.md#folder) where you want to create your VM.
  1. Navigate to **Compute Cloud**.
  1. In the left-hand panel, select ![image](../../_assets/console-icons/server.svg) **Virtual machines**.
  1. Click **Create virtual machine**.
  1. Under **Boot disk image**, navigate to the **Container Solution** tab.
  1. Click **Configure**.
  1. In the **Docker container settings** window that opens, set the parameters using the suggestions:

      * Optionally, enter the **Name** of the Docker container you will run on the VM. The naming requirements are as follows:

          * Length: between 3 and 63 characters.
          * It can only contain lowercase Latin letters, numbers, and hyphens.
          * It must start with a letter and cannot end with a hyphen.

      * Specify the [**Docker image**](../concepts/docker-image.md) to use for running the Docker container on the VM. You can do this in one of these ways:

          * By selecting one of the available images. To do this, start typing the image name in the search bar. The image search reads all available cloud folders.
          * By specifying the image name manually. To do this, click **Enter link** and enter the image name. You can specify an image from the Container Registry or any publicly available Docker image library, such as [Docker Hub](https://hub.docker.com).

      * Optionally, specify the executable to run when the Docker container starts in the **Command** field.
      * Optionally, set **Command arguments**.
      * Optionally, specify the **Environment variables** you want to make available in the Docker container, in `key:value` format.
      * Select the [**Restart policy**](../concepts/restart-policy.md) field value for the Docker container:

          * `Always`: Always restart the Docker container when it stops.
          * `On-Failure`: Only restart the Docker container if it shuts down with a non-zero return code.
          * `Never`: Do not restart the Docker container automatically.

      * Optionally, enable **Attach a TTY to the Docker container** to use the command shell in the Docker container.
      * Optionally, enable **Allocate an stdin buffer for a running Docker container** to link the input stream to the running Docker container.
      * Optionally, enable **Run Docker container in privileged mode** to allow the Docker container processes to access all VM resources.

  1. Click **Apply**.
  1. Under **Access**, specify the service account you [created earlier](#before-you-begin).
  1. Use [this guide](../../compute/operations/vm-create/create-linux-vm.md) to configure the remaining VM parameters.

- CLI with the help of parameters {#cli}

  If you do not have the Yandex Cloud CLI yet, [install and initialize it](../../cli/quickstart.md#install).

  The folder used by default is the one specified when [creating](../../cli/operations/profile/profile-create.md) the CLI profile. To change the default folder, use the `yc config set folder-id <folder_ID>` command. You can also specify a different folder for any command using `--folder-name` or `--folder-id`. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

  To create a VM and set the Docker container parameters via the YC CLI:
  1. View the command description:

     ```bash
     yc compute instance create-with-container --help
     ```

  1. Run this command:

     ```bash
     yc compute instance create-with-container \
       --name my-vm \
       --zone ru-central1-b \
       --ssh-key ssh-key.pub \
       --service-account-name <service_account_name> \
       --create-boot-disk size=30 \
       --public-ip \
       --platform standard-v3 \
       --container-name=my-app \
       --container-image=cr.yandex/mirror/ubuntu:24.04 \
       --container-command=sleep \
       --container-arg="1000" \
       --container-env='"KEY-GROUP={key1:value1,key2:value2,key3:value3}"',KEY4=VALUE4,KEY5=VALUE5 \
       --container-privileged
      ```

     Where:
     * `--name`: VM name.
     * `--zone`: Availability zone.
     * `--ssh-key`: Contents of the [public key](../../compute/operations/vm-connect/ssh.md#creating-ssh-keys) file.
     * `--service-account-name`: Name of the service account you created [earlier](#before-you-begin).
     * `--create-boot-disk size`: Boot disk size.

        To get the minimum boot disk size required for installing an image, run this command:
        * `yc compute image get-latest-from-family container-optimized-image --folder-id standard-images` if you are installing a Container Optimized Image.
        * `yc compute image get-latest-from-family container-optimized-image-gpu --folder-id standard-images` if you are installing a GPU Container Optimized Image.
        
        You can find the minimum boot disk size in the `min_disk_size` property.

     * `--public-ip`: Public IP address allocated to the VM.
     * `--container-name`: Docker container name.
     * `--container-image`: Name of the Docker image for running the Docker container.
     * `--container-command`: Command to run when you start the Docker container.
     * `--container-arg`: Parameters for the command specified in `--container-command`.
     * `--container-env`: Environment variables available in the Docker container.

        Use single and double quotes at the same time for `key:value` pairs, e.g., `--container-env='"KEY-GROUP={key1:value1,key2:value2,key3:value3}"'`.
     * `--container-privileged`: Run the Docker container in privileged mode.

     Result:

     ```text
     done (17s)
      id: epdbf646ge5q********
      folder_id: b1g88tflru0e********
      created_at: "2023-03-13T09:44:03Z"
      name: my-vm
     ...
     ```

    Once created, the VM will appear in the VM list under **Compute Cloud** in the [management console](https://console.yandex.cloud). For more information about working with VMs, see our step-by-step guides [here](../../compute/operations/index.md).

- CLI with the help of a specification file {#spec-cli}

  If you do not have the Yandex Cloud CLI yet, [install and initialize it](../../cli/quickstart.md#install).

  The folder used by default is the one specified when [creating](../../cli/operations/profile/profile-create.md) the CLI profile. To change the default folder, use the `yc config set folder-id <folder_ID>` command. You can also specify a different folder for any command using `--folder-name` or `--folder-id`. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

  To create a VM and set the Docker container parameters using a [specification file](../concepts/coi-specifications.md#coi-spec):
  1. View the command description:

     ```bash
     yc compute instance create-with-container --help
     ```

  1. Create a Docker container spec file. Save the following data to the `docker-spec.yaml` file:

     ```yaml
     spec:
       containers:
       - command:
         - sleep
         args:
         - 100000
         image: cr.yandex/mirror/ubuntu:20.04
         name: my-container
         securityContext:
          privileged: true
     ```

  1. Run this command:

     ```bash
     yc compute instance create-with-container \
       --coi-spec-file docker-spec.yaml \
       --name my-vm \
       --zone ru-central1-b \
       --ssh-key ssh-key.pub \
       --create-boot-disk size=30 \
       --service-account-name <service_account_name> \
       --public-ip
     ```

     Where:
     * `--coi-spec-file`: Path to the Docker container [specification file](../concepts/coi-specifications.md#coi-spec).
     * `--name`: VM name.
     * `--zone`: Availability zone.
     * `--ssh-key`: Contents of the [public key](../../compute/operations/vm-connect/ssh.md#creating-ssh-keys) file.
     * `--create-boot-disk size`: Boot disk size.

        To get the minimum boot disk size required for installing an image, run this command:
        * `yc compute image get-latest-from-family container-optimized-image --folder-id standard-images` if you are installing a Container Optimized Image.
        * `yc compute image get-latest-from-family container-optimized-image-gpu --folder-id standard-images` if you are installing a GPU Container Optimized Image.
        
        You can find the minimum boot disk size in the `min_disk_size` property.

     * `--service-account-name`: Name of the service account you created [earlier](#before-you-begin).
     * `--public-ip`: Public IP address allocated to the VM.

     Result:

     ```text
     done (1m40s)
      id: epde18u4mahl********
      folder_id: b1g7gvsi89m3********
      created_at: "2023-03-13T13:50:17Z"
      name: my-vm
      ...
     ```

  Once created, the VM will appear in the VM list under **Compute Cloud** in the [management console](https://console.yandex.cloud). For more information about working with VMs, see our step-by-step guides [here](../../compute/operations/index.md).

{% endlist %}