1. Images
   1. Overview
      1. Public and custom images
      2. Images are not limited to zone
      3. Accessible from all projects
      4. Customized boot disks can be created by users
      5. Only available within a customer's project
      6. Public images are provided and maintained by Google/community/vendors
   2. Sharing
      1. Requires Compute Engine Image User role to host project
      2. For managed instance groups a service account must be granted role to host project with image
      3. Export to Cloud Storage to share images without the need for host project access
      4. Export image as tar.gz to Cloud Storage
      5. Sharing with Image User Role is preferable
   3. Managing
      1. Source
         1. Create from persistent disk
         2. Another image in same project
         3. Image shared from another project
         4. Compressed image from Cloud Storage
      2. Family
         1. Image families simplify image versioning
         2. Groups related images together
         3. Useful for instance templates and scripts
         4. Roll forward and back between image versions
         5. Family always points to newest non-deprecated version
      3. Deprecating
         1. As custom images are updated, older versions have to be retired
         2. Users need to be transitioned from older versions to newer ones in a manageable way
         3. States
            1. Deprecated: Works but gives warnings
            2. Obsolete: New users cannot use it
            3. Deleted: All users cannot use it
            4. Active: Marks deprecated image as active again
2. Snapshots
   1. Overview
      1. Snapshots are instance/disk backups
      2. Can be created while instance is running
      3. Can create instance copies in new zones
      4. Can create snapshot of boot disks or attached disks
   2. Operation
      1. Incremental backup
      2. First snapshot creates a full disk copy
      3. Subsequently snapshots capture difference since last snapshot
      4. Snapshot restore combines previous snapshots to create entire disk
   3. Best Practice
      1. Pause application/processes that write data
      2. Flush disk buffers
      3. If possible, unmount disk completely
      4. Take only one snapshot at a time per disk
      5. Schedule during off-peak hours
      6. Use multiple persistent disks for large data volume
      7. Run fstrim before snapshot (Linux) to clean up space
3. Instance Groups
   1. Overview
      1. Groups of instances
      2. Backend targets for load balancers
      3. Managed instance group manages similar machine types
      4. Unmanaged instance groups allow dissimilar machines
   2. Operation
      1. Create instance template
      2. Defines group configuration
      3. Machne type, zone, image, script
      4. Reusable for multiple group configrations
      5. Global, not regional
      6. Can reference regional resources, e.g. disks
      7. Create managed instance group from instance templates
      8. Regional. Can use more than one zone in a single group
   3. Healthcheck
      1. Autohealing for managed instance groups
      2. Deletes and recreates failed instances
      3. Probes instances at a predefined interval
      4. Instance group must allow healthcheck traffic
      5. Firewall rule must allow ingress traffic from 35.191.0.0/16, 130.211.0.0/22 (Global) and 35.191.0.0/16,209.85.152.0/22,209.85.204.0/22 (Regional)
   4. Implementation
      1. Managed instance groups often paired with Load Balancers
      2. Load Balancers must be assigned to a backend
      3. Load Balancers contain one or more backend services
      4. Backends link to one instance group
      5. Backend service knows which backend to use - directs traffic
      6. Subject to firewall rules for allowed traffic
      7. Firewall rules apply to instances, not load balancer
      8. Backends must allow load balancer and healthcheck addresses