Manage virtual machines with VM Service
On This Page
This section describes the available configuration options for VM service. Refer to the default
values.yaml file for details on how to pre-scale virtual machines.
| If Docker Layer Caching (DLC) is used, VM Service instances need to be spun up on demand. For this to happen, either ensure any preallocated instances are in use, or set both remote Docker and |
|When using preallocated instances be aware that a cron job is scheduled to cycle through these instances once per day to ensure they do not end up in an unworkable state.|
The following configuration options are for the VM provider: either AWS or GCP.
You will need to add a section to your
values.yaml file to configure VM Service to work with AWS EC2.
One of the following options is required:
Either, select "IAM Keys" and provide:
Or, select "IAM role" and provide:
Role ARN (required):
Role ARN for Service Accounts (Amazon Resource Name) for EC2 access.
vm_service: providers: ec2: enabled: true region: <region> # Subnets must be in the same availability zone subnets: - <subnet-id> securityGroupId: <security-group-id> # Authenticate with IAM access keys accessKey: <access-key> secretKey: <secret-key> # or IRSA (IAM roles for service accounts) irsaRole: <role-arn>
Default AWS AMI list
The default AMIs for server v4.x are based on Ubuntu 20.04.
"us-east-1" "ami-04f249339fa8afc90" "ca-central-1" "ami-002f61fb4f6cd4f04" "ap-south-1" "ami-0309e6438340ff3f5" "ap-southeast-2" "ami-03ac956e1d298b76a" "ap-southeast-1" "ami-0272b002478c96552" "eu-central-1" "ami-07266a91e4ef7e3e8" "eu-west-1" "ami-0bc8a965f9ae82e44" "eu-west-2" "ami-0bcbed1cffe3866c2" "sa-east-1" "ami-05291e231356c0387" "us-east-2" "ami-08735066168c5c8e9" "us-west-1" "ami-035e0e862838fcb21" "us-west-2" "ami-0b4970c467d8baaef" "ap-northeast-1" "ami-0b9233227f60abc2c" "ap-northeast-2" "ami-08e7a9df6ab2f6b9d" "eu-west-3" "ami-07f0d51c7621f0c39" "us-gov-east-1" "ami-0f68718afd37587ae" "us-gov-west-1" "ami-8e2106ef"
You will need to add a section to your
values.yaml file to configure VM Service to work with Google Cloud Platform (GCP).
|We recommend you create a unique service account used exclusively by VM Service. The Compute Instance Admin (Beta) role is broad enough to allow VM Service to operate. If you wish to make permissions more granular, you can use the Compute Instance Admin (beta) role documentation as reference.|
Choose one of the following options:
If you choose to use GCP IAM Workload Identity, use the VM service account email address (
project-id.iam.gserviceaccount.com ) which you created here in point 2 and 3 for the
If you choose to use a GCP Service Account JSON file, use the contents of your service account JSON file for
vm_service: enabled: true replicas: 1 providers: gcp: enabled: false project_id: <project-id> network_tags: - circleci-vm - <your-network> zone: <zone> network: <network> subnetwork: <subnetwork> service_account: <service-account-json> # OR workloadIdentity: "" # Leave blank if using JSON keys of service account else service account email address
Help make this document better
This guide, as well as the rest of our docs, are open source and available on GitHub. We welcome your contributions.
- Suggest an edit to this page (please read the contributing guidefirst).
- To report a problem in the documentation, or to submit feedback and comments, please open an issue on GitHub.
- CircleCI is always seeking ways to improve your experience with our platform. If you would like to share feedback, please join our research community.
Our support engineers are available to help with service issues, billing, or account related questions, and can help troubleshoot build configurations. Contact our support engineers by opening a ticket.
You can also visit our support site to find support articles, community forums, and training resources.
CircleCI Documentation by CircleCI is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.