When should I use sole-tenant nodes instead of regular VMs?

Use sole-tenant nodes when you need hardware isolation for compliance (HIPAA, PCI-DSS, FedRAMP), have software licenses that require dedicated physical cores (Oracle, SQL Server with BYOL), need consistent performance without noisy-neighbor effects, or have security policies that mandate single-tenant hardware. For most other workloads, regular VMs are more cost-effective because Google's multi-tenant infrastructure already provides strong isolation.

How does pricing work for sole-tenant nodes?

You pay for the entire physical node regardless of how many VMs you place on it. A node template determines the machine type, and the node costs the equivalent of the maximum number of that machine type that fits on the server. Committed use discounts (1-year or 3-year) apply to sole-tenant nodes and can reduce costs by up to 57%. Use CPU overcommit to place more vCPUs than the physical node has cores, increasing VM density for workloads with low average CPU utilization.

GCP Sole-Tenant Node Builder

ComputeGCP

Build sole-tenant node templates, node groups with autoscaling, and instance affinity configurations.

Sole-Tenant Nodes Configuration

Build sole-tenant node templates, node groups with autoscaling, and instance affinity configurations.

Required Fields

nodeTemplate.namenodeTemplate.nodeTypenodeTemplate.regionnodeGroup.namenodeGroup.zone

{
  "nodeTemplate": {
    "name": "sole-tenant-template-c2",
    "nodeType": "c2-node-60-240",
    "region": "us-central1",
    "nodeAffinityLabels": {
      "workload-type": "licensed-software",
      "compliance": "hipaa"
    },
    "serverBinding": {
      "type": "RESTART_NODE_ON_ANY_SERVER"
    },
    "cpuOvercommitType": "NONE"
  },
  "nodeGroup": {
    "name": "sole-tenant-group-prod",
    "zone": "us-central1-a",
    "nodeTemplate": "projects/my-project/regions/us-central1/nodeTemplates/sole-tenant-template-c2",
    "initialNodeCount": 2,
    "autoscalingPolicy": {
      "mode": "ON",
      "minNodes": 1,
      "maxNodes": 5
    },
    "maintenancePolicy": "MIGRATE_WITHIN_NODE_GROUP",
    "maintenanceWindow": {
      "startTime": "02:00"
    }
  },
  "instanceAffinityConfig": {
    "scheduling": {
      "nodeAffinities": [
        {
          "key": "compute.googleapis.com/node-group-name",
          "operator": "IN",
          "values": ["sole-tenant-group-prod"]
        },
        {
          "key": "workload-type",
          "operator": "IN",
          "values": ["licensed-software"]
        }
      ],
      "onHostMaintenance": "MIGRATE",
      "automaticRestart": true
    }
  }
}

Generated Output

Output will appear here...

About This Tool

Sole-tenant nodes give you dedicated physical Compute Engine servers that host only your project's VMs, providing hardware isolation for compliance, licensing, and performance requirements. They are essential for workloads governed by regulations like HIPAA, PCI-DSS, or financial services mandates that prohibit multi-tenant hardware. This builder helps you configure sole-tenant node templates with specific machine types, affinity labels, CPU overcommit settings, and maintenance policies, generating the configuration for deployment.

When to Use This Tool

•Configuring sole-tenant nodes for HIPAA-regulated healthcare workloads that require physical hardware isolation from other tenants
•Setting up bring-your-own-license (BYOL) Windows Server or Oracle Database VMs that require per-core or per-processor licensing on dedicated hardware
•Building a sole-tenant node group with maintenance policies that control live migration behavior during host maintenance events
•Planning sole-tenant capacity with CPU overcommit enabled to maximize VM density for development or testing environments

Frequently Asked Questions

When should I use sole-tenant nodes instead of regular VMs?: Use sole-tenant nodes when you need hardware isolation for compliance (HIPAA, PCI-DSS, FedRAMP), have software licenses that require dedicated physical cores (Oracle, SQL Server with BYOL), need consistent performance without noisy-neighbor effects, or have security policies that mandate single-tenant hardware. For most other workloads, regular VMs are more cost-effective because Google's multi-tenant infrastructure already provides strong isolation.
How does pricing work for sole-tenant nodes?: You pay for the entire physical node regardless of how many VMs you place on it. A node template determines the machine type, and the node costs the equivalent of the maximum number of that machine type that fits on the server. Committed use discounts (1-year or 3-year) apply to sole-tenant nodes and can reduce costs by up to 57%. Use CPU overcommit to place more vCPUs than the physical node has cores, increasing VM density for workloads with low average CPU utilization.

Related Learning Guides

Compute Engine Machine Types22 min read

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.

GCP Sole-Tenant Node Builder

ComputeGCP

Build sole-tenant node templates, node groups with autoscaling, and instance affinity configurations.

Sole-Tenant Nodes Configuration

Build sole-tenant node templates, node groups with autoscaling, and instance affinity configurations.

Required Fields

nodeTemplate.namenodeTemplate.nodeTypenodeTemplate.regionnodeGroup.namenodeGroup.zone

Generated Output

Output will appear here...

About This Tool

When to Use This Tool

•Configuring sole-tenant nodes for HIPAA-regulated healthcare workloads that require physical hardware isolation from other tenants
•Setting up bring-your-own-license (BYOL) Windows Server or Oracle Database VMs that require per-core or per-processor licensing on dedicated hardware
•Building a sole-tenant node group with maintenance policies that control live migration behavior during host maintenance events
•Planning sole-tenant capacity with CPU overcommit enabled to maximize VM density for development or testing environments

Frequently Asked Questions

When should I use sole-tenant nodes instead of regular VMs?: Use sole-tenant nodes when you need hardware isolation for compliance (HIPAA, PCI-DSS, FedRAMP), have software licenses that require dedicated physical cores (Oracle, SQL Server with BYOL), need consistent performance without noisy-neighbor effects, or have security policies that mandate single-tenant hardware. For most other workloads, regular VMs are more cost-effective because Google's multi-tenant infrastructure already provides strong isolation.
How does pricing work for sole-tenant nodes?: You pay for the entire physical node regardless of how many VMs you place on it. A node template determines the machine type, and the node costs the equivalent of the maximum number of that machine type that fits on the server. Committed use discounts (1-year or 3-year) apply to sole-tenant nodes and can reduce costs by up to 57%. Use CPU overcommit to place more vCPUs than the physical node has cores, increasing VM density for workloads with low average CPU utilization.

Related Learning Guides

Compute Engine Machine Types22 min read