This topic describes the main steps to create a Linux Elastic Compute Service (ECS) instance on the Custom Launch tab of the instance buy page in the ECS console and set up a web service on the instance. You can use this topic to get started with ECS.
Prerequisites
An Alibaba Cloud account is created and real-name verification is completed for the account. For information about how to create an Alibaba Cloud account and complete real-name verification, see Create an Alibaba Cloud account and FAQ about real-name registration on the Alibaba Cloud international site (alibabacloud.com).
Background information
The following diagram shows the basic resources that are required to create an ECS instance.
Region: Multiple Alibaba Cloud regions are available where you can create and deploy ECS instances. In most cases, we recommend that you choose a region in close proximity to your users to achieve lower network latency and higher access speed. For more information, see Regions and Zones.
Virtual private cloud (VPC): A VPC is a virtual network dedicated to your Alibaba Cloud account, in which you can deploy ECS instances. VPCs are mutually isolated and cannot directly access each other. All ECS instances that are deployed in the same VPC can communicate with each other. For more information, see Overview of VPCs and vSwitches.
vSwitch: A vSwitch is a basic network device in a VPC. For more information, see Overview of VPCs and vSwitches.
Instance type: Different instance types offer different compute, memory, and storage capabilities and vary in terms of specifications, such as the CPU models, number of vCPUs, and memory size. For example, some instance types have 2 vCPUs and 4 GiB of memory. For information about the ECS instance families available for purchase, see Overview of instance families.
Image: An image provides the information required to create an ECS instance. including an operating system version. Examples: images for Alibaba Cloud Linux 3.2104 LTS 64-bit and Windows Server 2022 Datacenter 64-bit. For more information, see Overview of images.
Storage: System disks and data disks are attached to ECS instances to store images and business data. For more information, see Overview of Block Storage.
Public IP address: In this topic, you need to access the ECS instance by using a public IP address. Therefore, associate a public IP address with the instance.
Security group: A security group serves as a virtual firewall that can control inbound and outbound traffic for ECS instances. For more information, see Overview of security groups.
Key pair: You can bind an SSH key pair to an ECS instance and use the key pair to authenticate when you log on to the instance for O&M purposes. For more information, see Overview of SSH key pairs.
Create an ECS instance
This section describes how to create an ECS instance that runs a Linux operating system on the Custom Launch tab of the instance buy page in the ECS console. For information about other methods of creating ECS instances, see Create instances.
Entry point for instance creation: Go to the Custom Launch tab of the instance buy page in the ECS console. Perform the following steps to create or select the basic resources required to create an ECS instance. Configure the other parameters based on your business requirements.
1. Select a region and a billing method
Select a billing method based on your business requirements. In this example, the pay-as-you-go billing method is selected, which offers greater flexibility in terms of instance usage. For more information, see Billing overview.
Select a region based on the network latency requirements of your business. To achieve low network latency and high access speed, we recommend that you select a region in close proximity to your users. In this example, the China (Hangzhou) region is selected.
2. Create a VPC and a vSwitch
When you create a VPC, select the region in which you want to create an ECS instance and specify a CIDR block to associate with the VPC based on your business requirements. When you create a VPC, you must create a vSwitch for the VPC. In this example, a VPC and a vSwitch are created in the China (Hangzhou) region. After you create a VPC, go back to the Custom Launch tab of the instance buy page in the ECS console, refresh the VPC and vSwitch drop-down lists, and then select the VPC and vSwitch that you created.
When you create a VPC, you can create a vSwitch at the same time.
3. Select an instance type and an image
Select an instance type and an image. The operating system version included in the image is installed on the instance during instance creation. In this example, the cost-effective ecs.e-c1m1.large
instance type and the Alibaba Cloud Linux 3.2104 LTS 64-bit
public image are selected.
You can use ECS Purchase Assistant or the Add to Comparison feature in the lower part of the
tab in the Instances & Images section to select an instance type that best fits your business requirements.4. Configure disks in the Storage section
Configure a system disk and data disks for the ECS instance based on your business requirements. This topic describes how to set up a simple web service on the ECS instance, which requires only a system disk to store the operating system of the instance without the need for data disks.
System Disk: System disks are the boot disks of ECS instances and are used to store system-related data, such as operating systems and program files.
Data Disk: Data disks are used to store data that is not related to the system, such as user data, logs, and applications.
For more information about storage, see Overview of Block Storage.
5. Associate a public IP address
To provide Internet connectivity to the ECS instance, select Assign Public IPv4 Address to assign a public IP address to the instance. Alternatively, associate an elastic IP address (EIP) with the ECS instance after the instance is created. For more information, see Associate an EIP with an ECS instance.
If you do not assign a public IP address to or associate an EIP with the ECS instance, you cannot access the instance over SSH or Remote Desktop Protocol (RDP) or test the web service that is deployed on the instance over the Internet.
After you select Assign Public IPv4 Address, set Bandwidth Billing Method to specify a billing method for network usage. In this example, the Bandwidth Billing Method parameter is set to Pay-by-traffic (CDT). In the pay-by-traffic billing method, you are charged based on the amount of data transferred over the Internet. For more information, see Public bandwidth.
6. Create a security group
Create a security group for the ECS instance. A security group serves as a virtual firewall that can control inbound and outbound traffic for ECS instances. When you create a security group, open the following ports to allow access to the ECS instance:
Open IPv4 Ports/Protocols: select SSH (TCP:22), RDP (TCP:3389), HTTP (TCP:80), and HTTPS (TCP:443).
In the Open IPv4 Ports/Protocols section, select the ports that must be open for the applications that will run on the ECS instance.
By default, a rule that references 0.0.0.0/0 as a source address is created in the new security group. 0.0.0.0/0 represents all IP addresses. The rule allows access to the ECS instance from all IP addresses on the specified ports. After you create the instance, we recommend that you modify the rule to allow access to the instance from only specific IP addresses. For more information, see Modify a security group rule.
7. Create a key pair
You can bind key pairs to ECS instances and use the key pairs as security credentials to authenticate your identity when you log on to the instances. After you create a key pair, download the private key of the key pair in order to subsequently connect to an ECS instance. After you create a key pair, go back to the Custom Launch tab of the instance buy page, refresh the Key Pair drop-down list, and select the key pair that you created.
root
is the highest-privileged account in the operating system. If you selectroot
as the logon username, this can create security risks. We recommend that you selectecs-user
as the logon username.
When the key pair is created, the private key of the key pair is automatically downloaded. Pay attention to the download records of your browser and save the private key file that is in the .pem
format.
8. Create and view an ECS instance
After you create or select the required basic resources, read and select ECS Terms of Service, Product Terms of Service, and CDT Terms of Service (which is available if you set Bandwidth Billing Method to Pay-by-traffic (CDT). Then, click Create Order. In the Success message, click Console to view the created ECS instance on the Instance page. Make note of the following data for later use:
Instance ID: You can search for the ECS instance by instance ID.
Region: You can search for the ECS instance in the region.
Public IP address: You can use the public IP address of the ECS instance to check whether a web service is deployed on the instance.
Connect to the ECS instance
After you create an ECS instance, you can use a connection tool to log on to the instance. Before you can use the instance, you must log on to the instance.
On the Instance page in the ECS console, find the ECS instance that you created based on the region and instance ID. In the Actions column, click Connect.
In the Remote connection dialog box, click Sign in now in the Workbench section.
In the Instance Login dialog box, set Authentication to SSH Key Authentication, set Username to
ecs-user
, enter or upload the private key file that you downloaded when you created the key pair, and then click OK.NoteThe private key file was automatically downloaded to your on-premises computer when you created the key pair. Check the download records of your browser to find the private key file in the
.pem
format.The page shown in the following figure indicates that you are logged on to the ECS instance.
Use the ECS instance
After you are logged on to the ECS instance, you can use the ECS instance based on your business requirements. This section describes how to deploy Apache on the ECS instance and use a browser to access Apache on the instance.
Install Apache.
Run the following command on the ECS instance to install Apache:
sudo yum install -y httpd
If Apache is installed,
Complete!
appears in the command output, as shown in the following figure.
Start Apache. Run the following command on the ECS instance to start Apache. The command does not return an output.
sudo systemctl start httpd
Check whether Apache is started.
Run the following command on the ECS instance:
systemctl status httpd
If Apache is running,
active (running)
appears in the command output, as shown in the following figure.
Verify the result. In the address bar of a browser on your on-premises computer, enter
http://<Public IP address of the ECS instance>
and press the Enter key to access Apache on the ECS instance. The page shown in the following figure indicates that Apache is deployed on the ECS instance.NoteReplace <Public IP address of the ECS instance> with the public IP address that you recorded in the 8. Create and view an ECS instance section. If you cannot find the public IP address of the ECS instance in your records, go to the Instance page in the ECS console, find the instance based on its region and instance ID, and then view the public IP address of the instance. If you did not assign a public IPv4 address to the instance during instance creation, you can associate an EIP with the instance. For more information, see Associate or disassociate an EIP.
Release the ECS instance
If you no longer require the ECS instance that you created, you can release the instance. After the ECS instance is released, billing for the instance stops, and data of the instance is lost and cannot be restored. Perform the following operations:
Go to the Instance page in the ECS console, find the ECS instance based on its region and instance ID, and then click the icon in the Actions column.
Choose Instance Status > Release.
In the Release dialog box, set Release Mode to Release Now and click Next.
Confirm the associated resources that you want to release, read the notes about the data risks, select "I am aware of the instances and their associated resources to be released and understand the data risks", and then click OK.
When the ECS instance is released, the system disk of the instance is released. If a public IP address was assigned to the instance, the IP address is also released.
When the ECS instance is released, the associated security group, vSwitch, and VPC are not released. You are not charged for the security group, vSwitch, or VPC. You can retain or release them based on your business requirements.
If an EIP is associated with the ECS instance, the EIP is retained when the instance is released. You are charged for the EIP. You can retain or release the EIP based on your business requirements. For information about the billing for EIPs, see Billing overview.
View the billing details of the ECS instance
You can view the billing details of the ECS instance for a certain period of time. Billing details are updated with a one-day delay. Perform the following operations:
Go to the Expenses and Costs console, choose in the left-side navigation pane, and then click the Billing Details tab.
Specify the ID of the ECS instance as a filter condition and click Search to view the billing details of the ECS instance.
References
You can refer to the following topics to learn more about ECS.
For information about how to programmatically integrate ECS, see Integration overview.
This topic describes only how to deploy a web service on an ECS instance and does not go into the procedure of building a website. For information about how to build a website on an ECS instance, see Quick start.